Security Issues Up With Heterogeneity

The race toward heterogeneous designs is raising new security concerns across the semiconductor supply chain. There is more IP to track, more potential for unexpected interactions, and many more ways to steal data or IP.

Security is a difficult problem no matter what kind of chip is involved, and it has been getting worse as more devices, machines and systems are connected to the Internet. But as different kinds of processors and memories are included in these designs—especially with advanced packaging moving from limited production of high-end chips using IP developed at the same process node to more mainstream implementations, where IP may be chosen on the basis of cost and availability—security is becoming a much bigger concern.

As with all designs, security needs to be an integral part of multiple layers and stages. That begins with risk management even before the architecture stage, and it continues through verification, yield, test, all the way to post-production software updates. But increasing heterogeneity and advanced packaging add some unique twists and problems. Among them:

• No two designs are alike. In fact, one of the drivers behind heterogeneity is that it can be customized for a specific use case or market, and updated either with software or programmable logic as those markets evolve.
• All of the components within a package are not obvious or discrete. Some of these components may be hermetically sealed inside of packages, making them essentially black boxes with no visibility and fewer test options.
• IP and subsystems, which are collections of IP, may be only partially characterized. In fact, they could contain other IP that is sourced from places about which the system integrator has no knowledge.

Large OSATs say cooperation has improved with different IP suppliers. Still, heterogeneity on a single chip, or in an advanced package approach, is just beginning to gain traction. The basic assumption is that different components developed using different manufacturing processes can be chosen based upon the needs of a particular application, whether that is power, performance or cost. But that approach increases security risks because some of the older technologies do not have the same level of security as newer devices, and pairing the two of them creates even more potential for security breaches.

“It’s not easy to standardize a package format or structure,” said Seung Wook (S.W.) Yoon, director of product technology marketing at STATS ChipPAC. “So if you look at 2.5D, the technology is not the issue. We know about the manufacturability and assembly reliability. The major problem is the supply chain.”

Fig. 1: Packaging options for a smartphone. Source: Yole Developpement

What goes wrong in the supply chain
Typical supply chain issues include everything from availability of IP, such as memory, to who is responsible if something goes wrong. Even concerns about security historically have fallen into those general areas.

“We are concerned about the shock to our systems from hackers and industrial espionage, which is difficult to address because we are a loose collective of factories all over the world,” said Bud Natali, director of business operations at ASE. “Each IP department has its own business systems and its own approach, so they’re following global ISO standards to at least be on the same page with how they’re going to address it.”

To some extent, this is an extension of best practices that already have been put into place for continuity of supply. “Our customers increasingly rely on our approach to enterprise risk management and business continuity planning,” Natali said. “In preparation for complex global changes that impact the supply chain, we centrally manage a spectrum of uncertainty from geo and socioeconomic change all the way to catastrophic interruption in the cities where we operate all over the world. We have given an active board presence to the management of risk with strategic short paths for reporting, and access to funding review.”

Securing the supply chain
Supply chain issues are growing, though. Counterfeiting is a well-known problem. But substandard quality also can create security issues. So can integration of multiple components, even if that integration is well engineered.

“If there is a critical component, it’s going to be delivered to us by our customers,” said Ou Li, ASE’s senior director of engineering. “But there are some tricky points. The IP they bought may not be what they expected. In general, we have had good experiences. If it is a standard product in the market, that shouldn’t be a problem. Where there could be a problem is if there is something new. We do have a legal team and the supplier and the buyer go through a process. We haven’t run into legal issues. But we do have quality issues where the part we purchase isn’t up to spec. What we’ve found effective is to work with our customers ahead of time to create a final spec at the supply chain level. Up front, everything is documented, including each part.”

Creating a system in a package adds another level of security risks. One of the reasons chipmakers utilize advanced packaging in the first place is that it provides the ability to create more customized solutions. However, all of these packages contain IP from multiple vendors. That IP comes in the form of silicon, software, and in some cases GDSII code. But not all of this technology is traceable. And in some cases, the seller may not know everything that is in their product.

“Security has many layers,” said Mike Gianfagna, vice president of marketing at eSilicon. “So if you look at hardware-level security and things like anti-tamper, they’re already part of the spec. There isn’t a step-function change, or at least not yet. What we are seeing, though, is more demand for the robustness and security of the supply chain. We need to make sure there is not malicious IP in the supply chain, which may need new certifications. There are requirements by foundries to maintain a level of security for IP, but for advanced designs, those are typically trusted differently than other IP. So if you look at 10nm and 7nm, PDK access is different for those.”

It’s also different for automotive applications.

“If a customer wants to know if this is an actual chip that came from Xilinx, Qualcomm, Nvidia, we have the ability to say, ‘Yes, it was certified on this day, in this factory, and here’s how we did those tests,’” said David Park, vice president of marketing at Optimal+. “Certain electronics companies — think Apple and Samsung on the consumer side — and almost all of the automotive manufacturers, are insanely concerned about quality of these days especially because of autonomous vehicles. As a result, most of the Tier 1 electronics providers — Bosch, Denso, among others — are concerned that there are literally not enough failures in the semiconductor devices themselves. Most of the best suppliers are under 10ppm. Some are as low as 1 ppm as far as defective parts per million. In the electronics world, there’s not enough failures for me to push my suppliers down to 0.1 ppm, so one of the things that’s becoming necessary is the ability to share more data from the electronics tier 1 suppliers back to the semiconductor vendors.”

