|
by gabriele campi, development engineer
packaging & technology development department
celestica italia s.r.l.
via lecco, 61 20059 vimercate italy
phone: +39.039.639.5490
fax: +39.039.639.5015
e-mail: [email protected]
abstract
in recent years there have been an increasing need to secure information transmitted on the internet. in order to meet this requirement in an absolutely secure way, the major oems have designed devices that complies with these requirements. such device embeds very high-level type of technology that make their design, build and development a real big challenge.
our laboratory (of celestica italy, in vimercate) has acquired a great deal of experience in this field and we have realised different versions of this type of products: flotherm has been used to study those structures and to solve the problem of heat generation that is the other big challenge of these packages due to their particular configuration.
the importance of cryptography
emerging computer and communications technologies are radically altering the ways in which we communicate and exchange information. along with the speed, efficiency, and cost-saving benefits of the "digital revolution" come new challenges to the security and privacy of communications and information traversing the global communications infrastructure.
in response to these challenges, the security mechanisms of traditional paper-based communications media -- envelopes and locked filing cabinets -- are being replaced by cryptographic security techniques. through the use of cryptography, communication and information stored and transmitted by computers can be protected against interception to a very high degree. until recently, there was little non-governmental demand for encryption capabilities. modern encryption technology -- a mathematical process involving the use of formulas (or algorithms) -- was traditionally deployed most widely to protect the confidentiality of military and diplomatic communications.
with the advent of the computer revolution, and recent innovations in the science of encryption, a new market for cryptographic products has developed. electronic communications are now widely used in the civilian sector and have become an integral component of the global economy. computers store and exchange an ever-increasing amount of highly personal information, including medical and financial data.
in this electronic environment, the need for privacy-enhancing technologies is apparent. communications applications such as electronic mail and electronic fund transfers require secure means of encryption and authentication -- features that can only be provided if cryptographic know-how is widely available and unencumbered by government regulation.
governmental regulation of cryptographic security techniques endangers personal privacy. encryption ensures the confidentiality of personal records, such as medical information, personal financial data, and electronic mail. in a networked environment, such information is increasingly at risk of theft or misuse.
in their "resolution in support of the freedom to use cryptography," members of the global internet liberty campaign (gilc) noted that "the use of cryptography implicates human rights and matters of personal liberty that affect individuals around the world" and that "the privacy of communication is explicitly protected by article 12 of the universal declaration of human rights, article 17 of the international covenant on civil and political rights, and national law."
(source: http://www.gilc.org)
what is a secure coprocessor device?
a secure coprocessor is a general-purpose computing environment that withstands physical attacks and logical attacks. the device must run the programs that it is supposed to, unmolested. the user must be able to (remotely) distinguish between the real device and application, and a clever impersonator.
the coprocessor must remain secure even if adversaries carry out destructive analysis of one or more devices. many servers operate in distributed environments where it is difficult or impossible to provide complete physical security for sensitive processing. and, in some applications, the motivated adversary is the end user. you need a device that you can trust even though you cannot control its environment.
cryptography is an essential tool in secure processing. when an application must communicate with other distributed elements, or assert or ascertain the validity of data it is processing, you will find cryptography an essential tool.
the ibm 4758 pci cryptographic coprocessor
the ibm 4758-001 pci cryptographic coprocessor (nicknamed crypto card) adds a high-security environment to the windows nt, s/390, os/2, aix and os/400 server systems for des, rsa and dsa cryptographic functions and sensitive custom applications. the pci board incorporates specialized electronics to off-load servers from time-consuming cryptographic functions. certification under fips pub 140-1 at levels 3 and 4 assures a high-integrity processing environment.
fips pub 140-1 is the benchmark standard for evaluating the security and proper algorithmic implementation of a commercial cryptographic product. the ibm 4758 model 001 and the integrated cryptographic feature on ibm system/390 processors are distinguished as the only products certified at level 4. these independent certifications provide assurance of the security, integrity, and correctness of the cryptographic algorithms inherent in the coprocessor designs.
fips 140 is unique with its emphasis on clear testing criteria for design validation and its focus, at levels 3 and 4, on hardware implementations. under the supervision of the usa and canadian governments, independent laboratories conduct thorough analyses of the product design and actual tests of products. the test report is discussed with the governmental bodies and, when found acceptable, a certificate is issued. issued certifications are posted to the nist website.
