July Update

This is the July edition of the now monthly update post, with small updates to existing posts and themes that don't justify a whole Breakfast Bytes post on their own. Cadence is off for a global recharge day on Friday, so Breakfast Bytes will not appear. Tomorrow's post will be somewhat off-topic as is my practice before any break.

Supply Chain Attacks and Ransomware

The two most important developments in CyberAttacks in 2021 are supply chain attacks and ransomware. Ransomware is not new this year, but it has grown massively. Attackers used to focus on computers that individuals have at home, where they could easily infect millions of computers since most people do not apply security patches, but where each computer is only good for a few hundred dollars maximum. Now, they focus on taking major operations out of service, such as hospitals, health services, or, most notably, oil pipelines.

The year started with a major supply chain attack where the network maintenance software of the company SolarWinds was compromised, with the effect that anyone using it was vulnerable. It turned out that "anyone using it" meant most of the Fortune 500, most government departments, and more.

I wrote about SolarWinds in:

• The Biggest Security Breach Ever
• Update: Achronix, SolarWinds, Wikipedia, US Fabs

I wrote about ransomware in:

• Evolving Maturity in Ransomware
• Update: CadenceLIVE India, Ransomware, 2nm, and More (which covered the Colonial Pipeline)

Last week, the two were combined. REvil, who I've seen described as one of ransomware's most cutthroat gangs, infected over 1,500 businesses around the world by infecting the Kaseya VSA remote management service. This is apparently used by 35,000 companies. They found (or probably purchased) a zero-day vulnerability, which is a vulnerability that first comes to light with the attack. They then compromised the remote management service, and pushed an update out to Kaseya's customers, thus compromising all of them.

You can read more details on who was attacked, and how the attack worked, in this ArsTechnica piece Up to 1,500 businesses infected in one of the worst ransomware attacks ever.

But it is a developing story. A couple of days ago as I write this, REvil went dark, causing speculation of some sort of takedown by the US.

One defense is to take a page out of Netflix's book, like security expert Brian Krebs says in Don’t Wanna Pay Ransom Gangs? Test Your Backups. As I discussed in my post RSAC: Opening Keynote and a Whitrospective, Netflix's Chaos Monkey doesn't just "test" things like robustness. It literally takes down running servers at random, thus ensuring that, at least over time, the overall system is robust in the face of server failure.

One of the messages from all of these vulnerabilities in 2021 is that software-only solutions are not good enough, security has to start from a hardware root-of-trust, and that means us in the ecosystem designing chips. Another thing that everyone should be aware of is that we in the EDA and IP industries are part of the supply chain to the whole semiconductor industry. As a result, our own security is super-critical. If an EDA tool or an IP block is compromised, it potentially compromises all chips designed that use it.

DeepMind and Protein Folding

I wrote about the big breakthrough in protein folding at the end of last year in my post Google's DeepMind's AlphaFold Solves Protein Folding. Now the team has gone further, as announced a few days ago. You can read the details in a Nature article, but the title and subtitle really say it all: DeepMind’s AI predicts structures for a vast trove of proteins. AlphaFold neural network produced a ‘totally transformative’ database of more than 350,000 structures from Homo sapiens and 20 model organisms.

Now, a transformative artificial intelligence (AI) tool called AlphaFold, which has been developed by Google’s sister company DeepMind in London, has predicted the structure of nearly the entire human proteome (the full complement of proteins expressed by an organism). In addition, the tool has predicted almost complete proteomes for various other organisms, ranging from mice and maize (corn) to the malaria parasite (see ‘Folding options’). The more than 350,000 protein structures, which are available through a public database, vary in their accuracy. But researchers say the resource — which is set to grow to 130 million structures by the end of the year — has the potential to revolutionize the life sciences.

