A side channel attack is a means of security attacks that tries to restore secret information by analyzing side-information such as electromagnetic wave, heat, electric energy and running time that are unintentionally emitted from a computer system. The side channel attack that focuses on the running time of a cryptosystem is specifically named a “timing attack”. Timing attacks are relatively easy to carry out, and particularly threatening for tiny systems that are used in smart cards and IoT devices because the system is so simple that the processing time would be clearly observed from the outside of the card/device. The threat of timing attacks is especially serious when an attacker actively controls the input to a target program. Countermeasures are studied to deter such active attacks, but the attacker still has the chance to learn something about the concealed information by passively watching the running time of the target program. The risk of passive timing attacks can be measured by the mutual information between the concealed information and the running time. However, the computation of the mutual information is hardly possible except for toy examples. This study focuses on three algorithms for RSA decryption, derives formulas of the mutual information under several assumptions and approximations, and calculates the mutual information numerically for practical security parameters.

We propose an open source cell library characterizer. Recently, free and open-sourced silicon design communities are attracted by hobby designers, academies and industries. These open-sourced silicon designs are supported by free and open sourced EDAs, however, in our knowledge, tool-chain lacks cell library characterizer to use original standard cells into digital circuit design. This paper proposes an open source cell library characterizer which can generate timing models and power models of standard cell library.

A static timing analysis (STA) tool for a 28nm atom-switch FPGA (AS-FPGA) is introduced to validate the signal delay of an application circuit before implementation. High accuracy of the STA tool is confirmed by implementing a practical application circuit on the 28nm AS-FPGA. Moreover, dramatic improvement of delay and power is demonstrated in comparison with a previous 40nm AS-FPGA.

This paper proposes individual computation processes of the partial demodulation reference signal (DM-RS) sequence in a synchronization signal (SS)/physical broadcast channel (PBCH) block to be used to detect the radio frame timing based on SS/PBCH block index detection for New Radio (NR) initial access. We present the radio frame timing detection probability using the proposed partial DM-RS sequence detection method that is applied subsequent to the physical-layer cell identity (PCID) detection in five tapped delay line (TDL) models in both non-line-of-sight (NLOS) and line-of-sight (LOS) environments. Computer simulation results show that by using the proposed method, the radio frame timing detection probabilities of almost 100% and higher than 90% are achieved for the LOS and NLOS channel models, respectively, at the average received signal-to-noise power ratio (SNR) of 0dB with the frequency stability of a local oscillator in a set of user equipment (UE) of 5ppm at the carrier frequency of 4GHz.

A method for detecting the timing of photodiode (PD) saturation without using an in-pixel time-to-digital converter (TDC) is proposed. Detecting PD saturation time is an approach to extend the dynamic range of a CMOS image sensor (CIS) without multiple exposures. In addition to accumulated charges in a PD, PD saturation time can be used as a signal related to light intensity. However, in previously reported CISs with detecting PD saturation time, an in-pixel TDC is used to detect and store PD saturation time. That makes the resolution of a CIS lower because an in-pixel TDC requires a large area. As for the proposed pixel circuit, PD saturation time is detected and stored as a voltage in a capacitor. The voltage is read and converted to a digital code by a column ADC after an exposure. As a result, an in-pixel TDC is not required. A signal-processing and calibration method for combining two signals, which are saturation time and accumulated charges, linearly are also proposed. Circuit simulations confirmed that the proposed method extends the dynamic range by 36 dB and its total dynamic range to 95 dB. Effectiveness of the calibration was also confirmed through circuit simulations.

Artificial intelligence (AI), especially deep learning (DL), has been remarkable and applied to various industries. However, adversarial examples (AE), which add small perturbations to input data of deep neural networks (DNNs) for misclassification, are attracting attention. In this paper, we propose a novel black-box attack to craft AE using only processing time which is side-channel information of DNNs, without using training data, model architecture and parameters, substitute models or output probability. While, several existing black-box attacks use output probability, our attack exploits a relationship between the number of activated nodes and the processing time of DNNs. The perturbations for AE are decided by the differential processing time according to input data in our attack. We show experimental results in which our attack's AE increase the number of activated nodes and cause misclassification to one of the incorrect labels effectively. In addition, the experimental results highlight that our attack can evade gradient masking countermeasures which mask output probability to prevent crafting AE against several black-box attacks.

This paper proposes a technique that increases the lifetime of large scale integration (LSI) devices. As semiconductor technology improves at miniaturizing transistors, aging effects due to bias temperature instability (BTI) seriously affects their lifetime. BTI increases the threshold voltage of transistors thereby also increasing the delay of an electronics device, resulting in failures due to timing violations. To compensate for aging-induced timing violations, we exploit configurable approximate computing. Assuming that target circuits have exact and approximate modes, they are configured for the approximate mode if an aging sensor predicts violations. Experiments using an example circuit revealed an increase in its lifetime to >10 years.