(source: http://www-3.ibm.com/security/cryptocards/)
the coprocessor module incorporates physical penetration, power sequencing, temperature, and radiation sensors to detect physical attacks against the encapsulated subsystem. batteries provide backup power that is active from the time of factory certification until the end of the product's useful life. any detected tamper event results in loss of power, which immediately causes the zeroization of internal secrets and the destruction of the factory certification.
four coprocessor models are offered. the models certified under fips pub 140-1 level 4 use a mesh around the electronics to detect the most sophisticated physical penetration attempts. the other models certified at level 3 use a simpler penetration-detection design. both designs zeroize all critical secret data when tamper is detected. otherwise, both new and both old models are the same in all functional respects.
(source: http://www-3.ibm.com/security/cryptocards/)
fig. 1: the 4758 pci cryptographic coprocessor
the thermal simulations
the crypto card has been conceived for guaranteeing, with different models, the level of security prescribed by the two standards fips level 3 and level 4. in order to satisfy this needs, the board had to be protected both from mechanical and electronic intrusion.
for the peculiar box in the box concept of the crypto, first experiments demonstrated the excessively high temperature reached over the case of some devices. it was necessary to find out a way to dissipate the generated heat in order to lower the temperature. the aim was to guarantee an acceptable junction-temperature for any device.
a thermal study was organised both with experiments and with numerical simulations performed using "flotherm" by flomerics limited, software based on the finite volume analysis.
in this article, the work done on two different models of the ibm 4758 pci cryptographic coprocessor and a preliminary study made for an other important customer are described. the two models of the ibm 4758 pci cryptographic coprocessor are the model 023, which does not present the tamper detection mesh and the potting resin, and the 002 version, which satisfies the highest level of security.
model 023: setting of the simulation
it has been explained that model 023 does not present the potting resin and the tamper detection mesh, but just two metal covers. from the thermal point of view, the principal importance for this version of the crypto was the definition of the combination for materials, coatings and protections for the two layers of the enclosure. it was necessary to sort the best solution among the six ones which have been proposed as described in table 3.
in these paragraphs, thermal simulations made using flotherm are reported. first of all, the following conditions have been set for the simulation:
- ambient temperature: 42ºc
- ambient pressure: 1 atm
- air properties:
thermal conductivity (at 30ºc): 0,0261 w/m×k
viscosity (at 30ºc): 1,84e-5 n×s/m2
density (at 30ºc): 1,1614 kg/m3
- crypto card position: horizontal
- die 1:
package: pqfp
power: 3,96 w
die dimensions: 9 x 9 x 0,82 mm
- die 2:
package: pbga
power: 1,5 w
die dimensions: 8 x 8 x 0,82 mm
other powers: 1,693 w
air flow: no airflow
then, the model has been drawn also using some packages downloaded from flopack, the web site of flomerics. particularly, we used flopack for the two main dies, the crypto pcb and the pci pcb. in tables 1 and 2 dimensions and materials of the main components of this model are displayed.
| description |
length(mm) |
width(mm) |
height(mm) |
| die 1 package |
25.4 |
25.4 |
5.09 |
| die 2 package |
27 |
27 |
2.36 |
| pcb substrate |
93.4 |
102.2 |
1.6 |
| pci substrate |
99 |
175 |
1.6 |
| screws |
3 (diameter)
|
9.5 |
| heat spreader |
66.5 |
32 |
0.5 |
| overall dimensions(without the pci pcb) |
97 |
111.42 |
13.06 |
table 1: dimensions of the main components used in model 023
| description |
thermal conductivity(w/mk) |
| die 1 and die 2 |
temperature dependent |
| substrate of die 1 and die 2 |
17.5
|
| cap of die 1 |
168
|
| die attach of die 1 |
0.95
|
| bumps of die 1 |
15.7
|
| encapsulant of die 2 |
1
|
| die attach of die 2 |
0.3
|
| bumps of die 2 |
108.4
|
| copper 395 |
395
|
| tin |
66.6
|
| typical epoxy resin |
0.2
|
table 2: thermal conductivity of the main materials used in model 023.
