Security IC Solutions: Build or Buy?November 13, 2020 by Antonio Anzaldua Jr.
Depending on the project, designers have a number of options to either etch security at the silicon level or buy a pre-fabricated and pre-programmed security IC.
An essential part of IC design is hardware security.
In the past, cybersecurity has primarily focused on software-level threats, which has, at times, left the blind spot of hardware security wide open. Once a chip is conceptualized and mapped out with logical operations, it is then produced for electrical circuits.
At most companies, it is cost-effective to send out the design to a fabrication lab that will manufacture, test, and design a fully-functional chip. While this method is fast and affordable, outsourcing chip production has brought on a rise in potential threats at both the software and hardware levels.
The typical workflow for chip design. Image used courtesy of the Center for Technology Innovation at Brookings
When should designers buy ICs with prefabricated security and when should they build it themselves? This question can be answered by weighing the budget, time, resources, and data sensitivity of a project.
Methods for Ensuring Hardware Security
Detecting and preventing hardware attacks is an ongoing concern for IC designers and semiconductor manufacturers, especially in the IoT space. These attacks can cause undesired behavior, leaked information, and reverse engineering.
Diagram illustrating the vulnerable stages of chip production. Image used courtesy of the University of New Hampshire
According to the University of New Hampshire, there are some techniques IC designers can follow to secure a chip in the design stage, such as watermarking, obfuscation, split manufacturing, and establishing physical unclonable functions, among many others.
Watermarking is an identification code that leaves a nearly-invisible sequence on the hardware for IC designers to claim. A designer who purchases the chip can only access the design details once he or she inputs the correct code given to the company for access to the intellectual property.
IC metering is similar to watermarking or fingerprinting but offers a unique IC identification code assigned to chip designs. IC metering is more common than watermarking.
Obfuscation is another technique used to replicate a design that is equivalent to the original but harder to crack through reverse engineering. The replicated design has additional logic gates inserted throughout, which allows the chip to function normally but only when a unique sequence is provided to the inserted gates.
Obfuscation can also be achieved through the design’s source code, which follows the same principles as the hardware level. At the software level, obfuscation is the removal of comments and loop unrolling on the source code that helps make it difficult for hackers to reverse engineer the design.
The typical flow of IC design, marked by stages susceptible to attack. Image used courtesy of the Design Automation Conference
Split manufacturing is a technique fabless semiconductor companies use to prevent reverse engineering, circuit modification, and IP piracy during the fabrication stages. To engage in split manufacturing, the engineer must split the layout of the design into two layers that will be fabricated separately.
At the end of this process, both layers are aligned and integrated together, making it challenging to reverse engineer.
Physical Unclonable Functions
Physical unclonable functions (PUFs) is a physical structure in a device that acts as a "digital fingerprint," making it easy for IC designers to evaluate and access data but very difficult for outside parties to replicate and capture data. This method is useful for FPGAs since secure non-volatile memory for key storage is not readily available. The challenge with this is the lack of research in how stable, robust, and reliable PUF is to potential hardware threats.
Options for Preprogrammed Security
Even though there are several techniques for IC designers to secure designs at the hardware level, creating these features oneself does add cost and time to the overall process. Additionally, at the fabrication stage, third-party fabs often charge for adding software security to the provided design.
To simplify design security, many engineers opt for preprogrammed and prepackaged security ICs to help protect against malicious security threats. Here are a few examples from around the industry for various use cases.
A "Cryptographic Companion Device"
With vehicles synced to mobile devices that have sensitive data, Bluetooth is a potential target for hackers. Currently, in the automotive sector, designers have to architect vehicles’ systems and control units to guard against such attacks.
Microchip is one of several developers focusing on hardware security in automotive applications.
The company recently released a new security IC called a TrustAnchor100 (TA100), which is designed to secure in-vehicle networks with tools like CAN MAC at bus speed, secure boot, firmware update, and message authentication.
Block diagram of the TA100. Image used courtesy of Microchip Technology
Microchip intends for the TA100 to be a "cryptographic companion device."
Protecting Non-Volatile Memory
Another developer that has established a category of embedded security devices is Maxim Integrated.
Diagram of Maxim's SHA-256 based symmetric-key authentication. Image used courtesy of Maxim Integrated
Maxim often uses a watermarking technique to develop authentication IC keys stored in non-volatile memory. The company also creates a factory-programmed and per-device unique 64-bit serial number for cryptographic functions such as establishing individual values in each input.
Designers working in the aerospace and defense industries can have peace of mind that their devices will be pre-programmed with security elements because of the government-created "trusted foundry" status.
For big government projects, it is not uncommon for many contractors and subcontractors to be involved in the design process. This many participants, however, may also heighten the risk of hardware tampering.
In 2004, the Department of Defense (DoD) and the National Security Agency (NSA) created “trusted foundry,” a status of approved fabrication labs that are eligible to work on mission-critical and data sensitive systems. The trusted companies had to prove their process of fabrication had secure software and hardware techniques.
This status allows the DoD and NSA to ensure sensitive designs are in the hands of trustworthy fabs.
Hardware Security is Only Advancing
No longer just a "software problem," security is becoming an increasingly vital conversation in electrical engineering. While research and development teams are ever striving to uncover new methods to secure devices at the hardware level, it's also helpful to stay up-to-date on ICs and existing industry standards that pre-package security for designers, significantly saving design time and cost.