In order to obtain high-performance circuits in advanced technology nodes, design methodology has to take the existence of large delay variations into account. Clock scheduling and speculative execution have overheads to realize them, but have potential to improve the performance by averaging the imbalance of maximum delay among paths and by utilizing valid data available earlier than worst-case scenarios, respectively. In this paper, we propose a high-performance digital circuit design method with speculative executions with less overhead by utilizing clock scheduling with delay insertions effectively. The necessity of speculations that cause overheads is effectively reduced by clock scheduling with delay insertion. Experiments show that a generated circuit achieves 26% performance improvement with 1.3% area overhead compared to a circuit without clock scheduling and without speculative execution.

Network function virtualization (NFV) achieves the flexibility of network service provisioning by using virtualization technology. However, NFV is exposed to a serious security threat known as cross-VM cache timing attacks. In this letter, we look into real security impacts on network virtualization. Specifically, we present two kinds of practical cache timing attacks on virtualized firewalls and routers. We also propose some countermeasures to mitigate such attacks on virtualized network functions.

We have already proposed synchronized spread spectrum code division multiple access (SS-CDMA) for the Quasi-Zenith Satellite System (QZSS) safety confirmation system to be used in times of great disaster. In this system, the satellite reception timings of all uplink signals are synchronized using a transmission timing control method in order to realize high-density user multiple access. An issue that should be addressed in order for this system to be viable is the error that can occur in the satellite reception timing. This error occurs due to the terminal time deviation and the error in calculating the propagation delay to the satellite. In this paper, we measure the terminal time deviation and the propagation delay calculation error at the same time by using the same receivers and evaluate the satellite reception timing error of the uplink signal. By this measurement, it is shown that satellite reception timing error within 50ns can be realized in 99.98% of mobile terminals. This shows that the synchronized SS-CDMA with the transmission timing control method has a potential to realize the QZSS short message system with high-density user multiple access.

Adaptive voltage scaling is a promising approach to overcome manufacturing variability, dynamic environmental fluctuation, and aging. This paper focuses on error prediction based adaptive voltage scaling (EP-AVS) and proposes a mean time to failure (MTTF) aware design methodology for EP-AVS circuits. Main contributions of this work include (1) optimization of both voltage-scaled circuit and voltage control logic, and (2) quantitative evaluation of power saving for practically long MTTF. Experimental results show that the proposed EP-AVS design methodology achieves 38.0% power saving while satisfying given target MTTF.

Timing vernier (i.e., digital-to-time converter) is a key component of the pin-electronics circuit board installed in automated digital-VLSI test equipment, and it is used to create fine delays of less than one-cycle time of a clock signal. This paper presents a new on-the-fly (timing-) jitter suppression technique which makes it possible to use low-power plain-CMOS-logic-based timing verniers. Using a power-compensation line installed at the poststage of the digitally variable delay line, we make every pulse (used as a timing signal) consume a fixed amount of electric energy independent of the required delay amount. Since the power load of intrapowerlines is kept constantly, the jitter increase in the situation of changing the required delay amount on the fly is suppressed. On the basis of the concept, a 10-ns span, 125-MHz timing-vernier macro was designed and fabricated with a CMOS process for logic VLSIs. Every macro installed in a real-time timing-signal generator VLSI achieved the required timing resolution of 31.25ps with a linearity error within 15ps. The on-the-fly jitter was successfully suppressed to a random jitter level (<26ps p-p).

Network-listening-based synchronization is recently attracting attention as an effective timing synchronization method for indoor small-cell base stations as they cannot utilize GPS-based synchronization. It uses only the macro-cell downlink signal to establish synchronization with the overlaying macro cell. However, the loop-back signal from the small-cell base station itself interferes with the reception of the macro-cell downlink signal in the deployment of co-channel heterogeneous networks. In this paper, we investigate a synchronization method that avoids loop-back interference by muting small-cell data transmission and shifting small-cell transmission timing. Our proposal enables to reduce the processing burden of the network listening and mitigate the throughput degradation of the small cell caused by the data-transmission mutation. In addition to this, the network-listening system enables the network listening in dense small cell deployments where a large number of neighboring small cells exist. We clarify the performance of our proposal by computer simulations and laboratory experiments on actual equipment.

Timing and frequency offsets are caused by imperfect synchronization at the receiver. These errors degrade the performance of OFDM systems by introducing inter-carrier-interference (ICI) and inter-symbol-interference (ISI). In this paper, we derive signal-to-interference ratio (SIR) analytically with timing and frequency offsets for the case that the sampling rate of analog-to-digital converter (ADC) in OFDM receiver is an integer fraction of the signal bandwidth. We find the exact form of interference power as a function of the fractional sampling rate. Our derived analysis is confirmed by simulations and can be applied to see the exact performance of OFDM systems with fractional sampling rate.

