At Rambus, we create cutting-edge semiconductor and IP products, spanning memory and interfaces to security, smart sensors and lighting.

Products
- - Chips
  - Memory Interface Chips
    - DDR5 Chipset
    - DDR4 Chipset
  - CXL Memory Initiative
- - Silicon IP
  - Interface IP
  - PCI Express
  - CXL
  - MIPI
  - HBM
  - GDDR
  - LPDDR
  - DDR
  - VESA Video Compression
  - Forward Error Correction
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Solutions
- - By Market
  - AI & Machine Learning
  - Automotive
  - Data Center
  - Edge
  - Government
  - IoT
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Resources
- - Resource Library
  - Our library of informational videos, papers, presentations, and more
  - Webinars
  - Check out our library of upcoming and on-demand webinars
- - Inventions
  - Explore innovations that enable the superior performance of Rambus solutions
  - Certifications
  - Certified silicon IP solutions tailored to the specific needs of some of the world’s most demanding applications
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
Company
- - About
  - Corporate Overview
  - Leadership
  - Inventors
  - Careers
  - Locations
  - Investor Relations
- - News & Media
  - Newsroom
  - Blog
  - Events
- - - Explore our full catalog of products so you can find the right solution to fit your needs.
    - Product Selector
- English

Home > Security IP > Anti-Counterfeiting > Circuit Camouflage Technology

Security

Circuit Camouflage Technology

Rambus Circuit Camouflage Technology protects semiconductors against reverse engineering and cloning by competitors, state actors, and nefarious parties. Circuit Camouflage is an anti-reverse engineering and anti-cloning technology designed for commercial and government applications. It provides protection at the standard-cell level, using proprietary techniques that significantly decrease the accuracy of automated tools used in the reverse engineering process.

Contact

Product Brief

How Circuit Camouflage Works

Reverse engineering a circuit is done via the use of destructive ‘de-layering’ techniques. The reverse engineering party first de-lids the chip’s package and takes an image of the silicon chip. Then, specialty equipment carefully removes a very thin layer of the silicon. At this point, an image of the now exposed layer is taken. This process is repeated until the entire silicon chip has been de-layered and photographed. The resulting images are then digitized, aligned and combined. Automated tools then analyze the visual model to build a functional model of the chip, resulting in a full netlist and a hierarchical RTL of the design.

Rambus Circuit Camouflage Technology is designed to complicate this process through the integration of multiple “lookalike cells” into a chip’s design. These cells are either optically indistinguishable from the standard cells used throughout the design, or they may appear like nothing the reverse engineer has ever seen. Camouflaged cells can also be enabled to perform logic functions that are different than what would be expected by visual analysis. Together, these approaches introduce errors into the reverse-engineering process, resulting in an incorrect netlist recovered from the silicon.

The camouflage AND2 gate appears identical to the normal AND2 gate, but performs a different logic function.

Anti-Tampering Technologies

The design of chip anti-tamper protection needs to adapt and scale with rising threats. Adversaries range from high school hackers to well-funded state actors. Given the threats, it’s useful to think about anti-tamper countermeasures as a hierarchy of safeguards that parallel the type, effort and expense of attacks. Watch this webinar to learn the eleven kinds of tampering attacks and their required skills and resources, and countermeasures for each of these attacks.

Camouflage cells are typically custom-created for individual chip OEMs or specific chip designs, ensuring that an adversary’s knowledge gained from a prior design doesn’t inform reverse engineering of a new design. Circuit Camouflage uses foundry standard processes, standard tools and design methodologies, and doesn’t rely on coatings or shields. It provides a high return on investment for silicon manufacturers and chip makers desiring intellectual property protection while having products in environments with a high risk of attack.

SmartFill: Protecting Critical IP

Rambus SmartFill technology provides high tamper-resistance from unauthorized modifications to the design by eliminating the whitespace in the post place-and-route circuitry. This both complicates reverse-engineering, as well as denies attackers any space in which to insert a trojan circuit without destroying the underlying function of the chip.

Implementation in Devices

Protected by more than 50 US and international patents, Rambus has developed the know-how and proprietary trade secret techniques that uniquely position us to implement these designs. We offer training and licensing options, enabling your design team to implement Circuit Camouflage Technology in your devices. We also offer a range of courses in hardening silicon IP to reverse engineering, cloning, and tamper attacks.

Rambus Circuit Camouflage and SmartFill technologies protect design secrets from competitors and counterfeiters through combating state-of-the-art circuit extraction attack vectors. They significantly extend the security life of your product, and are applicable to any CMOS process and digital design (analog camouflage IP also available). In practice for over 20 years, our techniques easily apply to standard cell design flow with minimal impacts to area, performance, and power consumption.

The CryptoManager Root of Trust

Built around a custom RISC-V CPU, the Rambus CryptoManager Root of Trust (CMRT) is at the forefront of a new category of programmable hardware-based security cores. Siloed from the primary processor, it is designed to securely run sensitive code, processes and algorithms. More specifically, the CMRT provides the primary processor with a full suite of security services, such as secure boot and runtime integrity, remote attestation and broad crypto acceleration for symmetric and asymmetric algorithms.