fig. 2: the model 023 of the cryptographic coprocessor
(a 3d view of the model in the "visualization window" of flotherm)
fig. 3: the model 023 of the cryptographic coprocessor
(top view in the "drawing board window" of flotherm)
fig. 4: the 4758 pci cryptographic coprocessor in a wireframe view (model 023)
for this model, a grid array of 111 x 84 x 37 in the x, y and z directions (344988 cells) was used.
table 3 displays the six different cases that were considered. the alternative was related to the kind of metal, coating and protection that were proposed both for the inner and the external cover of the enclosure. these simulations were run with the previous release of flotherm (version 2.2), but also the new 3.1 version has been tested with this project. specifically, the new available feature "command centre" has revealed all its potentiality in this parametric study.
table 3 summarizes all the combinations studied, whereas table 4 gives the final results.
model 023: results
simulations reached the convergence, without any problems, in some hundreds of iterations. results obtained from runs performed for the model 023 of the 4758 pci cryptographic coprocessor are summarized in table 4 (see table 3 for the description of runs). from that table it is clear that the combination of materials used in run 1 is the solution that provides the lowest temperature in all the monitored points.
the best results have been obtained with run 1. it presented the following materials: an external cover made of copper, a coating of tin and a protection of a typical epoxy resin. the inner cover made of copper had just the protection made of the same epoxy resin.
|
run
|
outer cover
|
inner cover
|
|
materials
|
thickness (mm)
|
materials
|
thickness (mm)
|
|
1
|
cover: cu
|
0.5
|
cover: cu
|
0.5
|
|
coating: sn
|
0.01
|
coating: ----
|
-----
|
|
protection: epoxy resin
|
0.008
|
protection: epoxy resin
|
0.008
|
|
2
|
cover: cu
|
0.5
|
cover: stainless steel
|
0.5
|
|
coating: sn
|
0.01
|
coating: ----
|
----
|
|
protection: epoxy resin
|
0.008
|
protection: -
|
-----
|
|
3
|
cover: steel c10
|
0.5
|
cover: stainless steel
|
0.5
|
|
coating: sn
|
0.01
|
coating: ----
|
------
|
|
protection: epoxy resin
|
0.008
|
protection: -
|
------
|
|
4
|
cover: steel c10
|
0.5
|
cover: cu
|
0.5
|
|
coating: sn
|
0.01
|
coating: ----
|
-----
|
|
protection: epoxy resin
|
0.008
|
protection: epoxy resin
|
0.008
|
|
5
|
cover: cu
|
0.5
|
cover: steel c10
|
0.5
|
|
coating: sn
|
0.01
|
coating: sn
|
0.01
|
|
protection: epoxy resin
|
0.008
|
protection: epoxy resin
|
0.008
|
|
6
|
cover: steel c10
|
0.5
|
cover: steel c10
|
0.5
|
|
coating: sn
|
0.01
|
coating: sn
|
0.01
|
|
protection: epoxy resin
|
0.008
|
protection: epoxy resin
|
0.008
|
table 3: combination of different materials used for each run in the
thermal simulation of model 023.
|
run
|
die 1
|
die 2
|
tmax inner cover (?c)
|
tmax outer cover (?c)
|
|
.
|
tj max (?c)
|
tcase (?c)
|
tj max (?c)
|
tcase (?c)
|
|
1
|
73.8
|
70.5
|
74.2
|
72.1
|
68.5
|
66.7
|
|
2
|
78.3
|
75.2
|
77.3
|
75
|
75
|
69.6
|
|
3
|
86
|
82.4
|
79.5
|
76.9
|
81.9
|
79.9
|
|
4
|
77
|
74.2
|
75.5
|
73.4
|
70.8
|
72.2
|
|
5
|
75.5
|
72.3
|
77.5
|
75.8
|
71.4
|
67.3
|
|
6
|
80.6
|
77.5
|
79
|
77.3
|
76
|
75.3
|
table 4: final results for model 023.
