Supply Chain Corruption

It’s more pervasive than you think.

popularity

The more the chip supply chain relies on third-party sources, the greater the risk for a design containing potential malicious code or functions.

Today, complex and sophisticated ICs are ubiquitous in virtually every industry. They are being relied upon, as never before, to control critical infrastructure subsystems such as power, finance, communications, and transportation.

In a recent report, John Villasenor of the Brookings Institute, wrote that “the supply chain is almost completely unprotected against a threat that may turn out to be more significant in the long term. Chips could be intentionally compromised during the design process, before they are even manufactured.”

Even if Villasenor is only partially correct, that should have the supply chain scrambling to figure out what is going on. And Brookings isn’t the only one banging the drum.

“Sensitive device identities and cryptographic keys may be provisioned in the clear over testing protocols,” said Craig Rawlings, senior director of business development for Rambus’ Cryptography Research Division. “Even sensitive areas such as secure boot may be made vulnerable through leaks in the supply chain.”¹

What’s going on?
There are a number of circumstances that precipitate this supply-chain susceptibility. One of the most troubling involves non-genuine ICs of various flavors, particularly FPGAs. Such chips fall into various categories. Examples of these types of devices and techniques include:

  • Empty packages. As the description implies, these are chips that are externally identical in every way as the original, but simply have no circuitry inside.
  • Samples. These are legitimate parts but are the samples of the line. While they may have all the functionality of the production run, in many cases they contain additional circuitry or different parameters. For example, Intel PC microprocessor samples are often “unlocked” so their specification can be modified, i.e., timing, voltages, or clocks can be manipulated beyond those of the production units.
  • Blacktopping. This is a process in which a thin black epoxy coating is applied to the top of a component so that a new part number and date code can be printed on it. Typically this is done for non-military-grade components so they can be reclassified as military-grade, but it is finding its way into other market segments, as well.
  • Untested or uninspected units. These are production runs that are not “on the books.” Typically, they are run on the same assembly line as authentic parts. However, insiders at the facility may run the assembly line after hours, or weekends, producing parts that fall outside the official supply chain, without and QC, that the insider then sells directly for their own profit.
  • Salvaged chips. These are chips that have been harvested from discarded systems, relabeled, perhaps reprogrammed, and sold as new to a variety of segments, even aerospace and defense.

Such counterfeit chips can cause any number of problems, from keeping the device from functioning out of the door to exacerbating the failure of devices. Sometimes they aren’t even the right chips. Others can have secret back doors programmed into them as well as “back ops” that can contain any number of potential malevolent codes. Such code can be set to engage months, even years later to corrupt the system or “exfiltrate” data from the systems they are installed in. Such compromises are not that much of a problem in places such as the United States, Japan, Korea, and other high-tech, nations, but they are an issue in less structured countries such as China, Mexico, Brazil and Russia.

Another major vulnerability in the supply chain is that many, if not most, of today’s chip manufacturers are fabless. That means much of the actual hardware is manufactured in a distant location, often where it is cheapest. That adds a new window of opportunity for malicious activities that can breach the supply-chain – foundry mischief.

This is a huge potential problem. A “malicious” foundry, for example, can execute a number of underhanded activities, including stealing the mask, reverse engineering proprietary IP, subverting the hardware through back doors and time bombs, and producing counterfeit chips.

According to Rawlings, “Fabless supply chains are much less secure in general than their counterparts. Additional infrastructure is required to secure the fabless supply chain. Security benefits significantly from the availability of a hardware root of trust in the SoC architecture. This additional endpoint security in the devices being manufactured enables robust security within a fabless supply chain.

While most fabs have tight control over offshore foundries, such subversion occurs—and with more frequency than one would like to think.

Best practices in security
How does one go about analyzing, identifying, and defending against such weak spots? There are certain philosophies that optimize the supply chain and minimize the potential for corruption. “The strongest defense against software attacks is a hardware root of trust,” said Rawlings. “By implementing a hardware root of trust, software attacks may be largely eliminated.”

Another effective approach is the practice of domain separation and isolation. This is perhaps the most fundamental principle of secure systems, and plays a huge part in design tool subversion, especially when implemented with a root of trust. The idea condition is complete isolation, which means that the principles are a protection system, separated into compartments between which no data or control interchange is possible.

Of course, this type of configuration is not practical. No system can work in complete isolation, and data, and communication sharing must be allowed. But because specific components of the chip may be more sensitive than others (cryptography elements, for example, or highly secure keys and secret data), processes exist that can put secure layers between them. This, in essence, defines the blocks of the IC as close to isolated as can be achieved.

