Disaggregation, varied protections, and time to market demands make security an increasingly challenging problem for engineers.
Data security is becoming a bigger concern as chips are disaggregated into chiplets and various third-party IP blocks. There is no single solution that works for all designs, and no single tool or methodology that addresses everything in any design.
Data is being transmitted across time zones, political borders, and even across multiple designs. Laws and the need to comply with standards may vary greatly from one country to the next, and the IP that is used in one design may come from multiple countries or be sold into markets where the regulations are very different. In some cases, protected IP may be included in a design without the design team even knowing it’s there.
“What if it’s a heterogeneous design?” said Paul Karazuba, vice president of marketing at Expedera. “Is it a heterogeneous design where we’re contributing an NPU and someone else may be contributing a CPU, or whatever else might be inside of it? Understanding the security provenance of each one of those while also protecting it from IP leakage is absolutely a concern. Even transferring data within Expedera, we have to have extremely secure systems to make sure someone’s not reading that data transmission.”
To ensure all this data gets to whoever needs it in a secure manner, industry leaders have come up with several solutions, including some novel approaches. But ultimately it’s up to the design team to keep track of all the IP, particularly with heterogeneous designs, whether that’s chiplets or embedded code, and to assess the risk of data loss through one means or another and what the impact of any loss will mean competitively or legally.
The problem
With planar SoCs developed by one company, this was simply a matter of keeping track of third-party IP licenses. But as chips become more complex and heterogeneous, design data can become significantly more valuable. In many cases, the threat of data theft or unintentional leakage still isn’t being fully comprehended or taken seriously enough.
“Any form of encryption is better than no encryption, but most don’t encrypt,” said Simon Rance, director of product management at Keysight. “The most security we see usually is our Data Management SOS, which has access controls and restrictions. A senior-level manager or an admin will say, ‘This person can see this, or they can write this into this directory or folder. But this person is not designing the data, so they don’t need to manipulate the design data. They only can have read-only access to that, but they can have read and write to the test and verification data, because that’s what they’re responsible for.'”
The problem becomes more complex when data moves across international boundaries. Patent laws can vary greatly. So do laws pertaining to what sort of technology can be shared with foreign entities, such as controls imposed on China and Russia by the United States and Europe. And different versions of IP, software, and designs may slip through the cracks of even well-constructed security policies.
At the same time, too much security can slow progress, bogging down designs with who has access to data at any time. In some cases, only one person may be able to work on a portion of a design at a time. In others, they may both need to sign off on that work, even if they are in different time zones.
“We’re trying to build something great out there, but we have to be careful that we’re following the law and we have to be careful, as what is being produced here is produced in other places,” said Prem Theivendran, director of software engineering at Expedera. “The laws are set up by our governments to basically favor our technology. We want to do better as a country than others, and to protect people and jobs. So the way we navigate this is by setting up different parts of a design in different countries, basically following the laws and saying, ‘Maybe Singapore could design just the communication interface like the AXI blocks, the direct memory access (DMA) blocks, and the AI stuff is actually done here.'”
That works in theory, but it also requires an understanding of how data moves within a company, between employees, and between companies. “As an IP company we have to be careful with what we’re sending,” Theivendran said. “We’re sending it to different countries. The way people treat data in different countries is not the same as in the U.S. We have patent laws, we have things in place to protect us if stuff goes bad. I don’t want to send data and then see it on GitHub tomorrow. So we have to do things that protect the company. As a startup we don’t want to fail because of silly things like this.”
Eliminating human error
Human error and negligence are something every company needs to address on a continuous basis. In fact, many design data leaks are the result of hackers accessing emails, Zoom calls, and Excel spreadsheets, not the encrypted data.
“It’s easy to open those things up and crack them,” Rance said. “If somebody accidentally sent an email to the wrong recipient, it’s already out there. What we’ve been seeing is that a lot of our customers are doing just that. They’re transferring all this data in various formats and they’re often just doing it through email, or a Teams or Zoom meeting, or some type of chat. It needs to be more formal than that. It needs to be transferred from one database to another type of database server.”
Another solution is to establish and enforce proper procedures at the institutional level. Arteris, for example, follows the ISO 9001 standard for defining and controlling processes. “That puts processes in place for everything we do in the organization,” said Andy Nightingale, vice president of product management at Arteris. “We’ve also got a layer of training that we have to comply with,” which includes security training videos that dictate what information is secure and what isn’t, as well as best practices for maintaining that security. “At the end of the day, because we are well-trained, we maintain the integrity of the data. If you have an untrained, irresponsible individual, they can cause a problem.”
