A Glossary For Chip And Semiconductor IP Security And Trust


A significant portion of electronic system vulnerabilities involves hardware. In 2015 the Common Vulnerabilities and Exposures (CVE-MITRE) database recorded 6,488 vulnerabilities. A considerable proportion (43%) can be classified as software-assisted hardware vulnerabilities (see Fig. 1). The discovery of Meltdown and Spectre in January 2018 has sparked a series of investigations into hardware ... » read more

New Approaches For Hardware Security


Semiconductor Engineering sat down to discuss a wide range of hardware security issues and possible solutions with Norman Chang, chief technologist for the Semiconductor Business Unit at ANSYS; Helena Handschuh, fellow at Rambus, and Mike Borza, principal security technologist at Synopsys. What follows are excerpts of that conversation. (L-R) Norman Chang, Helena Handschuh, Mike Borza. Pho... » read more

Protecting Computing Systems in a Post-Meltdown/ Spectre World


When Jann Horn of Google’s Project Zero posted a detailed blog titled “Reading privileged memory with a side-channel,” it set off a firestorm of activity as the post confirmed that secret information inside a computer could be accessed via two different attacks, Meltdown and Spectre. Essentially, both attacks utilize CPU data cache timing to efficiently exploit and leak informatio... » read more

Understanding The Importance Of Silicon Security


Vulnerabilities like Meltdown, Spectre and Foreshadow are understandably considered quite serious by the semiconductor industry. This is because they can be exploited by a determined attacker to access sensitive data that should be securely locked down but isn’t. We can think about a cloud-based server running multiple applications that process and store sensitive data. Vulnerabilities lik... » read more

Holes In AI Security


Mike Borza, principal security technologist in Synopsys’ Solutions Group, explains why security is lacking in AI, why AI is especially susceptible to Trojans, and why small changes in training data can have big impacts on many devices. » read more

Meltdown, Spectre And Foreshadow


Ben Levine, senior director of product management for Rambus’ Security Division, talks with Semiconductor Engineering about hardware-specific attacks, why they are so dangerous, and how they work. » read more

Power/Performance Bits: May 21


More speculative vulnerabilities Security researchers at the Graz University of Technology, KU Leuven, Cyberus Technology, and Worcester Polytechnic Institute point to two new speculative execution vulnerabilities related to Meltdown and Spectre. The first, which they dubbed ZombieLoad, uses a similar approach to Meltdown. After preparing tasks in parallel, the processor needs to discard th... » read more

Can The Hardware Supply Chain Remain Secure?


Malware in computers has been a reality since the 1990s, but lately the focus has shifted to hardware. So far, the semiconductor industry has been lucky because well-publicized threats were either limited or unproven. But sooner or later, luck runs out. Last year saw two significant incidents that shook people’s faith in the integrity of hardware security. The first was the Meltdown/Spectr... » read more

New Approaches To Security


Different approaches are emerging to identify suspicious behavior and shut down potential breaches before they have a chance to do serious damage. This is becoming particularly important in markets where safety is an issue, and in AI and edge devices where the rapid movement of data is essential. These methods are a significant departure from the traditional way of securing devices through l... » read more

Don’t Have A Meltdown Over A Spectre In Your SoC


You may be concerned about last year’s widely published Spectre and Meltdown vulnerabilities affecting most processors. Are your phone and computer OK? Or more importantly, if you are designing or verifying a System on Chip (SoC), do you have a specter in your design? Let’s first look at what these two vulnerabilities are and how they may be affecting your system. Both vulnerabilitie... » read more

← Older posts