Mature methods can show where a chip is shipped, and even restrict where it is being used.
Location verification is gaining traction as a way of strengthening supply chain oversight with minimal effort, fueled by tightening export controls and growing concerns about AI chip smuggling and counterfeiting.
In the past, this kind of tracking was done by having one or more employees literally watch over a production run at a fab, follow the chips all the way to their destination, and account for every sealed crate. That’s an expensive approach, and one prone to potential abuse. It’s hard to account for millions of individual chips at every stage of the supply chain, from the delivery of GDSII code to the fab to final shipment to customers, and it becomes completely unwieldy with multiple dies from multiple sources.
Perhaps more to the point, why send people to safeguard the supply chain when technology already exists to do it better? The answer to that question is complicated and potentially politically charged. But the technology is progressing and improving.
Several main approaches are available to track the location of chips at any moment in time, from manufacturing to their destination, including:
A big plus is that all these rely on relatively mature methods already in use, and with greater granularity than a man-in-the-middle type of solution. Location verification can look beyond where a chip is shipped to where and even when it is being used.
“If you have verification technology, then you can have your cake and eat it too,” said Tao Burga, a technology fellow at the Institute for Progress who specializes in accelerating R&D in AI security. “It’s a way of decreasing the tradeoffs, where you can ship more chips to countries that are maybe semi-trusted, and make sure that those are not being diverted to the countries that are adversarial.”
None of these approaches is perfect — at least not by itself. A global positioning system tapped by a chip or a multi-die package may track every movement, but it also can be intrusive, prone to spoofing, and consume valuable chip resources. So, while adversaries definitely don’t like it, customers aren’t always thrilled with it, either. And that, in turn, has prompted some innovations to help mitigate the negatives.
“We have a watermarking technology that relies on pinging neighboring systems,” said Mark Tehranipoor, distinguished professor in the ECE Department at the University of Florida, and co-founder of Caspia Technologies. “If you move one system away from the rest of the system, the system would know that. So as a result, you’re going to have to move the entire basically neighborhood with you. This is not GPS tracking. It’s local verification. This is less intrusive, but it allows you to show that, ‘Hey, have any of the systems that we sold to, let’s say, Saudi Arabia, showed up elsewhere?’ These systems are always talking to one another. ‘Hey, are you there?’ The other one says, ‘Yes, I’m here.’ So you don’t know exactly where they are, but you know they’re together.”
No one size fits all
What’s becoming apparent is that no one approach works best everywhere. Economic risks and political boundaries can vary greatly from one type of chip or system to another. So even though the goal is the same, solutions can vary greatly based on the need for location precision, as well as the power, performance, and cost required to ensure that information is correct.
Ping technology, for example, is already being used for data sovereignty purposes. At the base level, a location can be pinpointed by sending a ping from a server with a known location to another server where data is stored, and measuring the round-trip time for the ping to return. The challenge is determining whether those pings are correct.
“This is solvable with authenticated network connectivity,” said Scott Best, senior director of silicon security at Rambus. “There are solutions out there that say, ‘If you pick three Google servers around the world and you measure the ping response time to each of them, you can triangulate and figure out where you are in the world. The internet can only communicate a ping at about two-thirds the speed of light, which gives you about 20 milliseconds from coast-to-coast in the United States. It’s a surprisingly short amount of time to measure these things. The problem is that if you take one of those systems and put it into a private data center, you can spoof all of the Google servers that you want, so your chip will be perfectly happy thinking, ‘I’m only 5 milliseconds removed from a Google server.’ No, you’re not, but they’re spoofing all of the IP addresses your chip is trying to contact to figure out where it is. But if you add an authentication component to that with sufficient authentication of the network traffic, and you have a security processor that runs a full networking stack like ours do, then you could include those authenticated network measurements as part of your boot process. So now you can say, ‘I am reliably within distance of these trusted geo-location servers so that I can, to a limited degree, know that I’m operating in North America and not northeast Asia.”
In high-value chips, such as those used in AI, a security layer can be added to cryptographically sign the ping and send it back as soon as possible.
“Real-time location tracking implies that you have a way to establish what your location is, and there are a bunch of ways to do that,” said Mike Borza, principal security technologist and scientist at Synopsys. “Almost all of them involve some kind of radio or network technology that gives you an idea of where they are, and that means there’s something embedded in the device that’s trying to figure out where you are all the time, and doing that at low power. This has implications for what technologies you need to incorporate into the chip that you may not otherwise have needed, just to be able to localize where it is operating right this minute.”
It also needs the proper infrastructure to make it work. “It implies that people map all the stationary wireless things in every spectrum, including Bluetooth devices and ZigBee devices,” Borza said. “Are you going to map all the Wi-Fi hotspots, as Google did several years ago? That database is now quite obsolete and needs to be updated. But if those are the kinds of technologies that are being used to localize the device and understand where it’s operating — and people are talking about geofencing, as well, so devices stop operating when they move into a particular locale — then you’re going to have huge costs. It’s going to drive down battery life, drive up power consumption, and it will require huge amounts of software. And it’s one of those things that can be easily defeated by people who want to continue operating those things.”
It also increases the cost of chips. Erik Wood, senior director of cryptography and product security at Infineon, conducted a gap analysis in 2020 to figure out what it would take to embed location tracking, using isolated secure rooms in one of Infineon’s subcontractor’s facilities to do final programming and testing there.