simulations made with flotherm were executed in parallel with experiments in order to be able to fix the model and to compare final temperatures. in table 5 there is an example of the really good relation between the two different approaches. those values have been obtained with an ambient temperature of 23°c.
fig. 5: an image of final results from a run of model 002.
| position of thermocouples and monitor points |
temperatures from experiments (°c) |
temperatures with flotherm (°c) |
| die 1: top of package |
62.2
|
61
|
| die 1: pcb bottom side |
56.1
|
58
|
| die 2: top of package |
57
|
59
|
| die 2: pcb bottom side |
54.7
|
58
|
table 5: comparison of results from experiments and flotherm at tamb. = 23°c
model 002: setting of the simulation
in order to create a model that accomplished the maximum level of security (fips level 4), the previous cryptographic coprocessors was reviewed. the new model, named 002, differed from model 023 both in the encapsulation concept and in some hardware particulars. in this article, the hardware changes are not faced.
the encapsulation has been reinforced because this model presented both the tamper detection mesh and the potting resin. this fact caused a series of thermal problems that have been solved after having found good thermally conductive gap fillers. furthermore, in order to get lower the maximum junction temperature of die 1, a no cap version of this device has been used. a thermal pad has been put between the chip and the inner cover.
the next figure presents a view of the mesh of the model 002:
fig. 6: mesh of the 4758 pci cryptographic coprocessor (model 002).
in table 7 there is the description of the main dimensions of the model; there are some differences respect to the model 023 because of the presence of the potting resin and the tamper detection mesh that wrapped the inner cover.
| run |
external cover |
|
inner cover |
|
| materials |
thickness (mm) |
materials |
thickness(mm) |
| 1 |
cover: cu |
0.5 |
cover: cu |
0.5 |
| coating: sn |
0.01 |
coating: ---- |
----- |
| protection: epoxy resin |
0.008 |
protection: epoxy resin |
0.008 |
table 6: main materials properties of model 002.
fig. 7: layout of the model 002.
| description |
length(mm) |
width(mm) |
height(mm) |
| die 1 package |
25.4
|
25.4
|
4.04
|
| die 2 package |
27
|
27
|
2.36
|
| pcb substrate |
90.8
|
99.7
|
1.6
|
| pci substrate |
99
|
175
|
1.6
|
| tamper detection mesh(max thickness) |
0.98
|
| tamper detection mesh(min thickness) |
0.23
|
| potting resin(max thickness) |
3.12
|
| potting resin(min thickness) |
0.4
|
| overall dimensions(without the pci pcb) |
97
|
111.42
|
13.06
|
table 7: main dimensions of model 002.
the initial conditions set for this model are the same of those ones set for model 023 (see page 3). in table 8 there are the thermal conductivity coefficients of the main materials used.
table 6 indicates the choice that has been done for materials, coating and protection of this model.
| description |
thermal conductivity(w/mk) |
| die 1 and die 2 |
temperature dependent |
| substrate of die 1 and die 2 |
17.5
|
| die attach of die 1 |
0.95
|
| bumps of die 1 |
15.7
|
| die 2 encapsulant |
1
|
| die attach of die |
0.3
|
| bumps of die 2 |
108.4
|
| copper |
395
|
| tin |
66.6
|
| typical epoxy resin |
0.2
|
| tamper detection mesh |
0.18
|
| potting resin |
0.22
|
| gap filler |
0.9
|
table 8: main materials properties of model 002.
fig. 8: the model 002 of the cryptographic coprocessor
(x side view in the "drawing board window" of flotherm)
at the end of the setting, a grid array of 126 x 102 x 44 in the x, y and z directions (565488 cells) was employed.
fig. 9: the model 002 of the cryptographic coprocessor (3d view in flovisual)
model 002: results
first runs gave some problem of convergence that has been partially solved by using a subdomain inside the inner cover. this subdomain has been set with the same pressure of the external ambient and with a temperature equal to 68°c.
the following table displays the final results obtained for model 002:
|
run
|
die 1
|
die 2
|
tmax inner cover (°c)
|
tmax extern. cover (°c)
|
|
.
|
tj max (°c)
|
tgrease (°c)
|
tj max (°c)
|
tcase (°c)
|
|
1
|
83.1
|
70.5
|
76.8
|
74.6
|
72.8
|
67
|
table 9: final results for model 002.
in figure 10 a thermography has been displayed. this is just an example of the different experiments that have been executed to compare experimental with numerical results. at the beginning, these comparisons were useful for setting the thermal simulation; then they have confirmed results obtained using flotherm as already said for the previous model.
fig. 10: thermography of the 4758 pci cryptographic coprocessor.
