5.1.1. Fabrication

To fabricate MTJ on top of top metal layer, first, we used chemical-mechanical planarization (CMP) to polish and planarize the passivation layer. Then we deposited the bottom electrode and MTJ stack at room temperature by magnetron sputtering with base pressure <2 × 10−<sup>8</sup> Torr. The film structure, as shown in Figure 5, is Ta/Ru multilayer (30)/CoFeB(2)/MgO(1.5)/CoFeB(2)/Ta(0.5)/CoFe(1)/Ru(0.85)/CoFe(2.5)/IrMn(8)/Ta(1.5) /RU(7) (in nm). After deposition, the film is post-annealed at 330 ◦C for 10 min with a 5000 Oe magnetic field applied along in the plane direction. The deposited film is processed into elliptical pillars by e-beam lithography and carefully controlled ion milling. The long and short axis of the pillars are 300 nm and 70 nm, respectively. We deposited a SiN layer on top of the nanopillars for passivation followed by low angle ion milling for planarization. The trench and via were defined by photolithography and etched by reactive ion etching (RIE). Finally, Ti(5)/Au(100) (in nm) was deposited for the top electrode. Figure 5 also shows the cross-section image of the MTJ device.

**Figure 5.** Cross-section TEM images of the MTJ pillar and the film structure.

#### 5.1.2. MTJ Measurement Results

The MTJ sensor is characterized by applying magnetic field along the axis of the pillar and measured the resistance change corresponding to the magnitude of magnetic field. Figure 6 shows the typical tunneling magnetoresistance (TMR) curves. The sensor is in the low-resistance state when the two CoFeB layers' magnetizations are aligned in the parallel state by a large magnetic field. While in the range of a small magnetic field, the magnetization of the sensing CoFeB layer with respect to the reference CoFeB changes gradually with the field intensity and eventually reaches a high-resistance state when they are in the antiparallel state.

**Figure 6.** Typical tunneling magnetoresistance (TMR) curves. This graph illustrates the H-fieldresistance curve for one MTJ sensor developed for this study. Two sweeps of the H-field are separate tests of the sensor. For the purposes of our modeling, we used the greater resistance response.

#### 5.1.3. Modeling for Cadence Simulation

The measured results discussed in Section 5.1.2 were utilized to find the relationship between the magnetic field and resistance for this particular MTJ resistor. Once the magnetic field-resistance relationship was characterized, then electromagnetism, in particular Ampere's law, could be used to find the current-resistance relationship of the sensor.

The numerical analysis indicated the relationship between the magnetic field and resistance was piecewise linear in two different regions of interest:

$$R = \begin{cases} \begin{array}{c} 0.849\*H(t) + 15979.24 \text{ [ $\Omega$ ]}, \ H \ge -425 \frac{A}{m} \\ 2.629\*H(t) + 16755.52 \text{ [ $\Omega$ ]}, \ H < -425 \frac{A}{m} \end{array} \end{cases} \tag{6}$$

In order to determine the magnitude of the magnetic field sensed at the sensor, a simplified electromagnetic analysis of the system was conducted. First, the current density was assumed to be equally distributed over the entire surface area of the interconnect. Next, the equation was determined for the magnetic field from an infinitely thin, finite width plate a distance h beneath the sensor. Next, based on the principle of superposition, the magnetic fields due to a number of plates that were an equal distance apart from each other within the depth of the interconnect, Hinterconnect in Figure 7, were computed. For each plate, it was assumed the current density was equal and a proportional current equal to the current magnitude divided by the number of plates. Thus, the H field could be determined mathematically, as shown in the following equations:

$$\int\_c \mathbf{B} \cdot d\mathbf{l} = \oint \mathbf{J} \cdot d\mathbf{S} \tag{7}$$

$$H = \frac{B}{\mu\_0} \tag{8}$$

$$\int\_{\mathcal{L}} H \cdot dl = I \tag{9}$$

Using polar coordinates we analyze the H-field from a single plate.

$$dH = \frac{1}{2 \ast \pi \ast r} \text{ } \hat{\theta}, \text{ } r = \text{sqrt} \left( y^2 + h^2 \right) \tag{10}$$

$$\theta = -\sin\theta \hat{y} + \cos\theta \hat{z} = -\frac{h}{r}\hat{y} + \frac{y}{r}\hat{z} \tag{11}$$

$$dH = \frac{I}{2 \ast \pi \ast r} \ast \frac{1}{r} (-h\hat{\mathcal{y}} + y\hat{\mathcal{z}}) \tag{12}$$

