As Internet of Things (IoT) devices rapidly increase in popularity and deployment, economic attackers and nation-states alike are shifting their attention to the vulnerabilities of digital integrated circuit (IC) chips. Threats to IC chips are well known, and despite various measures designed to mitigate them, hardware developers have largely been slow to implement security solutions due to limited expertise, high cost and complexity, and lack of security-oriented design tools integrated with supporting semiconductor intellectual property (IP). Further, when unsecure circuits are used in critical systems, the lack of embedded countermeasures exposes them to exploitation. To address the growing threat this poses from an economic and national security perspective, DARPA developed the Automatic Implementation of Secure Silicon (AISS) program. AISS aims to automate the process of incorporating scalable defense mechanisms into chip designs, while allowing designers to explore chip economics versus security trade-offs based on the expected application and intent while maximizing designer productivity.
Today, DARPA is announcing the research teams selected to take on AISS’ technical challenges. Two teams of academic, commercial, and defense industry researchers and engineers will explore the development of a novel design tool and IP ecosystem – which includes tool vendors, chip developers, and IP licensors – allowing, eventually, defenses to be incorporated efficiently into chip designs. The expected AISS technologies could enable hardware developers to not only integrate the appropriate level of state-of-the-art security based on the target application, but also balance security with economic considerations like power consumption, die area, and performance.
“The ultimate goal of the AISS program is to accelerate the timeline from architecture to security-hardened RTL from one year, to one week – and to do so at a substantially reduced cost,” said the DARPA program manager leading AISS, Mr. Serge Leef.
The two AISS research teams are:
- Synopsys, Arm, Boeing, Florida Institute for Cybersecurity Research at the University of Florida, Texas A&M University, UltraSoC, and University of California, San Diego
- Northrop Grumman, IBM, University of Arkansas, and University of Florida
“AISS is bringing together leading minds in security research and semiconductor design to focus on a problem of national importance,” said Leef. “AISS will drive revolutionary advances in design productivity and have a dramatic and positive impact on our electronic supply chain security.”
AISS consists of two primary research areas that address four fundamental silicon security vulnerabilities: side channel attacks, hardware Trojans, reverse engineering, and supply chain attacks, such as counterfeiting, recycling, re-marking, cloning, and over-production. The first research area involves the development of a “security engine” that combines the latest academic research and commercial technology into an upgradable platform that can be used to defend chips against attacks and provide an infrastructure to manage these hardened chips as they progress through their lifecycle.
Synopsys and Northrop Grumman will each be developing Arm®-based architectures that include security engines offering different approaches and demonstrating the modularity of the new AISS-based flows to accept other security engines, potentially including highly specialized engines developed for future Department of Defense (DoD) applications.
In addition, Northrop Grumman, along with IBM, will seek to further enhance technologies first developed under the DARPA Supply Chain Hardware Integrity for Electronics Defense (SHIELD) program. They will use these technologies as a starting point for the development of an Asset Management Infrastructure (AMI) to protect chips throughout their lifecycle. The goal is to implement the AMI using distributed ledger technology, which provides for a high-availability, cloud-based system capable of managing keys, certificates, watermarks, policies, and tracking data to ensure that chips remain secure as they move through the design ecosystem.
Led by Synopsys, the second research area involves integrating the security engine technology developed in the first research area into system-on-chip (SOC) platforms in a highly automated way. In effect, this second research area is focused on performing “system synthesis” or combining the new security-aware electronic design automation (EDA) tools developed under AISS with commercial off-the-shelf IP from Synopsys, Arm, and chip instrumentation specialist, UltraSoc. This capability could allow chip designers to specify Power, Area, Speed, and Security (PASS) constraints on these AISS tools, which will then automatically generate optimal implementations based on the application objectives.
# # #
Media with inquiries should contact DARPA Public Affairs at firstname.lastname@example.org