Using a graphics editor, it is possible to take measurements in pixels of the package, the die, and the die positioning. This came out to be the following:
使用图形编辑器,可以测量封装、芯片和芯片定位的像素。结果如下:
· Package size 1835×1835 pixels (measured) = 20×20 mm (known from the datasheet)
· 封装尺寸1835×1835像素(实测)= 20×20 mm(从图中可知)
· Pixels per mm: 91.75
· 像素每毫米:91.75
· Die size 366×366 pixels (measured) = 4x4mm (computed)
· 芯片尺寸366×366像素(测量)= 4x4mm(计算)
· Die offset from bottom left: 745×745 pixels (measured) = 8.12×8.12mm (computed)
· 芯片从左下偏移:745×745像素(测量)= 8.12×8.12mm(计算)
The obtained numbers are immediately useful to program the EM probe motion restricted to the die area only. To find out how much experiment time this could save, let’s compute the areas: 4×4 = 16 mm2 for the die itself, and 20×20 = 400 mm2 for the whole package. This is 25 times decrease in the area and thus the experiment time.
所获得的数字是立即有用的编程EM探头运动仅限于芯片区域。为了找出这可以保存多少实验时间,让我们计算面积:4 × 4 = 16 mm2的芯片本身,20 × 20 = 400 mm2的整个封装。这是在面积上减少25倍,从而减少实验时间。
Another approach that could avoid the decapping process is moving the probe in a spiral fashion, starting from the package center and moving outwards. This is of course possible to implement. However, the challenge here is the possibility of the two dice getting packaged side-to-side instead of being stacked like in this example – this would severely decrease the gain from this approach. Given the decapping only takes no more than 1-2 hours including cleanup, this was deemed well worth the information gained – and the die pictures obtained.
另一种可以避免开盖过程的方法是以螺旋方式移动探头,从封装中心开始向外移动。这当然是可以实现的。然而,这里的挑战是两个裸片被并排封装而不是像本示例中那样堆叠的可能性-这将严重降低这种方法的增益。考虑到开盖只需要不超过1-2个小时,包括清理,这被认为是非常值得获得的信息-和模具图片获得。
Conclusion 结论
I hope you enjoyed this brief tutorial. Again, please take caution when using sulfuric acid or any other corrosive agents. Please dispose of waste materials responsibly. The world of hardware hacking offers many opportunities for discovery. We’ll continue to post guides and methodologies in future posts. Until then, you can follow the team on Twitter, Mastodon, LinkedIn, or Instagram for the latest in exploit techniques and security patches.
我希望你喜欢这个简短的教程。同样,使用硫酸或任何其他腐蚀剂时请小心。请以负责任的方式处理废弃物。硬件黑客的世界提供了许多发现的机会。我们将在以后的文章中继续发布指南和方法。在此之前,您可以在Twitter,Mastodon,LinkedIn或Instagram上关注该团队,以获取最新的漏洞利用技术和安全补丁。
