Developing Technologies and Techniques that Can Certify Circuits and Protect Processors

Perhaps the only blemish in the otherwise remarkable and continuing rise of the semiconductor industry—worldwide sales of semiconductors reached $28.4 billion for the month of August 2014, an uptick of 1.3 percent over July 2014 sales, which was the industry’s highest-ever monthly sales total—is the scourge of counterfeit parts. With the globalization of the IC marketplace and much of U.S. production of advanced circuits now in foundries in (listed alphabetically) China, Japan, Korea, Singapore and Taiwan, this side effect was bound to happen. While expanding the production base has lowered global chip prices, it has at the same time made evaluating the integrity of circuitry components much harder. So it should not surprise anyone that electronics counterfeiting has become a big problem for manufacturers, system integrators and end customers.

How big? In April 2012, market research firm iHS iSuppli reported that “The five most prevalent types of semiconductors reported as counterfeits represent $169 billion in potential risk per year for the global electronics supply chain.” And counterfeiting electronics is only a small part of the global piracy problem; the International Chamber of Commerce has estimated that the cost of counterfeiting for G20 nations will be in the range of $1.2 to 1.7 trillion in 2015.

OMG, as the kids say.

There is no script for what to do about this. It is virgin territory for everyone involved. But a big time effort is being made involving a number of large-scale research initiatives. Recently, for instance, both the Defense Advanced Research Projects Agency (DARPA) and the National Science Foundation (NSF) announced encouraging developments in the war on counterfeiting, promising significantly increased security for IP and, it is hoped, providing an effective means to prevent tampering of chip designs by external third parties.

DARPA reported deployment of an Advanced Scanning Optical Microscope (ASOM) that can scan integrated circuits to allow engineers to conduct nondestructive tests and identify modifications made to ICs used in a variety of electronic systems and devices. And NSF, in conjunction with the university consortium Semiconductor Research Corporation (SRC) said that ten U.S. universities will be sharing $4m in new funding to develop ways to protect semiconductors from counterfeiting and other security threats.

Let’s first look at the NSF grants.

The processes and tools used to design and manufacture semiconductors ensure that the resulting product does what it is supposed to do. However, a key question that must also be addressed is whether the product does anything else, such as behaving in ways that are unintended or malicious. The NSF/SRC grant funds are earmarked for nine projects aimed at developing "circuit, architecture and system level" methods and tools to protect processors. The program is called Secure, Trustworthy, Assured and Resilient Semiconductors and Systems (STARSS). Initial industry participants are Freescale, Intel and Mentor Graphics. NSF’s involvement in STARSS is part of its Secure and Trustworthy Cyberspace (SaTC) portfolio, which in August also announced nearly $75 million in cybersecurity awards.

Among the STARSS program projects are:

• A Carnegie Mellon University project aims to combat IC counterfeiting by designing and implementing secure chip ‘odometers’ to provide ICs with both a secure gauge of use and age and an authentication of provenance to allow system integrators to easily discern genuine parts from counterfeit ones. These techniques will provide ICs with functionality analogous to a car's odometer and vehicle identification number (VIN) which can securely measures its mileage and the VIN uniquely identifies its make, model, date of manufacture, and options. The investigators will study attacks that are possible against IC odometers, and determine the best method of securing IC odometers against each attack.
• Silicon hardware is susceptible to malicious bugs called Trojans that can cause an IC to fail in the field, similar to the way viruses manifest themselves in software. Georgia Institute of Technology researchers will leverage knowledge of state-of-the art mixed-signal/analog/radio frequency for detection of Trojans in generic mixed-signal systems. Since the nature of bugs inserted maliciously into chip designs is not known a priori, the investigators will use on-the-fly learning algorithms to refine the applied tests to expose the effects of inserted Trojans.
• Ensuring a high level of security and reliability in electronic computing devices is a significant challenge. Central issues include secure and reliable identification, authentication and integrity checking of underlying hardware. Physical unclonable functions (PUFs)- pseudo-random functions that exploit the randomness inherent in IC manufacturing to generate random output strings - have significant promise for authentication since they can serve as intrinsically-generated hardware roots-of-trust within specific authentication protocols. But PUFs are still a work-in-progress in terms of the cost they require to guarantee reliable operation and their resistance to physical attacks. University of Texas at Austin researchers will develop strong machine-learning resistant PUFs, capable of producing high-entropy outputs, and a new lattice-based stability algorithm for high-capacity secret key generation.
• University of Connecticut researchers will develop metrics and algorithms to make static RAM physical "unclonable" functions that are substantially more reliable at extreme operating conditions and aging, and then extend this to dynamic RAM and Flash. This project will investigate security primitives suitable for high volume production where the allowable costs for design, integration, and testing of hardware security are low.
• Virginia Tech researchers will develop a collection of hardware techniques for microprocessor architectures to detect fault injection attacks, and to mitigate fault analysis through an appropriate response in software. A Fault-attack Awareness using Microprocessor Enhancements (FAME) processor is being developed both as an architecture concept as well as a chip prototype. The fault detection in hardware employs static (design time) and dynamic (runtime) techniques for in-situ fault detection. This flexibility allows FAME to support non-critical applications at full microprocessor performance, while still offering full fault countermeasures for security-critical applications.

Turning to DARPA’s efforts, without the ability to influence and regulate the off-shore fabrication of ICs there is a risk that parts acquired for Department of Defense (DoD) systems may not meet stated specifications for performance and reliability. So last week the agency announced that one of its contractors, SRI International, working under DARPA’s an anti-counterfeit Integrity and Reliability of Integrated Circuits (IRIS) program has developed and deployed an Advanced Scanning Optical Microscope (ASOM) that can scan integrated circuits by using an extremely narrow infrared laser beam to probe circuits at nanometer levels, revealing information about chip construction as well as the function of circuits at the transistor level. The ASOM technology was provided to the Naval Surface Warfare Center (NSWC) in Crane, Indiana, where it will join an arsenal of laboratory equipment used to ensure the integrity of microelectronics.

DARPA began IRIS in 2010 with the goal of developing technologies and software that could validate circuits for military use. Tools such as ASOM allow engineers to conduct nondestructive tests and identify modifications made to ICs used in a variety of systems and devices. IRIS is also making available, for government and service partners, technologies and processes that can determine IC lifespan. Taken together, these advances are aimed at helping the DoD assure optimal functionality and reliability of IC components deployed in the nation’s weapons and other critical systems.

Technological advances aside, as we’ve stated on these pages before, the best way to attenuate the problem of counterfeit parts is to buy directly from authorized distributors such as TTI.