At DesignCon, one of the keynotes was by Warren Savage titled Design for Security: The Next Frontier of Smart Silicon. I have known Warren for years—he has been in IP for a long time, most recently as CEO of IPextreme, which he founded in 2004 and was acquired by Silvaco a few years ago. Before that, he was at Synopsys, where he told me he changed Arm's IP strategy. Until that point, Arm designed its microprocessors at the physical level and migrated them as layout for each different licensee's process. It was received wisdom that nothing could compete with this approach when every square micron of silicon counted. Warren had no interest in that approach, so he created a synthesizable version of the current generation of Arm processors. Surprisingly, perhaps even to Warren himself, it was smaller than the handcrafted layout. Since then, Arm (and everyone else) has used synthesizable RTL to transfer IP.

I hadn't realized he was invited to be a visiting researcher at the University of Maryland’s Applied Research Laboratory for Intelligence and Security as a subject matter expert on a variety of research programs. Last time I'd talked to him he'd still been at Silvaco.

(His real claim to fame, though, is that he gave my daughter her first consulting job. She is a certified sommelier, and for the IPextreme user group meeting, he had her come and give a presentation on wine and organize a wine tasting.)

IoT and Attack Surfaces

Warren started with a graph that we'eve all seen versions of, showing how many connected IoT devices there will be. The numbers are always big, but nobody really has a clue. 75B devices in 2025, this one ran up to. Then he got more specific:

These are the sorts of devices where security is important. A Tesla automobile. Online shopping. Bluetooth-connected home appliances. A driverless tractor (Warren grew up on a farm and drove a lot of tractors—as a teenager I worked on a farm every summer and drove my share, too). Thermostat "spy devices".  Medical.

He moved onto an example of how simple devices like some of these can be co-opted. He talked specifically about the 2016 DDoS (distributed denial of service) that took down the Dyn DNS server, and with it much of the East Coast's internet. This was done using the Mirai botnet. I've written before about the Mirai botnet so I won't repeat that here. Instead, take a look at Video Cameras: No Service for You.

Warren's taxonomy of the attack surface model for chips is:

• Side-channel: Extraction of secrets through physical communication channels other than the intended channel(s). Assumption: Attackers can listen to emissions.
• Reverse engineering: Extraction of algorithms from an illegally obtained design representation. Assumption: Attackers have access to design files.
• Malicious hardware: Insertion of secretly triggered disruptive functionality. Assumption: Attackers have inserted a Trojan.
• Supply chain: Cloning, counterfeit, recycled, or remarked chips represented as genuine. Assumption: Attackers can manufacture perfect clones.

He also had a taxonomy of motivation versus method of attack. Motivations ranged from economic gain, to IP theft, to sabotage, to espionage.

The result of all this is that threats are increasing, IoT increases the attack surface, there are few security experts in semiconductor, and security is expensive. The solution has to be to embed the expertise into the EDA tool flow, which means new EDA tools and new IP. This is the only way we can "democratize" security.

Details of Attacks

Side-channel attacks result from weaknesses in the implementation. These can be monitoring power consumption (known as differential power analysis). Monitoring timing variations. Monitoring electromagnetic emissions. Fault injection to cause a glitch. The Spectre and Meltdown vulnerabilities in advanced processors are also side-channel attacks, although less relevant in the IoT world since user code does not run on the processor in general, and IoT processors are not normally out-of-order with speculative execution, a requirement.

Reverse engineering is an area where the University of Florida Institute for Cybersecurity Research are experts. At GOMACTech last year, Mark Tehranipoor from there presented on how they can read the keys out of FPGAs using optical e-beam probing on the back of the devices. To be honest, it was a terrifying presentation, showing just how easy it is. X-rays can be used to traditionally reverse engineer the circuit boards. But X-rays are so yesterday, the modern reverse engineering uses a CT scan to read out each layer of the board in detail, as in the photograph, which shows all six layers of a six-layer board.

The most common form of malicious hardware is called a Hardware Trojan (HWT) and involves two parts. First, surreptitious insertion of some additional circuitry somewhere along the supply chain, which is very hard to detect. We are very good at verifying chips that do what they are meant to do, and terrible at verifying that they don't do things that they are not meant to do. The next phase is to trigger the HWT with some rare event and that releases the payload to do...something bad such as damage the system or expose information by leaking it through a side-channel.

Next is the supply chain. The supply chain attack surface is enormous. For example, see my post Did the Chinese Really Attach Rogue Chips to Apple and Amazon's Motherboards? As I said in that post, I don't believe what was described took place, since it just didn't make a lot of sense, but for sure the supply chains are not secure and something similar might have happened.

Warren recommended that you watch Andrew "bunnie" Huang's video If I Were a Nation State... about how these attacks can happen. I found it for you (it's 45 minutes, so go and get a coffee). bunnie's big claim to fame is that he was the first person to hack the Microsoft Xbox.

The semiconductor supply chain is vulnerable in all sorts of places:

• Design: IP theft, malware insertion
• Foundry: IP theft, overproduction, malware insertion, reverse engineering
• Assembly: Malware insertion, reverse engineering, sabotage
• Test: Reverse engineering, malware activation, marginal or bad parts sent to gray market
• Distribution: Returns sent to gray market, contamination from gray market

The best technological defense to supply chain attacks is to do the design so that the chip needs to be activated after manufacturing. The IP owner designs, and the EDA tool adds obfuscation gates that have to be activated. This means that any leakage or overproduction at the foundry will be non-functional, and the same at the OSAT (packaging). To see a good example of this, see my post Google's Titan: How They Stop You Slipping a Bogus Server into their Data Center.

Design for Security

Design for security is a new skill. Microsoft's Galen Hunt has a list of the seven properties of highly secure devices:

1. Hardware-based root of trust
2. Small trusted computing base
3. Defense in depth (moat, inner wall, citadel)
4. Compartmentalization (don't put all your eggs in one basket)
5. Certificate-based authentication
6. Renewable security
7. Failure reporting

Here is your next piece of video homework, Galen's presentation Securing the Billions of Devices Around Us (40 minutes, time for another coffee). In a neat bit of symmetry with bunnie's video above, Galen was (among other things) responsible for making the Xbox unhackable. This video goes into a lot more detail on the seven principles above.

Security in the Water

Warren wrapped up with an analogy. In the early part of the 20th century, the US government was using science to improve the lives of Americans. For example, they noticed that some areas had perfect teeth, but others like New York and San Francisco had bad teeth. They discovered that this correlated to fluorine in the drinking water. So they started to put fluorine in all the water to protect all our teeth.

This is a metaphor for how we need to think about security. We need to get security into the drinking water of the semiconductor business.

Sign up for Sunday Brunch, the weekly Breakfast Bytes email.