As EDA Processes Becomes More Secure, So Do Chips

Security is becoming a much bigger concern within chips and electronic systems, but the actual implementation remains something of an afterthought, which limits its effectiveness.

There are many pieces to the security puzzle on the chip design side that go well beyond just securing the hardware or the IP. The EDA tools themselves need to be secure, as well, and so does the user data within those tools.

“Outside of more sensitive applications, like in some government systems and some of the more sensitive installations, security hasn’t really been a priority,” said David Koblah, a PhD candidate at the University of Florida’s Institute for National Security.

This has begun to change, with more vendors focusing on security during the design process. It is also picking up steam within the user community, as concerns about data leakage or IP theft continue to spread.

“This is about side-channel security analytics early in the design cycle,” said Suhail Saif, principal product manager at Ansys. “A lot of news keeps coming out about the hacks that go on against the most popular CPUs — and GPUs, which are susceptible to these hacks now, too. This used to be only a thing for chips with encoded keys for encryption, while decryption codes used to be the ones that were popular targets for these attacks. These days, every chip is fair game for attacks.”

Not every device needs to have the most stringent security measures built into it, and with proper threat modeling the appropriate level of security increasingly is being incorporated into chips during the EDA process. As with any design requirement, the implementation involves tradeoffs, complicating an already intricate process even further.

The EDA process itself is also one that requires security, an issue that has become an even larger priority as chips increasingly become an assembly of heterogeneous components from third-party suppliers.

Implementing security at the EDA level means understanding that security “can be a function, but it can also be a primary set of constraints on the system, or at least a primary set of requirements for the system,” said Mike Borza, principal security technologist at Synopsys. “So what are the security properties of that system? What is the threat environment for it?”

Built-in security
Security is always most effective when it is addressed early in the design cycle, and when those security measures are flexible enough to adapt to new threats.

“By embedding a security feature into the architecture of our products, we ensure that the solutions are resilient against attacks and compliant with industry standards from the very beginning,” said Andy Nightingale, vice president of product management and marketing at Arteris. “Security is a lot like safety in that retrofitting stuff is really tough if you don’t actually have the design flow in place right up front.”

That includes discussions about what is the appropriate security level, and what is required to achieve that level. “One thing we say within the hardware domain is that the lower you go in the design process — when you go from the software to the actual hardware — the possibility of implementing a countermeasure is 10 times harder and it’s 10 times more expensive,” Koblah said. “As you go down the ladder, it gets harder and harder to implement. In my research, I’m starting at the logic synthesis stage. Once we cross the high-level synthesis stage and we actually see the materialization of the digital logic — the gates and all of that — then we’re already implementing. Even with side-channel attack prevention, I’m doing that at the high-level stage, and it’s very important. Ultimately, once you go to the physical level, there’s a whole lot of things you have to think about. The parasitics become harder to predict, and processing variations come with their own problems. But if we start as early as we can, we can simulate, and then we make it easier as it goes down the EDA process.”

Koblah’s research focuses specifically on masking techniques, where security measures are implemented directly into the circuit to “scramble” leakages that can be used in a side channel attack.

“What you’re trying to do is mitigate leakages at the algorithm level,” said Koblah. “A device will always release some form of signal, as long as electricity is going through it. All you can do is mask or scramble that signal coming out to make it harder for the attacker to really understand what’s going on once the attacker starts using probes to find what’s leaking here or over there.”

Koblah said he has yet to see that approach being widely implemented in the commercial chip industry, but it has gotten use within more sensitive areas, such as government and military applications.

Borza agreed that masking has begun to get some attention, even though it’s still early days. “Today, most side-channel mitigations are fairly bespoke, meaning there’s an RTL design, and a design may be done coincident with doing that mitigation,” he said. “That’s the best way to do it, if you can. But a lot of times you’re starting with a core that needs to have some mitigations applied to it. In those cases, a lot of times you’ll find that people know how they’re going to implement something, like masking. That’s a relatively straightforward mitigation to deal with, particularly if you’re doing it in the linear realm as opposed to the non-linear realm. Essentially, they just do the design mitigation by hand. You can imagine that in certain cases you could ask the tools to synthesize for you a masking solution by designating part of the data path that needs to be masked and allowing the tools to do all of the generation on their own. That’s really what’s happening here. Those tools are relatively rare, but they’re around, so people are starting to develop them in a way that allows them to be applied to different kinds of cryptography.”

Addressing security earlier
Shifting left for security becomes all the more important considering that some of the more rigorous techniques can require significant PPA tradeoffs. Aside from masking, Koblah said some researchers have begun experimenting with a mesh-like grid on the bottom of chips that contains a fail-safe. If an attacker tries to probe it with an optical tool, it self-destructs. But implementing a measure like that comes with a cost.

