physical-design-securitylisted

# Physical Design Security ## Purpose Review physical implementation for security vulnerabilities arising from power domain coupling, timing-related leakage, clock domain crossing issues, and layout-level information exposure. ## Scope Constraints Reads physical design files, floorplans, and hardware specifications. Does not modify design files or execute EDA tools. Does not access foundry-specific restricted data. ## Inputs - Physical design constraints and floorplan - Power domain architecture (voltage islands, power gating, level shifters) - Clock domain architecture (clock trees, domain crossings, gating) - Security-sensitive blocks and their physical placement - Threat model for physical attacks (invasive, semi-invasive, non-invasive) ## Input Sanitization No user-provided values are used in commands or file paths. All inputs are treated as read-only analysis targets. ## Procedure ### Step 1: Review Physical Implementation Constraints Map the physical design from a security perspective: - Identify security-critical blocks and their placement relative to chip boundaries - Review floorplan for isolation between security domains - Check that sensitive blocks are not adjacent to untrusted I/O or analog blocks - Verify that security-critical paths meet timing with margin (no hold violations that could cause glitches) ### Step 2: Identify Timing-Related Leakage Assess timing paths for information leakage: - Variable-latency operations in security-critical paths (data-