Update: Achronix, SolarWinds, Wikipedia, US Fabs

This is another of my occasional update posts, where I revisit some older posts and update them with recent developments, but where there isn't really enough new information to justify a whole new blog post.

Achronix

Achronix last appeared in Breakfast Bytes in 2018 in my post Achronix Grew 700% Last Year...eFPGA is a Thing. As they describe themselves these days:

Achronix is the only independent supplier of high-performance FPGAs and eFPGA IP-based data acceleration solutions used in high-growth applications including AI, cloud computing, 5G, networking, and automotive driver assistance.

I'm not quite sure what "independent" means here. I suspect it is a way not to count Xilinx and Intel (fka Altera), although they don't participate in eFPGAs as far as I know.

Last week, Achronix put out a press release Achronix to List on NASDAQ Through Merger with ACE Convergence. it used to be a fairly common occurrence for semiconductor companies to go public (even EDA companies!) but that hasn't happened much recently. In fact, I can't think of a single occurrence in the last few years, although I may be forgetting somebody obvious.

So who is this mysterious "ACE Covergence" company they merged with? This is the trendy way to go public in the last year. ACE is what is called a SPAC, a Special Purpose Acquisition Company. 

As it happens, the day I was writing this post I got my daily email from Bloomberg called Money Talks by Matt Levine (highly recommended). It explained the process:

Maybe the biggest capital markets story of 2020 was the boom in special purpose acquisition companies. A SPAC raises money from investors in a “blank check” initial public offering, puts the money in a pot, and goes out and looks for a private company to merge with. In the merger, the target private company gets the money in the pot and the SPAC shareholders get shares in the new combined company; the result is that the target company has raised cash and gone public through the merger. It is an alternative to an IPO that can offer more speed and certainty and perhaps even a better price.

Cadence was actually created in a similar way. SDA filed to go public, but unfortunately, the day it was meant to take place was "Black Monday", the biggest one-day drop in the stock market ever (in 1987). Instead, it merged with already-public ECAD, and renamed the merged company Cadence. Of course, ECAD was not a SPAC (that concept didn't even exist), it was a genuine EDA company. But the basic concept is the same: merge a private company with an already public one.

The SPAC is set up with a lot of money from private equity, and it goes public in a very low-key way, since it has no real running business. When it finds a suitable company, or a suitable company finds them, the two companies are merged. The "suitable company", in this case, Achronix, gets some money just like going public in a traditional IPO, and it is instantly public, in the sense that anyone can buy its stock. Once this transaction is complete, Achronix should trade under ACHX on NASDAQ.

SolarWinds

I wrote about SolarWinds in my post just a couple of weeks ago, The Biggest Security Breach Ever. With the election and COVID-19, this didn't get nearly as much coverage as it should have.

The US Department of Justice (DoJ) has made an official statement about it:

The Department of Justice Spokesman Marc Raimondi issued the following statement:

"On Dec. 24, 2020, the Department of Justice’s Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others.  This activity involved access to the Department’s Microsoft O365 email environment. 

After learning of the malicious activity, the OCIO eliminated the identified method by which the actor was accessing the O365 email environment.  At this point, the number of potentially accessed O365 mailboxes appears limited to around 3-percent and we have no indication that any classified systems were impacted.

As part of the ongoing technical analysis, the Department has determined that the activity constitutes a major incident under the Federal Information Security Modernization Act, and is taking the steps consistent with that determination.  The Department will continue to notify the appropriate federal agencies, Congress, and the public as warranted."

This actually reminds me of a comedy sketch from decades ago. Cambridge University has a famous comedy club called Footlights, which puts on a show at the end of each academic year. One sketch I remember from my undergraduate days had nuclear missiles fired at Britain. The response was that "The Government has sent a strongly-worded letter". Somehow, determining that this constitutes "a major incident" seems like an underwhelming response. Quoting my earlier blog post, which in turn is quoting Bruce Schneier, this exploit penetrated:

all five branches of the US military, the state department, the White House, the NSA, 425 of the Fortune 500 companies, all five of the top five accounting firms, and hundreds of universities and colleges.

And, apparently, the DoJ.

CISA, the Cybersecurity Infrastructure and Security Agency (part of DHS) also gave their viewpoint:

CISA has determined that this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.

This is serious. I think that you are going to hear a lot about this during 2021, and this probably won't be the last post about it. And we are only two weeks into 2021.

Another interesting perspective is in SolarWinds, the World’s Biggest Security Failure and Open Source’s Better Answer. Steven Vaughan-Nichols, the author, says that "What really caught my attention though is that SolarWinds has been anti-open source for years". That seems a weird way to say that their business model is closed-source, and probably there is no business model for them to make the same amount of profit if they open-sourced all their source code. Cadence is also a closed-source company (mostly), too, of course. Everyone knows that open-source is a better way to develop code since "with enough eyeballs, all bugs are shallow". But it is not a good way to make money selling software, only by selling something that benefits from the commoditization of the software, such as selling Linux servers or Cloud services on the back of free Linux.