GlobalFoundries

There are rumors reported by Reuters and the Wall Street Journal that Intel is in negotiation to acquire GlobalFoundries (GF). I don't have any particular insight into that. But GF has gone through a major rebranding exercise. One thing I am pleased about is that it is no longer required to put the company name all in uppercase, which always upset my sensibilities as someone who knows something about typography. So watch for this new logo:

When I was at Virtutech, we went through a branding exercise and our logo was somewhat like a butterfly. The branding company told us that the butterfly was the only animal that could change its DNA and represented how unique Virtutech was. This is complete rubbish, the DNA of a caterpillar is just the same as the DNA of the resulting butterfly. But branding companies all seem to talk like this. I remember a branding exercise at Cadence twenty years ago, where they were focused on the little red bar which interrupted the black box that we had around the logo at the time. I remember thinking how pretentious what they were saying was. Here is the explanation of the new GlobalFoundries' logo:

The left-hand side of the "g" in the logomark is fashioned using a half circle and a quarter circle. The circle shapes are representative of a globe highlighting our global footprint as well as a semiconductor wafer​.
The middle shape is shared between the “g” and the “f,” signifying partnership and collaboration, core indicators of the relationships we have with our customers.
Two squares that define the remainder of the “f” signify the chips, and stacked one on top of the other, make an equal sign that we use to communicate our brand story.

Newport Wafer Fab

Keeping on the foundry theme, Newport Wafer Fab is to be acquired by Nexperia. Newport is in the South of Wales in the UK. It has a long history. In 1978, the company Inmos was founded to be, essentially, the British microprocessor company. I knew several people that worked there since Edinburgh was the first university in the UK to teach VLSI Design the new Mead & Conway way, and thus one of the few universities turning out any graduates who could fill Inmos's design groups. Taking a page from the Intel playbook, Inmos started as a memory company and at one point had over half the world market for SRAM. The microprocessor that they created was called the Transputer and was programmed in a language called Occam. Occam was built on the ideas of CSP, created by legendary computer science professor at Oxford, Tony Hoare (also the inventor of Quicksort). In 1982, they completed their wafer fab in...yes, Newport. The Transputer was great as an academic exercise, with innovative features and an innovative programming ecosystem for parallel processing.

But its very non-standard architecture and non-standard programming language never really got any traction, or at least not fast enough before the government lost enthusiasm for funding it, and it was privatized. After a short period of being owned by Thorn-EMI, Inmos was sold to ST Microelectronics (then still SGS-Thomson). The fab itself passed through many hands, most recently Infineon, and then Neptune 6 who set it up as a subsidiary called Newport Wafer Fab. This has just been sold to Nexperia.

In the meantime, the company that would actually become the British Microprocessor Company was Arm. Arm, of course, not only had no fab, it didn't even design chips. It has a pure IP licensing model.

WiFi 6 spectrum in Europe

I've written quite a bit over the years about radio spectrum. For example, in:

• GOMAC: A Conference that Starts with the National Anthem
• 5G in US vs Rest-of-World

A picture is worth 1000 words, so they say (so the average Breakfast Bytes post is worth a picture, I guess). But this picture really coveys the complexity of spectrum allocation.

What is new in spectrum allocation is that Europe has finally released 480MHz of 6GHz spectrum for use by Wi-Fi. Wi-Fi was originally considered a toy, operating in unlicensed spectrum and using technology instead of formally dividing the spectrum up between suppliers like is done for cellular networks. But I would guess that more data is carried on Wi-Fi than those cellular networks. Note that the 6GHz spectrum is important compared to mmWave since it goes through walls and windows.

Quoting from the report in WiFiNow It’s official: EU releases 480 MHz of 6 GHz spectrum to Wi-Fi – finally

Europeans should be celebrating today – and not (at least not yet) because of the football: The European Commission today formally released the lower 6 GHz band to Wi-Fi. The decision was formally announced in the Official Journal of the European Union and is now binding for EU member states. At the global level, the EU is still far behind the Americas, the Middle East, and parts of Asia in allocating 6GHz spectrum.

And it's not as if the US has been great at allocating the 6GHz spectrum since a lot of it is occupied (and often not even used) by the US government (primarily, branches of the military).

Sign up for Sunday Brunch, the weekly Breakfast Bytes email.