Sharing data
The push toward heterogeneous designs relies on communication between IP providers, but the semiconductor industry historically has been loath to share any meaningful data. While OSATs say the situation is improving as heterogeneous design grows, data sharing still has a long way to go. And current regulation doesn’t make that any easier.

“A big consideration here is the customer base and the greater regulatory risk that they face from our own government relative to how they move intellectual property around the world, which is necessary when having their designs manufactured by us,” Natali said. “We have to protect their data, but then we have to protect how we use their data because it goes in and out of our custodianship within our supply chain. We subcontract to others and we have things made, and that’s a whole different kind of thing. It’s IT-related, because obviously everything is moved around digitally. But it’s really a secrecy management issue.”

ASE is awaiting new regulations from the Trump administration, which are expected to clamp down on how intellectual property is conveyed from U.S.-based companies to Asian companies. “We don’t know what that’s going to look like yet, but we know it’s going to come our way. For us these are systems things, but it’s going to be mostly internal methods and practices on what types of data can go where and the types of agreements that we have—and our ability to enforce those agreements with other parties like suppliers and subcontractors and things like that,” he said.

There are ways around this, to some extent. Data can be sanitized and still provide enough critical test information to improve the quality of their chips and ensure everything that is in place is exactly what is supposed to be there.

“Most of the semiconductor vendors are really freaking out about this because they all think their Tier 1 or electronics customers are going to get a bigger hammer to beat them over the head on quality,” Park said. “What they forget is that this actually is a two-way street. In one particular case, the Tier 1 vendor had a really serious yield problem at the electronics level but all the devices that were coming in were good. They were passing all the tests that were required. Basically, we found there was a pairing issue—when certain types of devices that met certain criteria just didn’t work that well when paired with other devices. They performed poorly but they both met the requirements that were specified. Tier 1 was able to reshape what they determined to be the criteria needed for their electronic devices to function as specified, with the added benefit that they discovered 80% of the tests they were doing had no impact on determining whether or not that chip would function well in their system.”

Another approach is to track the behavior of the IP.

“Every piece of IP has a set of attributes,” said Ranjit Adhikary, vice president of marketing at ClioSoft. “You can track all of the attributes on IP. So if you have IP that taped out at 10nm for GlobalFoundries, but it taped out at 7nm for TSMC, you can generate a report that shows all of the IP used at the foundries. You can even show if it was version 1.0, 1.1, or any other version. So you know how the IP is being used, and you know exactly who is using its, and that can help tell you whether the IP is secure.”

Standards
One way to get the entire ecosystem on the same page with supply chain security is with standards.

The IEEE is developing recommendations for semiconductor security in its International Roadmap for Devices and Systems. There also are other standards such as the Common Criteria for Information Technology Security Evaluation (CC), and the companion Common Methodology for Information Technology Security Evaluation (CEM).

The Common Criteria Recognition Arrangement (CCRA) is meant to ensure that IP can be evaluated by competent and independent licensed laboratories to determine whether it is secure enough. It relies on Common Criteria, which defines the certification process. From there, products can be tested and certified, almost the way electronics are UL certified.

“Common Criteria is an international standard, and it’s now an ISO standard, but it didn’t start out that way,” said Robert Bates, a safety manager at Mentor, a Siemens Business. “Now, it’s an agreement across all of our traditional allies on how to define and verify security in devices.”

Common Criteria comes in two parts. One is the ISO standard, which is more high level, general guidelines and principles. Written in NSA speak, it’s a little obtuse but basically defines a framework, which then requires someone to create a protection profile for certain classes of devices. The Common Criteria portal contains a collection of all of the currently existing protection profiles and they are more for things like a separation kernel which was controlled by the separation kernel protection profile.

“If the supply chain is delivering products and they can prove conformance to a protection profile that tells you something, it tells you quite a bit actually—especially if it comes from some kind of well-respected provider,” Bates said. “There’s a fairly recent protection profile for a communication module for water tracking systems and basically tells you what you need to think about when you are creating such a thing. The protection profile itself came out of Turkey, and you can basically say that if you are creating this kind of device that if you are compliant to this protection profile, can prove it, that will then show that it can fit into these kinds of networks. It’s worthwhile only if either someone has the wherewithal to write the protection profile or if one already exists and you have the wherewithal to actually adhere to it.”

Whether this is good enough for truly securing devices, or whether this is simply a best practice for liability purposes, is unclear at this point.

Asaf Ashkenazi, senior director of product management in Rambus’ Security Division, said it’s unclear which standards can be truly effective at this point. “There are so many standards for security, but which one do you implement? You can’t implement 30 of them, but if you don’t have them included in your product, what is the impact?”

One of the big problems is that for devices that are expected to remain reliable for more than a few years, security will require regular updates. Standards put in place today can’t keep up with those changes.

“Devices will have to adapt, but who will pay the price for that,” he asked. “We need a combination of education, cost, financial and regulatory incentives, and at this point those are not completely established. It’s getting better, but it’s not there yet.”

—Ed Sperling contributed to this report.