A system on a chip or system on chip (SoC) is an integrated circuit (also known as a “chip”) that integrates all components of a computer or other electronic system on a single circuit die. Similar to how a microcontroller integrates a microprocessor with peripheral circuits and memory, an SoC can be seen as integrating a microcontroller with even more advanced peripherals like graphics processing unit (GPU), Wi-Fi module, modems or one or more coprocessors– all on a single substrate. It may also contain digital, analog, mixed-signal, and often radio frequency signal processing functions, depending on the application. SoCs connect to other components too, such as cameras, a display, RAM, flash storage, and much more. All the necessary components are embedded within a single chip, keeping things compact, efficient, and compatible. It makes sense then why it’s the preferred method of development for complex electronic devices.
Military applications such as unmanned vehicles, soldier-worn electronics, and battlefield networking requirement of small size, weight, and power consumption (SWaP) is driving their design transformation from reconfiguring boards into systems on chip (SoC). As with much military technology in the past few decades, SoC came out of the commercial world, primarily pushed by the cellular market and, more recently, development of the Internet of Things (IoT). As devices get smaller and smaller, semiconductor manufacturers have to deal with a variety of new challenges. The smaller, more portable designs create difficulties with circuitry, reliability, power draw, and connectivity. That’s not all, as security is also a concern from a hardware perspective.
Security has become one of the most crucial parts of System-on-chip (SoC) design because of its usage in the internet of things (IoT) devices, cyber-physical systems, embedded computing systems and military applications. The ever-increasing complexity of on-chip components and long supply chain make SoCs vulnerable to hardware and software attacks. These attacks can be originated either from inside the chip or from malicious software components. The 3rd party Intellectual Properties (IPs) are becoming non-trusted because of the possibility of hardware trojans integrated inside the IP.
Time to market demand has forced integrated circuit design, manufacturing and testing to be done at different places across globe. This approach has led to numerous security concerns like overbuilding of chips from foundries, IP protection, counterfeiting and hardware Trojans. A counterfeit part is manufactured by the OEM and presented as new, but the performance and reliability of the part is questionable. Components may be recycled or remarked, they may have not passed OEM tests, they may be unlicensed or over manufactured. A cloned part is not manufactured by the OEM but may be designed to mimic the performance of the authentic part. Copies may be manufactured in foreign plant, or new design of reverse-engineered components using stolen IP, potentially with altered function to appear the same.
Apart from Counterfeit electronic components there is also risk of Hardware Trojans (HT), which are malicious circuit inclusions into the design from an adversary with an intention to damage the functionality of the chip at a much later date or leaking confidential information like keys used in cryptography. The hardware Trojans are designed in such a way that they are triggered only after the occurrence of rare event in the design or by a very rare inputs.
There are other threats. Side Channel Attacks (SCA) is another well-known attack on cryptographic circuits to leak the key used in encryption of the secret data. The adversary can use power side channel, timing side channel to get the key. The recent literature reports attacks based on EM waves and LASERs. Another well known SCA is based on test structures (Design for Testability circuits) inside the chip. There are also concerns of Intellectual Property (IP) Protection, The IP used in products and solutions from original equipment manufacturers (OEM) should be protected.
Accessing custom hardware IPs in FPGA accelerated SoCs are not controlled by the Operating system. Hence, there is a possibility of confidential information leakage and denial of service attacks on those IPs. Researchers are designing the architeture of SOC to support the following security policies: Isolation policy that limits the IP to only allowable interactions, a Containment policy that minimizes the damage caused by a malicious component, and an Integrity policy that enforces authorized data accessibility and modifications.
For the past decade, cybersecurity threats have moved from high in the software stack to progressively lower levels of the computational hierarchy, working their way towards the underlying hardware. Despite growing recognition of the issue, there are no common tools, methods, or solutions for chip-level security currently in wide use. This is largely driven by the economic hurdles and technical trade-offs often associated with secure chip design. Further, modern chip design methods are unforgiving – once a chip is designed, adding security after the fact or making changes to address newly discovered threats is nearly impossible.
The Automatic Implementation of Secure Silicon (AISS) program aims to ease the burden of developing secure chips. AISS seeks to create a novel, automated chip design flow that will allow security mechanisms to scale consistently with the goals of a chip design. The target design flow will provide a means of rapidly evaluating architectural alternatives that best address the required design and security metrics, as well as varying cost models to optimize the economics versus security trade-off. The target AISS system – or system on chip (SoC) – will be automatically generated, integrated, and optimized, and will consist of two partitions – an application specific processor partition and a security partition implementing the on-chip security features. By bringing greater automation to the chip design process, the burden of security inclusion can be profoundly decreased.
While the threat landscape is ever evolving and expansive, AISS seeks to address four specific attack surfaces that are most relevant to digital ASICs and SoCs. These include side channel attacks, reverse engineering attacks, supply chain attacks, and malicious hardware attacks. As strategies for resisting threats vary widely in cost, complexity, and invasiveness, AISS will help designers assess which defense mechanisms are most appropriate based on the potential attack surface and the likelihood of a compromise.