But the article is definitely worth a read, although somewhat speculative since we don't yet know really how SolarWinds were infiltrated or whether the vulnerability would even have been obvious looking at the source code.

Wikipedia

I don't think I've ever done a blog post specifically about Wikipedia. But I've certainly quoted it and referenced it plenty of times. Well, tomorrow is the 20th anniversary of when the first upload to Wikipedia took place.

Wikipedia grew out of failure. Bornis (a company) had tried to create an Encyclopedia called Nupedia. It was founded by Jimmy Wales with Larry Sanger as editor-in-chief. It was be edited solely by experts, just like other encyclopedias such as Brittanica, except the experts would be volunteers. it was not going well, since the editing and approval process was cumbersome. It only published 21 articles in its first year. By the time it stopped operating four years later, it had published 25. In the meantime, Wales and Sanger created Wikipedia. They registered the domain name earlier in the week, and uploaded the first post on January 15, 20 years ago exactly tomorrow. Wikipedia was originally envisaged as a complement to Nupedia, a way to provide draft articles and ideas for articles. Of course, as the national poet of Scotland Rabbie Burns put it "The best laid schemes o' mice an' men gang aft a-gley". Wikipedia took off, and completely eclipsed Nupedia. Wikipedia gained its 1,000th article on February 12, 2001, less than a month later. Its 10,000th article took until September. By the end of the year, it was over 20,000. If you want a more detailed history, then there is one obvious place to go: the History of Wikipedia on....you guessed it...Wikipedia.

There is a great overview of Wikipedia in this week's Economist. A leader, as well as a separate more detailed piece Wikipedia is 20, and its reputation has never been higher. As it says in that article:

Wikipedia may not have vanquished its doubters in theory. But it has triumphed in practice. With over 20bn page views a month, it has become the standard reference work for anyone with an internet connection. 

US and European Semiconductor Programs

Last month, December 2020, the European Union announced a €145B declaration to develop next-generation processors and 2nm technology. I'm not sure how real this is, the EU is great at making announcements, and rather less good at reducing them to actionable steps. The motivation is obvious:

European chipmakers enjoy a strong global presence in vertical markets such as embedded systems for automotive and industrial manufacturing. Europe also has a strong technological position in mobile networks including current 5G and emerging 6G technologies. However, Europe’s share of the €440 billion global semiconductor market is around 10%, well below its economic standing. Europe is increasingly dependent on chips produced in other regions of the world – notably those used for electronic communications, data-processing and compute tasks, including processors.

The 17 countries that signed the declaration are Belgium, France, Germany, Croatia, Estonia, Italy, Greece, Malta, Spain, Netherlands, Portugal, Austria, Slovenia, Slovakia, Romania, Finland, and Cyprus. Somehow, I don't think the island of Taiwan is looking over its shoulder at the islands of Cyprus and Malta! This initiative also seems to include The European Processor Initiative that I wrote about a few months ago.

Of course, you can take "Europe" out of that declaration and substitute "US" and say something similar. The US is also "increasingly dependent on chips produced in other regions of the world" such as Taiwan and Korea. So, just last week, in the National Defense Authorization Act 2021 are provisions for subsidizing on-shore semiconductor operations. This could end up as billions of dollars of financial incentives for construction or modernization of facilities “relating to the fabrication, assembly, testing, advanced packaging, or advanced research and development of semiconductors.”

Here is an IEEE Spectrum article on the initiative: U.S. Takes Strategic Step to Onshore Electronics Manufacturing.

As with the European case, it is uncertain to what extent this is just talk, or whether there is any "walk" to make it actionable. I wrote about the challenges faced by US government electronics procurement in several posts. For example, in TSMC: N7, N6, N5 I wrote about the announcement:

TSMC today announced its intention to build and operate an advanced semiconductor fab in the United States with the mutual understanding and commitment to support from the U.S. federal government and the State of Arizona.

In DAC 2020: Open-Source EDA (actually a DARPA perspective) I said:

Their production volumes are so low. This means they don't get great pricing from foundries, especially as most of the time they need to go to "trusted" foundries.

But actually, the biggest problem is that there are no state-of-the-art trusted foundries (by "state-of-the-art" I mean below 12/14nm which GLOBALFOUNDRIES has in US-based Fab 8). The one bright spot from the point of view of the US government is that since Intel acquired Altera, it is possible to buy state-of-the-art US-sourced FPGAs.

Oh, and Intel is also the primary fab for Achronix, where we came in.

Latest news (from yesterday): Intel ousted CEO Bob Swan and the new CEO is Pat Gelsinger (who was CEO of VMWare). The transition is on February 15th. Pat used to be CTO of Intel. It was on his watch that Dennard scaling ran out and he famously pointed out that we were heading for power densities of rocket nozzles or the surface of the sun. The most successful CEO of Intel was Andy Grove, a technologist. Since then the CEOs have been from areas like finance (Otellini and Swan) or elsewhere. Gelsinger is a technologist so this is Intel going back to what worked before.

 

Sign up for Sunday Brunch, the weekly Breakfast Bytes email.