In today’s electronics industry, chips are designed by globally dispersed teams, outsourced for fabrication, packaging, and testing, and distributed via complex supply chains. In such a scenario, how can chip integrity be guaranteed against threats such as intellectual property (IP) theft, malicious modification, and counterfeiting? Siddharth Garg, assistant professor of electrical and computer engineering at New York University and one of Popular Science’s “Brilliant 10 of 2016,” discusses both foundry- and chip-level threats and defenses.
Question: Are threats against hardware potentially more dangerous than threats against software?
Garg: When we talk about threats to hardware, we’re looking at modifications to the underlying processors, as opposed to malware and software viruses running on top of those processors. These attacks pose a significant and potentially more pernicious challenge because hardware, unlike software, is immutable. With software, once you find a vulnerability, you can issue a patch to block it. Software vendors do this all the time. But hardware is baked in, so even if detected, a malicious modification can be extremely difficult if not impossible to patch. Think of it as software playing inside a hardware sandbox—modifications to the software are bad, but modifications to the underlying sandbox change the rules of the game.
Question: What kinds of dangers do compromised chips present?
Garg: A recent IEEE Security and Privacy Conference paper presents a good example. The authors implemented a tiny modification to the blueprint of a chip that causes its privilege level to be raised from user mode to super user mode after a certain sequence of instructions is executed on the processor. Creating a small hardware backdoor that gives software access to privilege mode magnifies the attack surface many fold. In this way, the threat from hardware modifications is not only a direct threat but also indirect in that hardware modifications could enable software attacks to become even more efficacious. Another example is modifying chip that performs cryptographic operations so that it leaks secret keys to the external world.
Question: What are some of the current threats and solutions?
Garg: The threat is at multiple levels. There is some concern that agents planted in design teams could affect potentially harmful or dangerous modifications. Solutions, therefore, must start at the design level. Semiconductor design companies have been performing chip verification for at least the last two decades. However, the focus has been on inadvertent mistakes in the chip’s design, so the verification tool’s job is to make sure that the design meets the specification. Now imagine actors making targeted modifications, not inadvertent errors. The job of the verification tools becomes much harder. Moreover, if a chip is maliciously modified the modifications are likely stealthy, so their effects won’t show up during testing. Methodologies for detecting potentially malicious modifications, such as flagging the parts of a circuit that lie dormant during testing, are now being developed.
Additional threats involve counterfeiting—that is, the foundry might not modify your chip, but might produce extra copies to sell on the black market. Current solutions involve introducing keys on the chip that only the designer knows, so the foundry needs to interact with the designer to activate a part. There’s also the possibility of foundries selling malfunctioning parts, which could impact customer trust since the chips are sold in the name of the design company. These threats go beyond modifications. Keying solutions attempt to ensure that the designer knows precisely how many chips are in the market and what their characteristics are.
A third-level threat—piracy—comes once the chips are in the field. I can purchase a competitor’s IC chip from the market and take it to a vendor that will very carefully depackage the chip, delayer it, and then reproduce a blueprint. I could use that blueprint to effectively steal my competitor’s IP. IC camouflaging approaches are ways to design and fabricate ICs that make them inherently resilient to this type of reverse engineering.
Question: How does your work address the issue of ensuring chip integrity?
Garg: We’re looking at a variety of approaches. At the foundry level, for example, split manufacturing involves partitioning a chip into multiple parts, like pieces of a jigsaw puzzle, and sending each piece to a different foundry. Once the pieces are returned, the fabricated pieces can be assembled in a trusted facility. The limited visibility into the chip’s blueprint deters not only IP theft, because no one foundry can see the entire blueprint, but also the foundries’ ability to understand what the chip does and, consequently, modify it in a targeted manner.
More recently we’ve been looking at how we could detect that a chip has been modified, perhaps by a malicious entity at a foundry. Every company in the world tests chips, because some chips are faulty. However, standard chip testing approaches aren’t effective in detecting malicious modifications, because it’s possible to modify a chip such that the modification is activated only after the chip has been in the field for a certain amount of time. We need detection mechanisms that are far more sophisticated than existing techniques.
Question: What are the next steps in your research?
Garg: We’re currently working on what we call a verifiable chip. The chip includes the components that perform the computation you care about, but also additional logic that provides proofs of correctness of the chip’s execution. If I give it an input, it returns a reply. It also gives me additional information that lets me verify that the computation in the chip was done correctly. This general approach might prove useful in addressing the challenge of the chip integrity. We presented a paper at the IEEE Security and Privacy Conference on a preliminary study of this approach. Right now the costs of providing this verifiability is still high. Over the next few years, we hope to bring down this cost, so it becomes practical even for commercial semiconductor vendors. We’re also working on a blueprint design that would allow us to fabricate chips that have this verifiability property.