(This article is translated from Semiconductor Engineering)
As chip designs become more complex and begin to adopt heterogeneous integrated structures, and chip manufacturers store and use more and more data for other designs, data leaks become increasingly difficult to prevent or even trace.
Unlike cyberattacks, which are usually aimed at a specific purpose, such as collecting private information or demanding a system ransom, data breaches can erupt anywhere. And as the value of data increases, their own price may also rise in tandem. But data breaches are harder to identify and stop because they are diverse, unpredictable, and often unintentional. These reasons include:
- Manufacturing defects and circuit aging—electromigration, time-dependent dielectric breakdown, and heat-related damage—can provide openings such as side-channel attacks without actually invading the chip. They can also make it easier for attackers to gain access to important data.
- The knowledge base built for designing chips is itself only for internal learning, but also makes it more difficult to keep track of proprietary third-party IP.
- There is a constant shortage of talent at all levels, from design to manufacturing, which often means that the proficiency and competitiveness developed in one company will work with that employee in other new companies.
Physical reasons
From a hardware perspective, leaks can be caused by chip or package complexity, or they can be due to defects in design or manufacturing. This allows others to extract data without touching the chip.
"Maybe it's not even a flaw, but a weakness that can be exploited in a very clever way," said Raj Jammy, chief technologist at MITRE Engenuity and executive director of the Semiconductor Alliance. So this has to be considered differently. This is not limited to chip-level security. You also have to worry about what happens to the encapsulation layer when everything is placed on one substrate. Sometimes people call it a leak, but this can be one of the weak points that can sense the time setting of a given chip. Once the time is known and the content transmitted is started being read, then it is possible to predict what bits will pass through the data link. This could be a leak, which is non-intrusive, similar to interception. In other parts, weak connections may appear due to aging and may even lead to the impossibility of operating the chip correctly. There is a greater risk that false signals may be sent to adjacent chips or chiplets in the package. ”
This problem is exacerbated by heterogeneous designs, where different chips, chiplets or materials have different life expectancy. Unlike in the past, when all chips were developed on the same process node and integrated into a processor or SoC by a company, these chips are now broken down and sourced from the global supply chain. Various process elements, memories, and other components are developed using different manufacturing processes, sometimes manufactured by different foundries. This makes it more difficult to fuse these parts together and can create weaknesses that can be exploited without touching the device. Typically, this does not provide access to all data, but it may not be necessary to access all data. Depending on the leaked data and from where, this data can also be very valuable.
Peter Laackmann, Distinguished Engineer in Infineon's Connected Security Systems Division, said: "If you have a product based on a small chip, or a multi-chip package, all these chips must work together to guarantee the necessary security. For example, there have been attacks that have a security chip inside, which is certified and performs well, packaged with a standard microcontroller. The problem is that the standard microcontroller completely controls the security chip. After several attacks on the microcontroller, the key is obtained. This means that the safety controller cannot protect the entire system system. The same applies to a wide range of chiplet and multi-chip packages. ”
Laackmann said this may not be a problem for security chips/chiplets because these chips are typically not attacked as much as they do with components. But for other components, aging can cause the circuit to behave abnormally, and this change can be used to collect important data. "Some chips have pins to provide the internal core voltage. If they are accessible, the internal core voltage is accessible, which is usually smoothed with an external capacitor. If these capacitor pieces are destroyed, a good side-channel analyzer can be created. And this is unpredictable. In addition, some faults or spikes can also be added to the chip's internal core voltage, causing some misoperation to skip operations such as instructions or password input. ”
Chiplets have their own problems. Pim Tuyls, CEO of Intrinsic-ID, said: "When chiplets process data in the future, all computations must be able to prevent side-channel attacks, prevent fault injection, etc. Most importantly, it is now necessary to ensure that the communication channels between all the different chiplets are also secure. This is a challenge in itself. ”
AI/ML and IP multiplexing
It usually attracts attention when a large amount of data flows out of a system. Then install security patches, or replace chips/packages/systems on a large scale. Neeraj Paliwal, vice president and general manager of Rambus' secure IP business, said: "If there is 800 Gbps of Ethernet traffic, then there is a lot of data passing through. Often so much unencrypted data passes through few use cases, and the data transfer speed is still that fast. ”
In contrast, data breaches tend to be more stealthy and harder to detect, and in many cases, data breaches are unintentional. However, after system optimization through AI/ML, it is still almost impossible to track, let alone establish legal protections.
