Logistical Challenges faced by Socs Manufacturing

Modern system-on-chip (SoC) designs include a wide variety of highly sensitive assets which must be protected from unauthorized access. A significant aspect of SoC design involves exploration, analysis, and evaluation of resiliency mechanisms against attacks to such assets. These attacks may arise from a number of sources, including malicious intellectual property blocks (IPs) in the hardware, malicious or vulnerable firmware and software, insecure communication of the system with other devices, and side-channel vulnerabilities through power and performance profiles. Countermeasures for these attacks are equally diverse, which include architecture, design, implementation, and validation-based protection.

SOC SECURIT Y CHALLENGES

Design Challenges to Security:-

Three key factors that contribute to design challenges:-

1. High complexity of devices
2. Aggressive time-to-market requirements that do not provide adequate validation time
3. High diversity

[1]High complexity of devices

To understand the critical role of complexity, a decade back one could clearly demarcate computing systems in two categories: general-purpose systems (e.g., desktops, laptops, etc.) and embedded systems. The general-purpose systems were characterized by high programmability to support diverse use-case scenarios, resulting in a complex hardware architecture; nevertheless, they also provided a reasonably clean interface. On the other end, embedded systems were targeted for unique use cases. Each use case induced unique constraints on form factor, power, performance, security, reliability, etc., and drove the design, architecture, and optimization of the whole system. Consequently, the systems were typically characterized by tight coupling of hardware and software modules optimized for the metrics of interest as dictated by the target use case. Research in security assurance and verification consequently looked at

1. Embedded systems security where potential vulnerabilities were limited by the narrowness of target use-cases; or

2. General-purpose computing system security, where the decoupling of hardware and software permitted exploration of the two components separately. Furthermore, since for general-purpose systems the hardware architecture was fairly standard and the supply-chain reasonably trustworthy, one could trust them to be free of malicious instrumentation.

[2]Aggressive time-to-market requirements

These devices must confront to aggressive time-to-market requirements. The system lifecycle from conception to production ranges from three to four years for a desktop or a laptop. This is shrunk to less than a year for a mobile device. The shrinking is driven by market economics, e.g., the consumer device refresh cycle. This severely constrains the amount of system-level functional validation performed, resulting in vulnerability escapes to silicon or in-field.

[3]High diversity

The high diversity of consumer computing devices, coupled with aggressive time-to-market requirements, implies an urgent need for reuse of design blocks. However, security requirements vary significantly.