DARPA aims to make on-chip security scalable
NewsMarch 28, 2019
ARLINGTON, Va. To ease the cybersecurity concern over developing secure chips, the Defense Advanced Research Projects Agency (DARPA) has developed the Automatic Implementation of Secure Silicon (AISS) program, which intends to automate the process of incorporating scalable defense mechanisms into chip designs while enabling designers to make economics versus security tradeoffs and maximize design productivity.
According to information from DARPA, the objective of the AISS program is to develop a design tool and IP ecosystem – encompassing tool vendors, chip developers, IP licensers, and the open source community – that will enable security to be inexpensively incorporated into chip designs with minimal effort and expertise, ultimately making scalable on-chip security pervasive.
Serge Leef, a program manager in DARPA’s Microsystems Technology Office (MTO), says of the program: “The security, design, and economic objectives of a chip can vary based on its intended application. As an example, a chip design with extreme security requirements may have to accept certain tradeoffs. Achieving the required security level may cause the chip to become larger, consume more power, or deliver slower performance. Depending on the application, some or all of these tradeoffs may be acceptable, but with today’s manual processes it’s hard to determine where tradeoffs can be made.”
While the threat landscape is ever-evolving, AISS seeks to address four specific attack surfaces that are most relevant to digital ASICs and SoCs: Side-channel attacks, reverse-engineering attacks, supply-chain attacks, and malicious hardware attacks. “Strategies for resisting threats vary widely in cost, complexity, and invasiveness. As such, AISS will help designers assess which defense mechanisms are most appropriate based on the potential attack surface and the likelihood of a compromise,” said Leef.
In addition to incorporating scalable defense mechanisms, AISS seeks to ensure that the IP blocks that make up the chip remain secure throughout the design process and are not compromised as they move through the ecosystem. To further this aim, the program will also aim to inculcate provenance and integrity-validation techniques for preexisting design components by advancing current methods or inventing novel technical approaches, some of which may include IP watermarking and threat detection.
AISS is part of the second phase of DARPA’s Electronics Resurgence Initiative (ERI), a five-year, upwards of $1.5 billion investment in the future of domestic, U.S. government, and defense electronics systems; under Phase II of ERI, DARPA is exploring the development of trusted electronics components, including the advancement of electronics that can enforce security and privacy protections.
