October 11, 2024

Semiconductors play an increasingly crucial role in our daily lives — they power the cars we drive, sustain the businesses that fuel our economy and enable global communication. As our reliance on these components grows, ensuring that they function reliably and securely becomes ever more important. Recent outages and disruptions have shown how vital secure, reliable devices and seamless connectivity are in today’s interconnected world.

The Need for Security Assurance

The COVID-19 pandemic highlighted the critical importance of global supply chain resilience. When certain components became unavailable, the resulting disruptions rippled throughout the entire supply chain, causing delays that sometimes took years to recover from. This underscored the complexity and interdependence involved in creating a computer chip, which demands robust security measures at every stage of its design and production. The need for security spans the entire chip lifecycle, from design and manufacturing to packaging, test, and even to the chip’s end of life.

At the forefront of this lifecycle is chip design. A computer chip consists of numerous licensable, reusable components known as intellectual property (IP) blocks, which can come from various sources, including internal teams, external vendors, IP suppliers, and even tools. These IP blocks are integrated into the chip but can present security risks if not properly evaluated. To address this challenge, the IEEE Standards Association (IEEE SA) has established a working group, P3164, to focus on Security Annotation for Electronic Design Integration (SA-EDI).

IEEE P3164: Enhancing Chip Design Security

The P3164 working group aims to tackle security concerns by developing a methodology and database to assess the security risks associated with each IP block. This will allow integration teams to review and identify security risks during the design phase of the chip lifecycle. Identified risks can be addressed by swapping out high-risk IP, mitigating the risk associated with the IP or accepting the risk when necessary.

The group’s methodology involves a formal process for identifying potential attack points within an IP block that could be exploited. This enables designers to pinpoint associated security risks and develop strategies to manage them effectively. Additionally, a knowledge base of known vulnerabilities related to specific IP blocks will further assist in assessing security risks. As new vulnerabilities are discovered, users can contribute to this database, ensuring that it remains up-to-date and comprehensive.

Expanding Security Beyond IP Blocks

In addition to securing IP blocks and the physical components of chips, the semiconductor industry is increasingly focused on cryptography and secure protocols. With advancements in algorithms related to quantum computing, traditional cryptographic methods are becoming vulnerable, creating a need for more robust security measures. This shift has far-reaching implications, from securing user login information to safeguarding data storage and transfers, and protecting secure keys that control digital access.

In response to these challenges, the industry is investing in cutting-edge innovations in cybersecurity. These efforts include advanced security access layers, the development of future-proof cryptographic algorithms, and the preparation of a workforce skilled in both the semiconductor ecosystem and security challenges across the entire lifecycle. As the need for enhanced security grows, so too does the necessity for an informed, adaptable workforce capable of meeting the demands of this evolving landscape.

Strengthening Security in a Connected World 

The semiconductor industry’s growing role in our lives necessitates an equally strong focus on security, especially as supply chains become more complex and interconnected. By establishing formal methodologies for assessing and mitigating security risks at the design stage, technical initiatives like the IEEE P3164 working group are critical to ensuring the continued safety and reliability of semiconductors throughout their lifecycle. As the digital landscape evolves, the semiconductor industry must stay vigilant, continuously advancing security measures to address emerging threats and ensure the resilience of the technologies that shape our future. Through continued collaboration and innovation, we can protect the technologies that power our digital world.

ABOUT OUR AUTHOR
Kathy Hayashi is an IEEE Senior Member and member of IEEE HKN. She is the Chair of the Global Semiconductors Group of IEEE Future Directions and a senior consultant in semiconductor workflows.

INTERACTIVE EXPERIENCES

Close Navigation