Steve Roddy, Chief Marketing Officer at Quadric, said: "In our business, layer after layer of technology stacks on top of each other, from manufacturing to standard units to higher-level building blocks. These techniques are then used to build other IPs. You can discover valid patterns from previous designs and then apply them to the next design. You take the lesson from the RTL structure and say, 'With this structure, I should put it somehow.'" You're not actually copying anything. But because your input is someone else's RTL, you compare it to other similar products. And this is based on someone else's IP. The mask module is also based on someone else's IP. With AI, will you use your customers' design data to prepare training sets? If so, who owns that customer data? ”
Tracking IP during the design process is another challenge. Simon Rance, Vice President of Marketing at Cliosoft, said: "Turning IP into project IP through reinforcement learning. You can then optimize it for the new and next versions of chiplets or other IPs and get all the real-time data. IPs are provided by a company, while real-time data comes from the field, and you should divide them based on who owns which IPs. It may come from different parts of the globe, so part of the IP is owned by them and part by the customer. So it is necessary to check the metadata to find out who is involved in the IP project. And most of the time, there is no clear answer, and there is no standard. To really solve this problem, a full tracing of who has seen this IP is required, but this is difficult to enforce. ”
This makes it imperative for companies to work harder than in the past to protect their IP. Paul Karazuba, vice president of marketing at Expedera, said, "We provide a lot of detail about what our company does, more than I've ever worked for before, but we've kept some of it, and that's going to continue because we're doing something so different from everyone else." We apply for as many patents as possible to protect ourselves. We still don't want to disclose some of the national secrets that our company is involved in. ”
Increasing industry collaboration is making it harder to protect IP, and the growing popularity of generative AI is compounding this issue. Frank Schirrmeister, vice president of IP marketing at Arteris, said: "What you're dealing with is the best knowledge data, and so far it's been increasing because you don't want to share everything with your customers. AI is a solution that drives optimization, and if there is a big customer, they will want to have their own set of solutions. But with generative AI, when you're dealing with very specific market needs, they can generate a lot of data for their own use. This adds a variety of new copyright and IP issues. ”
Human factor
Since the advent of semiconductors, chip companies' data has been leaking. When people change jobs or companies, they bring with them what they learned in their previous job. Globally, brain drain rates are increasing, and the impact can be seen in IP infringement lawsuits. According to LexMachina, between 2012 and 2021, there were slightly more than 46,000 patent litigation applications in the United States, or an average of 4,600 per year. In contrast, there were nearly 32,000 patent infringement lawsuits in China in 2021, up from about 5,800 in 2010, according to The Law Reviews.
Much of the ongoing litigation disputes between the U.S. and China and Russia involve intellectual property or patent infringement. A 2022 report by the Office of the U.S. Trade Representative cited differences in trade secret protection and enforcement, particularly between China and Russia. "Unlawful appropriation can occur in a variety of situations, including the carrying of portable storage devices containing trade secrets by departing employees, the collapse of joint ventures, cyber intrusions and hacking, and misuse of trade secret owners to submit information to government entities in order to comply with regulatory obligations," the report said. ”
Depending on the complexity of the device being developed, employees often have limited access and the device is being developed and improved quickly, which often falls under the category of data breaches. But the number of breaches and the value of the leaked data have risen to the point where governments seek agreements or impose sanctions. For the chip industry, the value chain, which used to be limited to one company or a limited number of suppliers, is now being broken down into many different parts spread across the globe.
Nevertheless, there is a lot of demand for talent, and there is a lot of demand for engineers with work experience. According to industry sources, the challenge for companies is to create architectures for engineers to break down projects into different teams, each of which cannot see the full picture, and some companies are already working with design teams from different countries. While this can be difficult to manage, it can also limit the value of leaked data.
Looking to the future
Going forward, chipmakers and IP developers will have to work harder on a divide-and-conquer strategy for their employees and be as vigilant as possible to monitor data flows.
"Nothing is foolproof when it comes to security," says Rambus' Paliwal, "and you buy security to make it harder to break through, not to be foolproof." Measurable security becomes very important. That's why the industry can see Siemens acquiring UltraSoCs, and proteanTecs and Synopsys are also heavily invested in it. Now, the structure that helps to be measurable in IP has already been set up. Very smart sensors need to be installed on the hardware to know when something has changed or where there is a potential data breach, and most of these places store confidential data. ”
The more difficult part is tracking the data, which needs to move within the chip company and is used to generate other designs that may not be able to determine the source of the IP. This is especially challenging for machine learning and generative AI, which can store optimized data for future use, a problem that the tech world is just beginning to face. Eventually, standards of conduct and laws will be set, but data will continue to move unfettered internationally across internationally that vary widely in levels of protection.
Data breaches can't be completely prevented, but they can be limited and better managed. Still, this will require a concerted effort across the industry, and it's unclear who will dominate this aspect or when it will happen.
END