Self-checking chip hunts out its own defects, signs of sabotage
Tue 23 Aug 2016
In a bid to mitigate risks from malicious circuitry, researchers have designed a chip solution which comprises an embedded module to verify calculations and an external module to validate initial proofs.
Concerned with the opportunities for bad actors to manipulate circuitry along the chip supply chain, Siddharth Garg, an electrical and computer engineering professor at the NYU Tandon School of Engineering, has taken an approach known as ‘verifiable computing’ (VC) to help identify potential Trojans.
While software bugs are relatively easy to spot and patch, hardware faults are undetectable and can act without being noticed. The ability to catch out these glitches and verify their existence has become a critical research area, as more and more designs are sent to outsourcing sites around the world, where security cannot always be guaranteed.
In Garg’s proposal, the verifying processor can be fabricated separately from the chip itself. ‘Employing an external verification unit made by a trusted fabricator means that I can go to an untrusted foundry to produce a chip that has not only the circuitry-performing computations but also a module that presents proofs of correctness,’ he explained.
The chip designer can turn to a reliable foundry to build a separate, less complicated module – an ASIC (Application-Specific Integrated Circuit), which validates the proofs of correctness generated by the internal module of the ‘untrusted’ chip.
Garg believes that this system will provide a higher assurance of security for both the chipmaker and the end user. ‘Under the current system, I can get a chip back from a foundry with an embedded Trojan. It might not show up during post-fabrication testing, so I’ll send it to the customer,’ said Garg.
‘But two years down the line it could begin misbehaving. The nice thing about our solution is that I don’t have to trust the chip because every time I give it a new input, it produces the output and the proofs of correctness, and the external module lets me continuously validate those proofs.’
The research team next plans to explore ways to decrease the overhead that generating and verifying proofs imposes, and also to reduce bandwidth requirements between the prover and verifier chips. ‘Because with hardware, the proof is always in the pudding, we plan to prototype our ideas with real silicon chips,’ continued Garg.