Solutions
Nightingale suggested a number of ways that companies can protect their data, both from corruption and from bad actors. He emphasized having a single source of truth for data, either local or remote, for all teams involved in a project in order to reduce discrepancies and potential security breaches.
“Obviously the key thing is to have tooling that reads the data set in a standard industry format and is a database,” he said. “So effectively, pick your favorite database and pick your favorite management data management system.”
Other requirements include data encryption, when data is at rest and in transit, siloing off data via a role-based access control for sensitive data, and regular audits and compliance checks. All of this can be annoying for design teams, but the alternative can be much worse.
“It’s a problem we see every day,” Nightingale said. “Someone tells me, ‘Oh, I haven’t got access to this data.’ But this is this is the cost of being secure. It sounds like somebody with a clipboard, who’s annoying you right in the middle of trying to work out a problem, but it’s true. You do have to have an audit on the process to make sure the users have been cleaned up who are not working anymore. The information is still going to the right places, should the different sites still have access generally to a database? For concluded projects, we shouldn’t leave the access open. Is it complying to the security protocols, the IT protocols we’ve set up? Are there any potential vulnerabilities, like if we did an audit and somebody had forgotten to take three people off the project that are now working for a competitor?”
Michael Munsey, senior director of technology solutions sales at Siemens EDA, noted that data protection can happen at multiple different levels, from base levels like file control and access rights, all the way up to location-based protections, where a set of IP ranges can be used to restrict data flow geographically. That can help prevent hacking, as well as smoothing out any legal peccadillos.
“It also counts for things like packaging of IP,” Munsey said. “You could have the case where you’re working on something that is exportable. But then you happen to grab a piece of IP and instantiate it in your design, and that IP is not exportable. So the question now is, ‘How do you associate that new piece of IP you’ve just created, even though you thought it was exportable?’ You may have inadvertently included non-exportable IP at a low level. That would put the onus on the person to be able to requalify his IP, provided he knows he did it. So you either have to have a system in place that will automatically reclassify the IP that’s not exportable, based on what’s been substantiated underneath it, or just limit that IP from ever being able to be seen when it leaves the area in which it’s supposed to be in first place.”
Blockchain technology provides another possible solution, where any changes or movement are recorded across multiple ledgers. Rance said these ledgers can provide an in-depth view of who had access to any given piece of data and when. This strategy has already been deployed for some extremely secretive projects, such as those involving the U.S. Department of Defense.
Keysight is incorporating blockchain into some of its data management tools, but how and where it’s useful will vary.
“It depends on the level of information you have to apply that to,” said Nightingale. “So top-secret information, absolutely. We’ll probably have a blockchain associated. The list of who’s going for a coffee after work might even be encrypted. But you’re not going to have a blockchain for the office party list. It really depends on the categorization of the data. You’re assuming the data you’re dealing with enables you to apply the appropriate amount of encryption. If it’s a particularly important contract that requires such levels of secrecy, then we apply the appropriate measures.”
Conclusion
Every day, massive amounts of EDA data is transported around the world, holding the secrets to the next generations of chips. Some of this information is highly valuable and requires securing, particularly if it involves moving that data across international borders. But there is a tradeoff with data security, because it can hinder access to those who need it and slow the design process. Put simply, there is no one-size-fits-all solution, and even the most secure solutions, such as blockchain, aren’t bulletproof.
“It’s not foolproof,” Munsey said. “There still has to be more development that goes on to guarantee the security you expect from blockchain-type code. We still hear cases out there of people losing their crypto, or crypto being hacked. It’s definitely heading in the right direction. When we talk about the supply chain, you’re getting IP from a third party, or you’re co-developing something with somebody else. There is no guarantee a third party hasn’t gotten into the transfer to somehow hack or insert any unwanted code into the process. This will be just one more of the tools that are out there. It’s going to be a combination of access controls, geolocation services, blockchain. It’s going to be more than one thing that’s going to provide security moving forward.”
Related Reading
Securing The World’s Data: A Looming Challenge
An influx of connected devices, more compute options, and the rapid growth of generative AI are making it much harder to prevent attacks.
Data Center Security Issues Widen
The number and breadth of hardware targets is increasing, but older attack vectors are not going away. Hackers are becoming more sophisticated, and they have a big advantage.
 |
 |
 |
 |
 |
 |
 |
 |
 |
Leave a Reply