“That would take a $2 microcontroller and make it a $5 microcontroller for all kinds of reasons,” said Wood. “You have to have a minimum quantity. You have to guarantee full capacity utilization. And the rate for using that room and those machines is significantly higher, so it didn’t make practical sense. So what we ended up doing was instituting and relying on our chip-based security so we can trust that device can be cryptographically identified as an Infineon-origin provenance chip. It can go through all these steps, and then if the customer wants to and cares about it, they can do a backward look that assures them that even if they don’t see the paper trail on a chip, they’re assured that nowhere during that paper trail did this device get compromised.”
Infineon currently provides a cryptographic proof of origin to customers.
“What we do is we put a cryptographic key in at our origin, at factory, and then that protects the device all the way through the supply chain, such that when the end user, the OEM, gets that device,” Wood said. “The only way that they can actually take over the Root of Trust is by going online and getting what’s called a CSR, a certificate token that comes out and gives them the ability to take over the security, load in new policies, load in new keys, and do what we call an entrance exam, where it checks all the non-volatile memory to make sure nothing is there that wasn’t intended to be there.”
Geofencing takes this one step further. Location verification only confirms a chip’s approximate location. Geofencing can restrict or disable a chip’s functionality if it’s outside an approved area.
“[Verification] doesn’t really add a new attack surface,” Burga said. “Geofencing is a very different thing. Of course, if you’re creating the capability to remotely shut down chips, that could create new security vulnerabilities. Whichever body is able to shut down the chips might do so unilaterally, even if allocation data is inconsistent. And if that’s not a concern because you have a multi-party system, you might still be creating a way for non-trusted actors to access this functionality and use it.”
For this reason, Burga said, geofencing proposals remain controversial, while verification is seen as more feasible in the near term. But all options are on the table.
According to a report from the Center for a New American Security, a Washington-based think-tank, “On-chip governance mechanisms could help safeguard the development and deployment of broadly capable AI and supercomputing systems, where on-chip mechanisms could prevent or place boundaries around unauthorized actors’ use of export-controlled AI chips.”
Moving targets
What can be shipped where is complicated, changeable, and often vague.
“The Bureau of Industry Security, which creates the export controls for advanced AI chips, ships chips to destinations to which licenses are issued or licenses are not required,” Burga said, “You can send chips to some countries, you can’t to others, or you require a license that’s just not issued, and then after the chip has left the shipping port there’s really no way to locate it. You can do in-person inspections, but those don’t really happen.”
Reporting from the Institute for AI Policy and Strategy suggests that AI chips diverted from countries like Malaysia and Singapore have been turned over to China and sold to start-up companies there. “It’s kind of an honor-based system,” Burga said.
This kind of gray market subterfuge also opens the door to other problems. “The supply chain was always interested in whether a chip is authentic in the system I have,” said Rambus’ Best. “Can I prove it’s authentic? And can I chase down traceability so I know how it got here, and that it wasn’t stolen out of a system, re-manufactured, and given to me? And if it’s been modified in some adversarial way, can I monitor the traceability?’ Well, now you have a diversion problem. What if that system is picked up in Canada and flown to North Korea, and now it’s operating there? Can we detect that? They don’t care so much about traceability. They’re happy to just take that chip and use it in a private data center.”
Uncertainty ahead
The U.S. government has signaled interest in location verification as part of its broader strategy for AI and semiconductor security. The CHIP Security Act includes provisions for verification, though amendments under discussion would allow companies to use in-person inspections as an alternative.
“There was a clear signal from the AI Action Plan that specifically called out location verification as something that government should explore further,” Burga said. “This is a signal of the general direction in which the administration is going. It’s no coincidence that this happened because the new administration’s policy is very much export control-focused, but also export promotion-focused.”
Location verification seems to fit the trending policy direction of supporting U.S. technology exports while addressing national security concerns. “A lot of people have been excited about this because it’s a low-lift intervention,” he said. “There are other proposals for how you might make chips more secure, but these would require more R&D, and it’s unclear if they might be feasible, especially in the short term. Location verification stands out more as not creating many downsides and just creating a huge improvement in the ability to know where the chips are ending up, which could serve both the expert control and export promotion goals.”
Despite this, there are significant privacy concerns and alternative methods of safely delivering chips. What is important to note, however, is the ubiquitous nature of location verification and tracking technology.
“If you read about a government or a bank or an insurance company doing something with location services, it’s a big concern,” said Maarten Bron, managing director at Keysight. “But as soon as you install Instagram, the first question you’re asked is, ‘Is it okay to use your location? You press ‘yes’ without even thinking about it. So the perception of intrusion because of location services also has to do with who is asking for your location.”
It also raises questions about when they are asking, too. “If you look at the data centers, the supply chain also includes end of life, because at some point storage racks will have to be decommissioned,” said Bron. “If there’s a certain percentage of disks that have failed, the rack has to be decommissioned. And how do you erase the data? Oftentimes, what you see nowadays is it’s a cryptographic erase, so the encryption key of the data gets wiped out. That lets you assume the data is gone forever. But what if somebody with a focused ion beam or some other method is able to reconstruct the key that was used to protect the data? All of a sudden, you’re back in business. There are certain unique identifiers in the chip, and there is field entropy that Microsoft and Google would add in after life. But if those security assets could be extracted from a chip, you theoretically could spoof a CPU or a GPU so that it has an entirely different life. So it’s not just about when it hits the supply chain. It’s also about when it’s decommissioned from the data center and gets replaced by something else.”
Related Reading
Infusing Trust Into The Supply Chain
Why another layer of tracking is needed to transform traceability into trustability.
 |
 |
 |
 |
 |
 |
 |
 |
Leave a Reply