Microarchitecture Vulnerabilities: Uncovering The Root Cause Weaknesses


In early 2018, the tech industry was shocked by the discovery of hardware microarchitecture vulnerabilities that bypassed decades of work put into software and application security. Meltdown and Spectre exploited performance features in modern application processors to leak sensitive information about victim programs to an adversary. This leakage occurs through the hardware itself, meaning th... » read more

New Concepts Required For Security Verification


Verification for security requires new practices in both the development and verification flows, but tools and methodologies to enable this are rudimentary today. Flows are becoming more complex, especially when they span multiple development groups. Security is special in that it is pervasive throughout the development process, requiring both positive and negative verification. Positive ver... » read more

What’s Required To Secure Chips


Experts at the Table: Semiconductor Engineering sat down to talk about how to verify that a semiconductor design will be secure, with Mike Borza, Synopsys scientist; John Hallman, product manager for trust and security at Siemens EDA; Pete Hardee, group director for product management at Cadence; Paul Karazuba, vice president of marketing at Expedera; and Dave Kelf, CEO of Breker Verification. ... » read more

How Secure Are RISC-V Chips?


When the Meltdown and Spectre vulnerabilities were first uncovered in 2018, they heralded an industry-wide shift in perspective regarding processor security. As the IBM X-Force Threat Intelligence Index put it the following year, "2018 ushered in a new era of hardware security challenges that forced enterprises and the security community to rethink the way they approach hardware security." R... » read more

Chip Backdoors: Assessing the Threat


In 2018, Bloomberg Businessweek made an explosive claim: Chinese spies had implanted backdoors in motherboards used by some high-profile customers, including the U.S. Department of Defense. All of those customers issued strongly worded denials. Most reports of hardware backdoors have ended up in exchanges like these. There are allegations and counter-allegations about specifics. But as hardw... » read more

Hardware Dynamic IFT Mechanism That Scales to Complex Open-Source RISC-V Processors


New technical paper titled "CellIFT: Leveraging Cells for Scalable and Precise Dynamic Information Flow Tracking in Hardware Designs" by researchers at ETH Zurich and Intel.  Paper to be presented at USENIX Security 2022 (August 10-12, 2022) in Boston, MA, USA. Partial Abstract "We introduce CELLIFT, a new design point in the space of dynamic IFT [Information flow tracking] for hardware. C... » read more

Verifying Side-Channel Security Pre-Silicon


As security grows in importance, side-channel attacks pose a unique challenge because they rely on physical phenomena that aren’t always modeled for the design verification process. While everything can be hacked, the goal is to make it so difficult that an attacker concludes it isn't worth the effort. For side-channel attacks, the pre-silicon design is the best place to address any known ... » read more

Why Banks Should Be More Worried About Security


At about 10:30 a.m. on Friday, Feb. 5, 2016, Jubail Bin-Huda, a joint director of Bangladesh Bank, and a colleague went to pick up the latest Society for Worldwide Interbank Financial Telecommunication (SWIFT) acknowledgement messages from the printer. When they got to the printer, they found nothing had been printed. They restarted the printer manually, but it still didn't work. They had no... » read more

Securing ICs With Information Flow Analysis


Following the data has new meaning when it comes to security. Alric Althoff, senior hardware security engineer at Tortuga Logic, talks about tracking the flow of data through a hardware design over time, including what happens with roots of trust, how this works with existing tools and methodologies, and what to think about when tracing potential security risks. » read more

Security Tradeoffs In Chips And AI Systems


Semiconductor Engineering sat down to discuss the cost and effectiveness of security in chip architectures and AI systems with with Vic Kulkarni, vice president and chief strategist at Ansys; Jason Oberg, CTO and co-founder of Tortuga Logic; Pamela Norton, CEO and founder of Borsetta; Ron Perez, fellow and technical lead for security architecture at Intel; and Tim Whitfield, vice president of s... » read more

← Older posts