The PUF Commitment: Evaluating the Stability of SRAM-CellsPascal Ahr; Christoph Lipps; Hans Dieter Schotten
In: 20th European Conference on Cyber Warfare and Security. European Conference on Cyber Warfare and Security (ECCWS-2021), June 24-25, Chester, United Kingdom, ACPI, 6/2021.
Static Random Access Memory (SRAM) based Physical Unclonable Functions (PUFs) are a dedicated sub-area of silicon PUFs in the research area of Physical Layer Security (PhySec). Due to their high Shannon Entropy, low energy consumption and availability they are particularly suitable for Industrial Internet of Things (IIoT) security applications. SRAMs are volatile memories, bistable systems which always adopt one of two values: zero or one. During the startup process - powering up the cells-, the cells take one of these states, the so called Startup- Value. This “hardware fingerprint” is depending due to physical features, fluctuations and deviation occurring during the manufacturing process of the semiconductors and the devices, and can thus be different at each restart. For a function in a mathematical meaning, and particularly for cryptographic applications, it is necessary that every element of the definition area is only mapped to one element of the codomain. For this purpose the startup-values of the SRAM have to be (mostly) stable for every restart. To verify the suitability, and appropriateness for cryptographic applications, the paper examines the stability of the startup-values; how often does the same but still individual bit-patterns occur and how many and which bits are flipping. To provide comparable results, 30 SRAMs are evaluated with 500 startup procedures each. For automated testing a Printed Circuit Board (PCB) is implemented, controlled by a Microcontroller Unit (MCU). In order to monitor the temperature and humidity –as external influencing factors of the startup behaviour- corresponding sensors are integrated as well. The evaluation provides a high resolution of the course of stability over the various measures, and thus enables a detailed analysis. As a part, the mapping of functions to data-points is done by using regression tools. Thereby it is not only possible to determine the stability in total, but the course over all restarts as well. The results of the work contribute to PUF research in general and prove the applicability of SRAM-PUFs in IIoT and other application areas, especially for resource constrained devices, by evaluating and proofing the stability of SRAM cells.