In addition to incorporating scalable defense mechanisms, AISS seeks to ensure that the IP blocks that make up a chip remain secure throughout the design process and are not compromised as they move through the ecosystem. As such, the program aims to move forward provenance and integrity validation techniques for preexisting design components by advancing current methods or inventing novel technical approaches.
DARPA Awards
Synopsys Awarded DARPA Contract for Automatic Implementation of Secure Silicon Program
Synopsys, Inc. (Nasdaq: SNPS) announced that the Defense Advanced Research Projects Agency (DARPA) has selected Synopsys as a prime contractor for the Automatic Implementation of Secure Silicon (AISS) program. The program’s goal is to automate the inclusion of scalable hardware security mechanisms in IP and system-on-chips (SoCs) to explore security versus other design trade-offs.
As part of the four-year AISS program, Synopsys will collaborate with other commercial and university experts, including Arm, Boeing, UltraSoC, University of Florida Institute for Cyber Security (FICS), Texas A&M University, and University of California San Diego. Government and commercial leaders are applying Synopsys’ Zero Trust approach to design security and quantifiable assurance into microelectronics at the heart of their networks and systems. Synopsys’ involvement in the AISS program highlights its commitment to provide industry awareness, enablement, and leadership for secure silicon.
In support of the AISS program, Synopsys will supply DesignWare® Security IP and will develop critical design-to-manufacturing flows, centered around Synopsys TestMAX™ Design-for-Test, and its industry-leading products and technologies based on the Synopsys Fusion Design Platform™ and Verification Continuum™ Platform for the automated implementation and verification of secure SoCs. The Synopsys solution will demonstrate simultaneous optimization of power, area, speed and security, resulting in technologies that will benefit both the defense and commercial sectors. Boeing will also contribute its systems design expertise and SoC reference platform to the AISS program to further the advancement of automating the inclusion of hardware security mechanisms in systems. Synopsys has also executed an Associate Contractor Agreement (ACA) with Northrop Grumman who is leading another AISS research team. As part of the ACA, Synopsys contributes tools and IP and Northrop Grumman provides the asset management infrastructure to protect SoCs throughout their lifecycle.
“Security is a shared responsibility across the ecosystem and Arm is committed to ensuring security is designed into silicon from the ground-up, as defined by the Platform Security Architecture framework and our Corstone and CryptoIsland families of secure system IP,” said Dr. John Goodenough, vice president of technology collaboration and standards at Arm. “This collaboration between commercial industry and external research partners will simplify and accelerate the path to secure SoC systems using technology from Arm and Synopsys.”
Synopsys’ industry-leading architecture design, security IP, static and formal verification, emulation, RTL implementation, and test solutions are essential building blocks to the design and verification of hardware mechanisms that meet the critical power, area, speed, and security requirements of the AISS program.
“Security has emerged as an essential requirement in many industries including critical infrastructure, data centers, IoT, automotive, aerospace, and defense,” said Deirdre Hanford, Chief Security Officer for Synopsys. “Synopsys is a leader in providing security solutions to the industry. In addition, Synopsys has a long track record of collaborating with defense contractors, silicon foundries, and universities to develop innovative design and verification technologies and methodologies. We are excited to partner with prominent industry and academic organizations to address the challenge that DARPA has issued. We look forward to supporting AISS and adding design for security technologies and flows to our market-leading security and interface IP, implementation, and verification products.”
Arm Research Selected for DARPA Secure Silicon Program
With an ever-evolving threat landscape, which includes the need to protect against supply chain and side channel attacks, the benefit of implementing security solutions that protect IoT devices is clear. However, the complexity of secure SoC device design, along with multiple challenges in integrating software with secure hardware, means it is often difficult and time consuming to incorporate security measures while still meeting overall application power and performance objectives.
To address these challenges, Arm Research is working with the U.S. Defense Advanced Research Projects Agency (DARPA) on the Automatic Implementation of Secure Silicon (AISS) program. The four-year AISS program will see Arm Research work as part of a consortium delivering workflow methodologies and the associated design and tool suites to allow a device integrator to achieve power, performance, area and security (PPAS) objectives at lower non-recoverable engineering (NRE) costs. The program aims to allow developers to increase their productivity by exploring economic trade-offs, such as power consumption, area, and performance, specific to their application and intent with security designed in.
The work Arm Research will focus on covers three key components: a secure extensible reference platform, a secure verification and implementation reference flow and a fully attested device management workflow supported by an associated design and provisioning infrastructure. Together these components deliver a secure SoC design, as well as device provisioning and management by automating the process of incorporating scalable security mechanisms into the chip design, including future cloud-based design.
Meeting DARPA’s program objectives requires a collaborative technology ecosystem working together to deliver a deployable, and well-supported integrated solution of this complexity. Arm will be collaborating with Synopsys to ensure all parts of the solution are developed to a common set of SoC architecture, integration workflow, device manufacturing and provisioning assumptions. We will also be working with several of our academic collaborators, including the Florida Institute for Cybersecurity Research at the University of Florida, Texas A&M University, the University of California, San Diego and the University of Maryland to push the envelope of what is possible in areas of extensible secure platform architecture, novel introspection and obfuscation techniques to enhance device security.
References and Resources also include: