The embodiments herein are directed to technologies for backside security meshes of semiconductor packages. One package includes a substrate having a first interconnect terminal of a first type and a second interconnect terminal of a second type. The package also includes a first security mesh structure disposed on a first side of an integrated circuit die and a conductive path coupled between the first interconnect terminal and the second interconnect terminal. The first security mesh structure is coupled to the first interconnect terminal and the second interconnect terminal being coupled to a terminal on a second side of the integrated circuit die.

A circuit board is protected by being enclosed in a security housing that includes conductive tamper traces running along its interior surface, the conductive tamper traces being a housing portion of a tamper detection circuit. The tamper detection circuit also includes a board portion that detect tampering with the tamper detection circuit by monitoring voltages at monitor nodes along the board portion. The board portion of the tamper detection circuit is connected to the tamper traces via multiple connector pieces. The connector pieces can be held in place by board connector piece holders affixed to the board or housing connector piece holders of the housing. When tampering is detected, it can be localized based on voltages measured at multiple recesses along the housing. The tamper detection circuit can be arranged in a wheatstone bridge layout for environmental tolerance. The circuit board's functions/components can be disabled if tampering is detected.

A circuit board is protected by being enclosed in a security housing that includes conductive tamper traces running along its interior surface, the conductive tamper traces being a housing portion of a tamper detection circuit. The tamper detection circuit also includes a board portion that detect tampering with the tamper detection circuit by monitoring voltages at monitor nodes along the board portion. The board portion of the tamper detection circuit is connected to the tamper traces via multiple connector pieces. The connector pieces can be held in place by board connector piece holders affixed to the board or housing connector piece holders of the housing. When tampering is detected, it can be localized based on voltages measured at multiple recesses along the housing. The tamper detection circuit can be arranged in a wheatstone bridge layout for environmental tolerance. The circuit board's functions/components can be disabled if tampering is detected.

An extended hardware security module (“HSM”) possessing additional security properties relative to conventional HSMs and methods for initializing, deploying, and managing such extended HSMs in a networked environment. In the preferred embodiment, an extended HSM includes additional hardware and software components that configure it to run sensitive client tasks on demand inside a cloud-hosted, anti-tamper HSM housing so as to ensure sensitive data is encrypted when stored or processed outside the housing. Methods for initializing, deploying, and managing provide a framework through which extended HSMs may be secured from their initial assembly through their availing for use and actual use over a network by one or more clients. Such use often entails repeated discrete sequential secure sessions and concurrent discrete secure sessions.

An extended hardware security module (“HSM”) possessing additional security properties relative to conventional HSMs and methods for initializing, deploying, and managing such extended HSMs in a networked environment. In the preferred embodiment, an extended HSM includes additional hardware and software components that configure it to run sensitive client tasks on demand inside a cloud-hosted, anti-tamper HSM housing so as to ensure sensitive data is encrypted when stored or processed outside the housing. Methods for initializing, deploying, and managing provide a framework through which extended HSMs may be secured from their initial assembly through their availing for use and actual use over a network by one or more clients. Such use often entails repeated discrete sequential secure sessions and concurrent discrete secure sessions.

Techniques described herein generally relate to protecting information stored in a mobile communication device. In one embodiment, a mobile communication device may include a data security module, a control circuitry, a first memory unit configured to store a first information, a first battery unit configured to supply power to the mobile communication device, and a second battery unit configured to supply power to the data security module and the control circuitry in response to a trigger event. The data security module is further configured to activate the control circuitry to perform a particular action on the first information, such as at least a partial erasure of the first information.

Techniques described herein generally relate to protecting information stored in a mobile communication device. In one embodiment, a mobile communication device may include a data security module, a control circuitry, a first memory unit configured to store a first information, a first battery unit configured to supply power to the mobile communication device, and a second battery unit configured to supply power to the data security module and the control circuitry in response to a trigger event. The data security module is further configured to activate the control circuitry to perform a particular action on the first information, such as at least a partial erasure of the first information.

A system of smart edge sensors, wherein security and encryption is pushed to the edge of the network. In one example, an electronic device includes several sensors. The device is operated by a microprocessor. A plurality of smart edge devices are each interposed between a respective sensor and the microprocessor and intercepts communication between the sensor and the microprocessor. The smart edge device encrypt any data output by the sensor, and decrypt any data received from the microprocessor. A JTAG access is connected to a co-processor where executes a JTAG dongle to authenticate the sensor and an interface with the sensor.

A system of smart edge sensors, wherein security and encryption is pushed to the edge of the network. In one example, an electronic device includes several sensors. The device is operated by a microprocessor. A plurality of smart edge devices are each interposed between a respective sensor and the microprocessor and intercepts communication between the sensor and the microprocessor. The smart edge device encrypt any data output by the sensor, and decrypt any data received from the microprocessor. A JTAG access is connected to a co-processor where executes a JTAG dongle to authenticate the sensor and an interface with the sensor.

A physically unclonable function circuit (PUF) is used to generate a fingerprint value based on the uniqueness of the physical characteristics (e.g., resistance, capacitance, connectivity, etc.) of a tamper prevention (i.e., shielding) structure that includes through-silicon vias and metallization on the backside of the integrated circuit. The physical characteristics depend on random physical factors introduced during manufacturing. This causes the chip-to-chip variations in these physical characteristics to be unpredictable and uncontrollable which makes more difficult to duplicate, clone, or modify the structure without changing the fingerprint value. By including the through-silicon vias and metallization on the backside of the integrated circuit as part of the PUF, the backside of the chip can be protected from modifications that can be used to help learn the secure cryptographic keys and/or circumvent the secure cryptographic (or other) circuitry.