When fabs go rogue
Scientists at the NYU Tandon School of Engineering have designed a new form of application-specific integrated circuit (ASIC) designed to spot hidden vulnerabilities deep within a processor’s design.
Very few people run their own chip fabrication plants these days. Most processors are designed by one firm, which then outsources the actual building of the hardware to a company that has already spent many billions putting together a manufacturing facility.
The fear is that a contractor might try and slip a hidden piece of architecture that could make the hardware insecure.
The ASIC that he and his team have designed would constantly scan the main processor for errors that could be indicative of a hardware trojan at work. You’d have to make sure the ASIC was built by a totally trusted fab operator, but once that was done, it should protect against built-in problems.
“Under the current system, I can get a chip back from a foundry with an embedded Trojan.
It might not show up during post-fabrication testing, so I’ll send it to the customer,” said Siddharth Garg, an assistant professor of electrical and computer engineering.
“But two years down the line it could begin misbehaving.
The nice thing about our solution is that I don’t have to trust the chip because every time I give it a new input, it produces the output and the proofs of correctness, and the external module lets me continuously validate those proofs.”
The team are now working on improving the design so that it limits the amount of processing time and power needed to check for hidden trojans or security flaws, and then get a chip built for testing – hopefully from a trusted supplier. ®
Sponsored: Global DDoS threat landscape report