The US Defense Advanced Research Projects Agency (DARPA) has selected two teams to implement the Automatic Implementation of Secure Silicon (AISS) project which aims to automate the process of incorporating scalable defense mechanisms into chip designs.
The two AISS research teams are:
DARPA aims to develop the technology to keep problems posed by Internet of Things (IoT) at bay. “As IoT devices rapidly increase in popularity and deployment, economic attackers and nation-states alike are shifting their attention to the vulnerabilities of digital integrated circuit (IC) chips. Threats to IC chips are well known, and despite various measures designed to mitigate them, hardware developers have largely been slow to implement security solutions due to limited expertise, high cost and complexity, and lack of security-oriented design tools integrated with supporting semiconductor intellectual property (IP). Further, when unsecure circuits are used in critical systems, the lack of embedded countermeasures exposes them to exploitation.”
Two teams of academic, commercial, and defense industry researchers and engineers will explore the development of a novel design tool and IP ecosystem – which includes tool vendors, chip developers, and IP licensors – allowing, eventually, defenses to be incorporated efficiently into chip designs. The expected AISS technologies could enable hardware developers to not only integrate the appropriate level of security based on the target application, but also balance security with economic considerations like power consumption, die area, and performance.
AISS consists of two primary research areas that address four fundamental silicon security vulnerabilities: side channel attacks, hardware Trojans, reverse engineering, and supply chain attacks, such as counterfeiting, recycling, re-marking, cloning, and over-production. The first research area involves the development of a “security engine” that combines the latest academic research and commercial technology into an upgradable platform that can be used to defend chips against attacks and provide an infrastructure to manage these hardened chips as they progress through their lifecycle.
Synopsys and Northrop Grumman will each be developing Arm-based architectures that include security engines offering different approaches and demonstrating the modularity of the new AISS-based flows to accept other security engines, potentially including highly specialized engines developed for future Department of Defense (DoD) applications.
In addition, Northrop Grumman, along with IBM, will seek to further enhance technologies first developed under the DARPA Supply Chain Hardware Integrity for Electronics Defense (SHIELD) program. They will use these technologies as a starting point for the development of an Asset Management Infrastructure (AMI) to protect chips throughout their lifecycle. The goal is to implement the AMI using distributed ledger technology, which provides for a high-availability, cloud-based system capable of managing keys, certificates, watermarks, policies, and tracking data to ensure that chips remain secure as they move through the design ecosystem.
Led by Synopsys, the second research area involves integrating the security engine technology developed in the first research area into system-on-chip (SOC) platforms in a highly automated way. In effect, this second research area is focused on performing “system synthesis” or combining the new security-aware electronic design automation (EDA) tools developed under AISS with commercial off-the-shelf IP from Synopsys, Arm, and chip instrumentation specialist, UltraSoc. This capability could allow chip designers to specify Power, Area, Speed, and Security (PASS) constraints on these AISS tools, which will then automatically generate optimal implementations based on the application objectives.
Editorial comment: The AISS has emerged from a Trump administration policy of removing foreign made (read Chinese) components from integrated circuits and other critical electrical electronic components that go into US-made defense equipment.