“You will have those tradeoffs. You will definitely have to compromise,” Koblah said. “If you’re doing masking, you’re adding an extra number of gates. If you have the mesh, the shielding, you are going to compromise on size a bit. Your shielding may require some extra power for it to be able to implement this security measure that you’re coming up with. If you’re doing hiding, which is one way of mitigating side channel attacks, you may decide to go with implementing noise, the most common form of which is adding some form of noise to mix up the signal or to reduce the clarity of the EM signal that an attacker would be breaking in to. But then you have to have something in there that is producing the noise, and that would require some power as well as area. Those are all compromises.”

Saif noted that doing security analytics on an entire chip would be overkill because while security measures do come with a cost, that only affects a small area of the chip. “You wouldn’t need full-chip security analytics because 99% of the design or more either is not holding any secure key or protecting any secure pattern,” he said. “The attacker won’t benefit from attacking the whole chip. The attackers are also smart. They know what part of a chip to attack because they are interested in reading the patterns from a very particular part of a chip to know what is the secret sequence that is being used for either encryption or decryption, for example.”

Protecting EDA
Designing chips that are fortified against attacks may be the end goal of implementing security into the EDA process, but the process itself requires security to prevent the theft of valuable IP. The EDA software itself can be a precious resource and tempting target for attackers, as well.

“People find nefarious means and ways of stealing and siphoning off data, using licensed software without paying the full license fee, etc. The tool companies have adjusted to make it smarter,” said Nightingale.

One way that EDA companies can do this is by transitioning their tools and processes toward the cloud, with security concerns as a primary driver for those shifts.

“Arteris does this in countries that we can ship to, obviously legally, but which are less stringent about copyright law,” said Nightingale. “Instead of downloading our entire IP portfolio for a product and letting customers use it and generate what they want, we allow them to configure it in the cloud. Then, when they’ve got the instance of configuration that they’re interested in, they download that snapshot. They can use that, rather than us basically giving them the crown jewels.”

That still requires some encryption at the data center level, with AES or 256 encrypted data streams flowing back and forth, so anybody coming in on the side just sees garbage ones and zeros flying past, he noted.

“Another aspect is the access control itself,” Nightingale said. “If you’ve got an access control mechanism in place, you’ve got multi-factor authentication. You’ve got role-based access control. Then, only the authorized person can get in and get the data. Instead of trying to steal a piece of IP, you can only get a single instance of a configuration.”

Borza said one part of security is relying on trust and contractual obligations but there are also protocols for encryption of RTL even though some companies have chosen to opt out of that.

“The encryption, the RTL encryption protocol, is designed to allow you to use encrypted RTL in simulation and also in the synthesis flow,” Borza said. “The security of it is not huge, but the difficulties of dealing with encrypted RTL are such that a lot of people choose not to deal with it. So for the most part, the larger IP companies are using unencrypted RTL for most deliveries. It’s only select things that are encrypted, and the tools are designed in such a way that they protect against easy access to encrypted RTLs so they appear as essentially black boxes to somebody who’s trying to look inside the thing using a waveform displayer or those kinds of things. But really, if somebody wanted to look inside, they would be able to get in there and do that, and that limits the value of that protocol.”

Securing IP during EDA is something EDA companies take very seriously. “We go through ISO certification for maintaining security levels in our EDA solutions,” said Ansys’ Saif. “We partner with an ISO certification agency in Germany. We work with them every year. They do site inspections, review the protocols that we follow in each of our EDA tools, and they issue the ISO certificate that we include with our product that goes to our customers with every release.”

Synopsys also goes through ISO certification, and Borza noted doing this is especially important for certain chips. “All of our products go through the ISO 9000 quality program,” he said. “In some cases, such as for automotive programs, there are standards that are equivalent or are similar, so we go through those, as well. For some of the specialized products that are targeting automotive and similar kinds of critical applications, especially safety-critical applications, we certify products and parts of our tooling for ISO 26262 as well as ISO 21434, which is the cyber security standard.”

Other EDA tool providers have similar measures in place. Rob Knoth, group director for strategy and new ventures at Cadence, noted that ISO 27001 is a particularly valuable framework for cybersecurity practices. It can help engineers assess risks, protect data from unauthorized access, meet regulatory requirements, and ensure measurements are continuously evolving to meet new threats.

Conclusion
While security is becoming more pervasive during the EDA phase of development, the EDA process itself is becoming increasingly secure. Tool providers are focusing more on protecting their IP by transitioning services and tools to the cloud to protect against those who would reverse engineer their products and get away with not paying their licensing fees.

Still, security does not come for free. It necessitates tradeoffs, despite only being implemented on a tiny part of any given chip. Having security as an integral part of the EDA process can mitigate some of those effects, or at least quantify them. For example, techniques like masking can throw off attackers, but they require some extra power or area. By including security in the EDA process, it becomes possible to know just how much those tradeoffs are affecting design so that designers can account for the costs.

Related Reading
Hardware Security Set To Grow Quickly
As vulnerabilities become more widespread and better known, industry standards will have to keep up.
Chip Security Now Depends On Widening Supply Chain
How tighter HW-SW integration and increasing government involvement are changing the security landscape for chips and systems.