(in this image there is a model not described in this article)
preliminary study of a new cryptographic coprocessor device
due to our well-known experience in cryptography applications in the ems industry, we had been requested of performing several preliminary studies concerning new cryptographic cards over this last year. each time, thermal aspects were very interesting and challenging because of the peculiarity of cryptographic cards, i.e. high power sources embedded in closed boxes. this gives a particular importance to the contribution that thermal simulations provide in the very beginning phase of a thermal evaluation.
what is presented in this article is the thermal analysis performed, during the preliminary study of a new cryptographic card, for a customer interested in cryptographic applications. we were asked for a card that should have to satisfy the fips pub 140-1. based on previous experiences, we realised a two metal boxes card with the potting resin and the tamper detection mesh.
in order to forecast the thermal behavior of the card, a thermal simulation was set and realised by means of flotherm 3.1.
in the next page follow the setting data regarding this project:
- ambient temperature: 42°c
- ambient pressure: 1 atm
- air properties:
thermal conductivity
(at 30°c): 0,0261 w/m×k
viscosity (at 30°c): 1,84e-5 n×s/m2
density (at 30°c): 1,1614 kg/m3
- crypto card position: horizontal
- die 1:
package: wirebonded tbga
power: 5.0 w
die dimensions: 11 x 11.3 x 0.70 mm
- die 2:
package: wirebonded tbga
power: 4.0 w
die dimensions: 18 x 18 x 0.30 mm
- die 3:
package: wirebonded tbga
power: 5.0 w
die dimensions: 15.14 x 13.3 x 0.30 mm
- other power sources: 7.03 w
- air flow: no airflow
- total power source: 21.03 w
- overall dimensions: 320 x 113.4 x 139.2 mm
thermal model has been prepared with the help of some packages downloaded from the flopack web site (all the three dies and the pcb). in tables 10 and 11 dimensions and materials of the main components of this model are displayed.
in order to make these simulations nearer the reality, some cylinders of copper have been drawn through the substrate under the main devices. in this way, we tried to simulate the presence of thermal vias. but this experiment didn't give an appreciable difference in final temperatures if compared to the simulation without them. the reason is probably that a big number of thermal vias would be necessary in order to create a significant path of heat. this fact makes it not opportune because it would mean to have an excessively high number of cells.
at the end of the setting, a grid array of 147 x 138 x 71 in the x, y and z directions (1440306 cells) has been obtained.
fig. 11: z side view of the cryptographic coprocessor device described in this article.
fig. 12: y side view of the cryptographic coprocessor device described in this article.
| description |
length(mm) |
width(mm) |
height(mm) |
| die 1 package |
40
|
40
|
13.36
|
| die 2 package |
40
|
40
|
12.36
|
| die 3 package |
42.5
|
42.5
|
12.36
|
| pcb substrate |
312
|
106.68
|
11.02
|
| tamper detection mesh(max thickness) |
1
|
| tamper detection mesh(min thickness) |
0.23
|
| potting resin(max thickness) |
2
|
| potting resin(min thickness) |
1
|
| overall dimensions(without the pci pcb) |
320
|
113.4
|
139.2
|
table 10: main dimensions.
| description |
thermal conductivity(w/mk) |
| die 1, die 2, die 3 |
temperature dependent |
| encapsulant of die 1, die 2, die 3 |
0.68
|
| die attach of die 1, die 2, die 3 |
2
|
| bumps of die 1 |
13.14
|
| bumps of die 1 |
12.85
|
| stiffener of die 1, die 2, die 3 |
260
|
| thermal pad of die 1, die 2, die 3 |
1.6
|
| internal box |
26
|
| external box |
168
|
| tamper detection mesh |
0.18
|
| typical epoxy resin |
0.22
|
table 11: thermal conductivity of the main materials.