A prime example of this is with an encryption core. Providing assurances on isolation of cores permits the use of IP cores with various levels of trust. In this way, design tool subversion problems are, to a large extent, similar to those found in multilevel security (MLS). The IP cores may hold information with different sensitivities (e.g. security levels). They should allow access to information and communication only to those IP cores that have appropriate permission and prevent IP cores from obtaining information for which they lack authorization.

“Additionally, good system security architectures have security boundaries or perimeters for reducing the surface area or opportunity for any successful attack on the system,” Rawlings noted. “Again, having a robust hardware root of trust helps to establish a security perimeter within the SoC for handling sensitive operations, reducing system vulnerabilities.”

One pertinent point Rawlings makes is that “in today’s competitive landscape, there simply is very little time to obtain the know how to infiltrate a hardware design and corrupt it in a planned out way. There are methodologies, in addition to what has been discussed, that can offer further protection such as signing and encrypting the design code and doing extensive back-end testing to assure the integrity of the design.” This, at least, provides some measure of confidence that the chip is resistant to compromise.

The value proposition
Because semiconductors exist in a cost-driven marketplace, most of today’s ICs use at least some common off-the-shelf components (COTS), and that is not going to change. These are mostly in the form of third-party IP, which should be considered a top security issue because much of it is integrated into the chip as trusted code, regardless of whether it actually is.

There is a growing recognition that COTS isn’t as pristine as some of these vendors would like us to believe. And because much of what will be part of the IoT/E will be autonomous and cheap, the use of COTS is only going to increase, as will its library of products. As momentum picks up for the Internet of Things/Everything, Cloud of Everything (IoT/E, CoT), the need to encapsulate this potential security risk becomes even more pressing.

Security issues with present-day COTS include such things as:

  • Undocumented or unverified code;
  • Sloppy programming that opens the devices, especially IP, up to intrusion. This is becoming especially prevalent with stolen IP, or IP that has been compromised from within (programmers with ulterior motives);
  • Core flaws;
  • Software security flaws that can pass through to the compiler, and
  • Dependencies that can open doors to core corruption.

There are others, of course, and more will be discovered as the IoT/E, CoT evolves.

When it comes to COTS, third-party IP, or any open-source material, most experts say it is a good practice to not only acquire IP from well-trusted and well-proven sources, but also to have the tools in place to verify the integrity of the IP being sourced.

Even if chips can be secured by means such as those mentioned earlier, and especially with easily modified chips such as reconfigurable FPGAs (R-FPGA), there are the issues of verifying versions and authenticity of COTS material. For reconfigurable devices, especially, the security becomes a bit more complex. Since things change regularly in an R-FPGA, techniques such as data stamping (date, time, version, etc.) must have some form of encryption to ensure the integrity of the data or code. If something like this isn’t implemented, a hacker could easily swap out configurations and use the device for whatever they have in mind.

Conclusion
Supply chain security is a moving target. Requirements vary for securing fab and fabless supply chains. For the fab variety, Rawlings says that “for high-security devices such as secure elements used in smartcards, factories are vertically integrated with a high degree of physical security throughout each of the manufacturing stages. There are strict procedures for the handling of all sensitive manufacturing steps. This creates a high degree of overhead, complexity, and rigidity (inflexibility) in the manufacturing process, and the process is documented and fully controlled.”

For the fabless side, Rawlings notes that “additional infrastructure is required to secure the fabless supply chain, because security benefits significantly from the availability of a hardware root of trust in the SoC architecture. This additional endpoint security, in the devices being manufactured, enables robust security within a fabless supply chain.”

On the COTS side, there is a long way to go. There is little in place now to secure third-party IP or components. However, once a major breach occurs—and it will—and it can be linked to COTS, the industry should react and start getting thing done.

Finally, the issue around phony chips is a sleeping giant that is beginning to wake and gain momentum. But more needs to be done. It is difficult to arrest in locations where manufacturing is weakly monitored but addressing it isn’t really an option, especially with the IoT/E, CoT. The demand for cheap chips won’t go away but the implications are alarming if the market gets flooded with bogus chips, low-end or otherwise.

1. John Villasenor is a nonresident senior fellow in Governance Studies and the Center for Technology Innovation at Brookings. He is also a professor of electrical engineering and public policy at UCLA.