2023 Open Source Risk In M&A By The Numbers


Learn how an open source audit can reduce your security risk Here’s what we know: Most of today’s codebases contain open source components. Vulnerabilities and licensing issues in codebases are as pervasive as open source itself. Unpatched software vulnerabilities are one of the biggest cyberthreats organizations face. Failure to comply with open source licenses can put... » read more

FPGAs: Automated Framework For Architecture-Space Exploration of Approximate Accelerators


A technical paper titled "autoXFPGAs: An End-to-End Automated Exploration Framework for Approximate Accelerators in FPGA-Based Systems" was published (preprint) by researchers at TU Wien, Brno University of Technology, and NYUAD. Abstract "Generation and exploration of approximate circuits and accelerators has been a prominent research domain exploring energy-efficiency and/or performance... » read more

Side-Channel Attacks Via Cache On the RISC-V Processor Configuration


A technical paper titled "A cross-process Spectre attack via cache on RISC-V processor with trusted execution environment" was published by researchers at University of Electro-Communication, Academy of Cryptography Techniques, Technology Research Association of Secure IoT Edge Application based on RISC-V Open Architecture (TRASIO), and AIST. "This work proposed a cross-process exploitation ... » read more

What Does 2023 Have In Store For Chip Design?


Predictions seem to be easier to make during times of stability, but they are no more correct than at any other period. During more turbulent times, fewer people are courageous enough to allow their opinions to be heard. And yet it is often those views that are more well thought through, and even if they turn out not to be true, they often contain some very enlightening ideas. 2022 saw some ... » read more

How Secure Are RISC-V Chips?


When the Meltdown and Spectre vulnerabilities were first uncovered in 2018, they heralded an industry-wide shift in perspective regarding processor security. As the IBM X-Force Threat Intelligence Index put it the following year, "2018 ushered in a new era of hardware security challenges that forced enterprises and the security community to rethink the way they approach hardware security." R... » read more

How Mature Are Verification Methodologies?


Semiconductor Engineering sat down to discuss differences between hardware and software verification and changes and challenges facing the chip industry, with Larry Lapides, vice president of sales for Imperas Software; Mike Thompson, director of engineering for the verification task group at OpenHW; Paul Graykowski, technical marketing manager for Arteris IP; Shantanu Ganguly, vice president o... » read more

Security Verification Of An Open-Source Hardware Root Of Trust


By Jason Oberg and Dominic Rizzo OpenTitan is a powerful open-source silicon root of trust project, designed from scratch as a transparent, trustworthy, and secure implementation for enterprises, platform providers, and chip manufacturers. It includes numerous hardware security features ranging from secure boot and remote attestation to secure storage of private user data. The open-source de... » read more

Differentiation And Architecture Licenses In RISC‑V


I was discussing with a colleague about the concept of architecture license in RISC-V. I realized that, in the open-source world, it can be a little tricky to grasp. In a traditional processor IP model, there is a clear distinction between an off-the-shelf IP license that gives some level of configuration but no customization and a fairly expensive architecture license enabling ... » read more

Research Platform for Heterogeneous Computing (ETH Zurich)


New academic paper from ETH Zurich, "HEROv2: Full-Stack Open-Source Research Platform for Heterogeneous Computing." Abstract: "Heterogeneous computers integrate general-purpose host processors with domain-specific accelerators to combine versatility with efficiency and high performance. To realize the full potential of heterogeneous computers, however, many hardware and software design ... » read more

Database Reconstruction from Noisy Volumes: A Cache Side-Channel Attack on SQLite


Authors: Aria Shahverdi, University of Maryland; Mahammad Shirinov, Bilkent University; Dana Dachman-Soled, University of Maryland Abstract: "We demonstrate the feasibility of database reconstruction under a cache side-channel attack on SQLite. Specifically, we present a Flush+Reload attack on SQLite that obtains approximate (or "noisy") volumes of range queries made to a private database... » read more

← Older posts Newer posts →