**Figure 7.** Current carrying interconnect and sensor location.

Integrating in the *y* dimension of *I* yields:

$$
\int dH = \int \frac{I}{2 \ast \pi \ast y^2 + h^2} (-h\mathfrak{H}) \tag{14}
$$

(13)

$$H = \int \frac{1}{2\pi} \frac{I}{w} \frac{h}{h^2 + y^2} dy \tag{15}$$

$$H = \frac{I}{\pi \ast w} \tan^{-1} \left(\frac{w}{2h}\right) \tag{16}$$

*H* depends not only on the distance away from the interconnect, but also on the width of the wire, a finding found to be true in [43].

To find the total estimated current in the interconnect, a large, but finite, number of plates were integrated with varying distances from the first plate, which was at a distance h from the sensor to the depth of the entire interconnect, Hinterconnect. Using the minimal h distance illustrated in Figure 8, 50 nm from the surface of the interconnect, the estimated magnetic field over varying currents could then be determined.

**Figure 8.** Magnetic field and current at varying sensor distances.

Fitting the H-I relationship of the sensor 50 nm above the interconnect, the H-I relationship in Figure 9 was found to be approximated by the linear function:

$$R = \begin{cases} \begin{array}{l|l} 0.849 \ast H(t) + 15979.24 \text{ [ $\Omega$ ]} & H \geq -425 \frac{A}{m} \\ 2.629 \ast H(t) + 16755.52 \text{ [ $\Omega$ ]} & H < -425 \frac{A}{m} \end{array} \\\\ \begin{array}{l|l} \text{Magntic Field Strength:} & \text{Resistance relationship for an MTJ} \\ 16.500 \\ 16.000 \begin{array}{l|l} \text{H} \ast -425.0 \text{ [ $\mu$ /m]} \\ \text{H} \ast -425.0 \text{ [ $\mu$ /m]} \end{array} \\\\ \begin{array}{l|l} \text{\"\u0\"} \\ \text{\"\u0\"} \\ 15.000 \\ \text{\"\u0\"} \\ \text{\"\u0\"} \\ 14.500 \\ \text{\"\u0\"} \\ -1.200 \end{array} \\\\ \textbf{14.000} \\\\ \textbf{15.000} \\ \textbf{15.000} \end{array} \end{cases}$$

**Figure 9.** Magnetic field-resistance relationship for an MTJ Sensor.

Although empirical evidence concerning the bandwidth of our MTJ sensor was not collected, the authors of [53] indicated that while theoretical MTJ sensors have a wide bandwidth of GHz, in practice the bandwidth is closer to 100 MHz. Hence, for the simulation, we filtered the *H*-field at about a 100 MHz cutoff frequency.

$$H = 906.81 \ast I(t), \ -400 \text{mA} \le I < 400 \text{mA} \tag{18}$$

For this particular application, DC currents on the IC trace are approximately in the range of ±400 mA. Hence, the maximum of change in resistance of this particular sensor will be ±307 Ω according to the following equations, leading to a sensitivity of around 1.9%.

$$
\Delta R \approx (\pm 400 \text{ mA} \ast 906.81 \ast 0.849) \tag{19}
$$

$$
\Delta R = \pm 307 \,\Omega \tag{20}
$$

$$1. \frac{\Delta R}{R} \approx \frac{307}{15979} \approx 1.9\% \tag{21}$$

With the small 1.9 % change in resistance, it should be noted that accurate measurements will be difficult, with potential sensing voltages through the utilization of a Wheatstone bridge of approximately 3 mV peak to peak. Because the application requires low-power ADC and a tolerable resolution, some way to boost the signal, either through an amplifier circuit or through a current-to-frequency converter or a voltage-to-time converter might be utilized to accurately measure the changing resistance, and hence, the changes in the measured current for accurate classification of the BNN. Such small-signal measurement techniques have been developed for MTJ sensor networks in the past [55]. Based on these calculations and considerations, a Verilog-A model was created to simulate the current sensing capabilities of the MTJ sensor.