fig. 13: drawn of a wirebonding tbga in the web site of flopack.
final results have been obtained without big difficulties.
|
die 1 tj max (°c)
|
die 2 tj max (°c)
|
die 3 tj max (°c)
|
tmax inner cover (°c)
|
tmax outer cover (°c)
|
|
71.4
|
64.5
|
71.6
|
65.4
|
58.5
|
table 12: final results.
also for this model, the comparison between results obtained by means of flotherm and in the experimentations has been satisfactory.
fig. 14: plane of temperatures over the cryptographic coprocessor device.
fig. 15: plane of temperatures over the cryptographic coprocessor device.
conclusions
this article speaks about the achievements of the italian laboratory of celestica in the thermal analysis of a challenging product: a cryptographic coprocessor device.
in particular, in this paper three different models have been described.
our laboratory is able to realise cryptographic coprocessor devices that accomplish the maximum level of security prescribed for transmitting and exchanging information: the fips level 4. due to this required level of protection (both from the mechanical and the electronic point of view), inside these embedded cards a high temperature is generally reached with obvious problems for the reliability of some devices.
for this reason, an accurate thermal analysis is necessary.
flotherm has been used with success: main problems (at the beginning some simulations didn't converge) have been solved by using a subdomain inside the embedded card.
the comparison between numerical and experimental results has validated the use of a cfd based software like flotherm for such a kind of study.
acknowledgements
the author would like to thank all the people who supported his work and those ones who gave him the possibility to grow his experience in thermal simulations.
references
1) flotherm version 2.0 introductory course, flomerics limited, hampton court, surrey, united kingdom, 1997.
2) flotherm version 2.0 introductory training course, flomerics limited, hampton court, surrey, united kingdom, 1998.
3) flotherm version 2.1 release notes, flomerics limited, hampton court, surrey, united kingdom, 1998.
4) flotherm version 3.1 release notes, flomerics limited, hampton court, surrey, united kingdom, 2000
5) modelling ic packages using flotherm & flopack, lecture notes, flomerics limited, hampton court, surrey, united kingdom, 1999.
6) modelling ic packages using flotherm & flopack, tutorials, flomerics limited, hampton court, surrey, united kingdom, 1999.
7) thermal measurements in electronics cooling, kaveh azar, crc press llc, boca raton, florida, 1997.
8) surface-mount plastic packages - an assessment of their thermal performance, mali mahalingam, member ieee, ieee ieee transactions on components, hybrids, and manufacturing technology, vol. 12, no. 4, 1989.
9) methodology for thermal evaluation of multichip modules, balwant s., bruce m. guenin, ronald j. molnar, ieee transactions on components, packaging and manufacturing technology, part a, vol. 18, no. 4, december 1995.
10) plastic package thermal performance, r. tiziani, v. motta, sgs - thomson microelectronics package development department.
11) thermal analysis of a chip on board, de moerloose, j. temmerman, proceedings of the 1997 ieee 13th annual semiconductor thermal measurement & management symposium, december 1997.
12) compact models for accurate thermal characterization of electronic parts, h. vinke, clemence j. m. lasance, associate member, ieee, transaction on components, packaging and manufacturing technology - part a, vol. 20, no. 4, december 1997.
13) la gestione dei problemi termici, david tatchell, "elettronica integrata", magazine, february 1997.
14) investigation of thermal enhancements on flip chip plastic bga packages using cfd tool, lee, tien-yu tom, proceedings of asme, heat transfer division, 1999.
about celestica
with over 31,000 employees worldwide, celestica operates 36 manufacturing and design facilities in the united states, canada, mexico, the united kingdom, ireland, italy, the czech republic, thailand, hong kong, china, malaysia and brazil. celestica provides a broad range of services including design, prototyping, assembly, testing, product assurance, supply chain management, worldwide distribution and after-sales service. its customers include industry leading original equipment manufacturers (oems), primarily in the computer and communications sectors.
for further information on celestica, visit its website at http://www.celestica.com.
|
Facebook
Twitter
Google+
Linkedin
Reddit