In OFDM systems, link performance depends heavily on the estimation of symbol-timing and frequency offsets. Performance sensitivity to these estimates is a major drawback of OFDM systems. Timing errors destroy the orthogonality of OFDM signals and lead to inter-symbol interference (ISI) and inter-carrier interference (ICI). The interference due to timing errors can be exploited as a metric for symbol-timing synchronization. In this paper, we propose a novel method to extract interference components using a DFT of the upsampled OFDM signals. Mathematical analysis and formulation are given for the dependence of interference on timing errors. From a numerical analysis, the proposed interference estimation shows robustness against channel dispersion.

Software-based error detection techniques, which includes error detection mechanism (EDM) transformation, are used for error localization in post-silicon validation. This paper evaluates the performance of EDM for timing error localization with a noise-aware logic simulator and 65-nm test chips assuming the following two EDM usage scenarios; (1) localizing a timing error occurred in the original program, and (2) localizing as many potential timing errors as possible. Simulation results show that the EDM transformation customized for quick error detection cannot locate electrical timing errors in the original program in the first scenario, but it detects 86% of non-masked errors potential bugs in the second scenario, which mean the EDM performance of detecting electrical timing errors affecting execution results is high. Hardware measurement results show that the EDM detects 25% of original timing errors and 56% of non-masked errors. Here, these hardware measurement results are not consistent with the simulation results. To investigate the reason, we focus on the following two differences between hardware and simulation; (1) design of power distribution network, and (2) definition of timing error occurrence frequency. We update the simulation setup for filling the difference and re-execute the simulation. We confirm that the simulation and the chip measurement results are consistent.

The purpose of this study was to examine an efficient interval encoding method with a slow-frame-rate image sensor, and show that the encoding can work to capture heart rates from multiple persons. Visible light communication (VLC) with an image sensor is a powerful method for obtaining data from sensors distributed in the field with their positional information. However, the capturing speed of the camera is usually not fast enough to transfer interval information like the heart rate. To overcome this problem, we have developed an event timing (ET) encoding method. In ET encoding, sensor units detect the occurrence of heart beat event and send their timing through a sequence of flashing lights. The first flash signal provides the rough timing and subsequent signals give the precise timing. Our theoretical analysis shows that in most cases the ET encoding method performs better than simple encoding methods. Heart rate transfer from multiple persons was examined as an example of the method's capabilities. In the experimental setup, the developed system successfully monitored heart rates from several participants.

In this letter, a simple and robust synchronization algorithm for second generation terrestrial digital video broadcasting (DVB-T2) receivers is proposed. In the proposed detection scheme, the coarse symbol timing is estimated by decimating a correlation output to give a sharper peak timing detection metric. Such a design can improve the timing synchronization accuracy as well as enhance its robustness to frequency selective channels.

Timing fault detection techniques address the problems caused by increased variations on a chip, especially with dynamic voltage and frequency scaling (DVFS). The Razor flip-flop (FF) is a timing fault detection technique that employs double sampling by the main and shadow FFs. In order for the Razor FF to correctly detect a timing fault, not the main FF but the shadow FF must sample the correct value. The application of Razor FFs to static logic relaxes the timing constraints; however, the naive application of Razor FFs to dynamic precharged logic such as SRAM read circuits is not effective. This is because the SRAM precharge cannot start before the shadow FF samples the value; otherwise, the transition of the bitline of the SRAM stops and the value sampled by the shadow FF will be incorrect. Therefore, the detect period cannot overlap the precharge period. This paper proposes a novel application of Razor FFs to SRAM read circuits. Our proposal employs a conditional precharge according to the value of a bitline sampled by the main FF. This enables the detect period to overlap the precharge period, thereby relaxing the timing constraints. The additional circuit required by this method is simple and only needed around the sense amplifier, and there is no need for a clock delayed from the system clock. Consequently, the area overhead of the proposed circuit is negligible. This paper presents SPICE simulations of the proposed circuit. Our proposal reduces the minimum cycle time by 51.5% at a supply voltage of 1.1 V and the minimum voltage by 31.8% at cycle time of 412.5 ps.

In this letter, we propose an improved timing offset estimation scheme without making use of pilot symbols in the HomePlug Green PHY (HomePlug GP) standard. In contrast to the conventional decision-directed timing estimation scheme, the proposed scheme exploits the inherent repetition information of the HomePlug GP signals, thus not only removing the need for the estimated data or pilot symbols but also improving the timing estimation performance.