We live in the era of smart silicon, where complex system-on-chips (SoCs) connect to the cloud and communicate with one another. These silicon, processor based SoCs have been implemented in almost every kind of IoT sensor, device, system and edge and cloud networks. Thanks to the connectivity enabled by smart silicon, we now have silicon talking to silicon.
These binary communications go on all around us, from our automobiles and smart phones to home-based appliances, thermostats, cameras and digital assistants and wearable medical devices on our bodies. Further, all of these devices know something private about us. Collectively, they probably know everything.
But this connectivity and resulting convenience comes at a cost, namely, easy access to cyber-attackers. Remember the Mirai botnet that resulted in a denial of service attach (DDoS) on numerous DNS servers that shut down the east coast for a day or so? It also affected Europe. Thousands of these bots were secured in unsuspecting places like consumer devices like picture frames, roof-top weather monitors, smart lightbulbs, appliances and the like. These bots all reported to a bot-master who controlled the timing and location of the attacks.
“What's truly scary about this is someone will pay to hire the individual or group that controls this mercenary army of bots,” explained Warren Savage, Visiting Researcher, Applied Research Laboratory for Intelligence and Security at University of Maryland, during his keynote presentation at DesignCon 2020. “You can imagine the uses for such a weapon in corporate espionage and sabotage to take down a competitor’s business for monetary gains. This is just a taste of things to come.”
What can be done to prevent a now reoccurring cycle of cyber-attacks? The Institute for Systems Research (ISR), a research unit with the A. James Clark School of Engineering at the University of Maryland, has proposed on solution called the Attach Surface Reference Model. An attack surface is everything outside the firewall. The model consists of four surfaces or ways that silicon-based chips and systems can be attacked: side channel, reverse engineering, malicious hardware and the supply chain. Perhaps the most disturbing attack method in our globally connected world is the last one, i.e., the one that deals with the supply chain.
|Image Source: DesignCon 2020 / Warren Savage|
It’s taken the semiconductor business market about 30 years to develop a complex but workable supply chain. Even though most SoC designs take place in Silicon Valley, a number of different companies on different continents are needed to process that design and manufacture it. This means there are many places where attacks can be initiated.
In an attempt to deal with this growing threat to the semiconductor business of chip development, DARPA created the Automatic Implementation of Secure Silicon (AISS) program. The main goal of the program is to embed security expertise into the design flow that is, at the present, sorely lacking. The security focused flow will be available to everyone. It will come at a cost, namely, the development of improved electronic design automation (EDA) tools and new intellectual property (IP) designs. But if this cost isn’t met now, a greater cost will be incurred later from the cyber-attacks that can destroy businesses and even lives.
|Image Source: DesignCon 2020 / Warren Savage|
The aim of the AISS program is to democratize security inclusion into the chip design flow. The level of security will be appropriate to the application and balanced with cost, power and area of the chip design. Most design engineers are already familiar with a cost function approach, where the cost is used as a way to normalize tradeoffs in performance, power and area. A numerical value is assigned to each area where the highest cost shows the most important aspect of the design. For example, for a lawn sprinkler, the power cost function is higher or more crucial that performance or size. Conversely, for a network router, the power cost function is relatively low as the router usually has unlimited power from a plugged-in wall socket. But the performance of the router is very important.
The AISS program now adds a fourth element to the cost function, namely, security. This means that design engineers must add security as a constraint alone with performance, power and area. Note (see image) that the security cost function can be expanded to incorporate the different types of attack surfaces.
Since the supply chain itself is a global attack surface, DARPA has further created a program known as SHEILD that embeds tiny dielets into every device and system. These dielets allow tracking of the device and system through the products lifecycle. Further, blockchain technology is used to track the chain-of-custody to determine where a part has been and how it might be compromised at different geographic locations.
Along with the embedded dielet hardware to help fight problems within the supply chain and an increased awareness for security, a new process has been proposed called the “Design for Security.” Microsoft is a strong proponent of this approach, which recognizes seven properties of highly secure devices. The last of those properties is “failure reporting” in which a compromised device will essentially phone home or to its company to let the owner know when it’s undergoing a cyber-attack and what attack surfaces are being threatened. In this way, the owner gets a sense of what the attack looks like and how to help the device.
To break the increasing occurrence and cost of cyber-attacks, chip designers must understand the attack surfaces and prioritize security requirements to be on par with performance, power and area concerns. Using a Design-for-Security methodology will make security stronger and disrupt the cycle of seemingly endless cyber-attacks.
John Blyler is a Design News senior editor, covering the electronics and advanced manufacturing spaces. With a BS in Engineering Physics and an MS in Electrical Engineering, he has years of hardware-software-network systems experience as an editor and engineer within the advanced manufacturing, IoT and semiconductor industries. John has co-authored books related to system engineering and electronics for IEEE, Wiley, and Elsevier.