#### *5.2. Attacker Models and Evalution Results*

The attacker scenarios developed based in the analog domain, and thus, can be detected using a reverse side-channel analysis. Hardware trojans are well-researched in literature [11] and detection with methods such as a side-channel analysis is also widely researched. However, there is little available information concerning analog hardware trojans. Hence, this study created three classes of power amplifier stage hardware trojans. The goal for these trojans was either decreasing efficiency, shutting off the device, or to inject noise in the amplification stage. Furthermore, these trojans were developed to appear to be like components found on an actual power amplifier IC and thus increase the probability of being detected. Most importantly, no matter the trojan, all were able to be classified using the lightweight BNN.

#### 5.2.1. Power Amplifier Designs

A single-ended cascoded Class-E PA was designed and simulated for demonstration of the proposed system. By reducing the overlapping time of the transistor's output voltage and current, power dissipation at the transistor of the switching mode PAs is minimized. Hence, supply power can be delivered to the output load more efficiently. Figure 10 shows the PA schematic that exploits the switching Class-E operation to achieve high efficiency to reflect the stringent power consumption requirements of IoT applications, and their prominent nonlinearity. A cascode transistor was added to prevent the device from breaking down. The harmonic content at the transistor drain is a result of the soft switching effect generated by Csw and Lsw. In schematic-level simulation, an output power of 18.7 to 20 dBm and a drain efficiency of 40 to 44% across process and temperature corners is achieved.

**Figure 10.** The designed Class-E PA that was used for demonstration of the proposed system.

#### 5.2.2. Attacker Models on PA Designs

The attacker models are segmented into three main categories: shut-off, parasitic capacitance, and noise injection. Few trojan models are available in literature due to the pernicious nature of trojans. Figure 11 illustrates the main areas identified in this study that can be targeted by attackers. The first area is the active device, the switching FET controlled by the input signal. Two different attacks can be carried out here, a source switch turn-off attack and a noise injection attack. A third attack can be at the output of the drain of the cascaded MOSFET, increasing the parasitic capacitance through an injected trojan capacitance circuit.

The development of trojans consisted of focusing on inserting trojans into various regions of the device and the impact of these insertions on the PA efficiency. The most obvious trojan is one that completely disables the PA. To disable the amplifier, a switch can be placed at the source of lower MOSFET that, when triggered, will cause the active devices (the transistors) to be shifted from the operation region to the off state, limiting the ability of the device to operate, as shown in Figure 12.

**Figure 11.** The main areas of attacker models are segmented into three categories: shut-off, parasitic capacitance, and noise injection.

**Figure 12.** The killer switch that is used to shut off the operation of the power amplifier.

The second trojan studied was the parasitic capacitance trojan, impacting the matching network Q factor of the circuit. By increasing the capacitance on the output of the drain of the cascaded MOSFET (Figure 13), an attacker can easily cause the system to become less efficient in transmitting the input signals. The efficiency of the power amplifier determined the voltage-current relationship of the switching circuit. A Class-E amplifier is tuned to be most efficient, and thus, the drain output capacitance magnitude is carefully selected. Hence, a capacitance with a switch that can be triggered by an attacker can plausibly be fabricated on the device and be thus activated to limit the efficiency and increase the power consumption of the PA.

The third trojan studied was an AC-coupled noise source at the input of the cascaded MOSFET in the Class-E topology as in Figure 14. The radio frequency (RF) circuit designers usually set tolerances at which the amplifier can work, and hence, in moving outside of that range, the power amplifier will be less effective by coupling a noise source at the input, especially outside of that tolerance range. In this study, we analyzed noise voltages of 10% of the DC voltage and higher at frequencies equal to the input frequency.

Finally, the last trojan studied was noise injection at the input signal of the amplifier. A two-toned input, added through an RF power combiner in Figure 15, which vector-adds two analog signals together, not only causing an issue with the gain of the circuit, but also with noise in the side-band channels. By inserting a noise signal in the sideband of the of the desired signal, with the signal large enough to interfere with standard specifications, in this

case the Bluetooth specification, the attacker can not only change the power consumption of the PA, but also interfere with signals in other channels as well.

**Figure 13.** The added parasitic capacitance degrades the output efficiency and increases the power consumption of the power amplifier.

**Figure 14.** The AC-coupled noise source at the input of the cascaded MOSFET.

**Figure 15.** An RF power combiner to mix the noise source into the input signal.

Hence, all of these PA trojans were developed to change the operating ability of the Class-E power amplifier.
