IEEE Spectrum February, 2015 - 48

T

oday's chips are so complex and costly to design
and build that it's very difficult for a single company
to create them without outside help. one company
might conceive and market an integrated circuit, but
other companies often make critical contributions to pinning
down the design. still others may have a hand in manufacturing, packaging, and distributing the chips.
With so many cooks in the kitchen, there are multiple opportunities to meddle with the hardware. a natural place to start
is at the very beginning, when a chip is being designed. today,
that's done using sophisticated computer-aided-design software. these CaD tools are created by specialized companies
that often work closely with chipmakers. the tools frequently
contain millions of lines of code, and they change quickly: new
algorithms are added almost continuously to help design faster,
lower-power circuits. In principle, among the many thousands
or perhaps millions of lines of code, it is easy to slip in a few
extra ones to modify a hardware design. and there are multiple places it could be done. For one thing, routine circuit
blocks, such as the accelerators used to crunch numbers for
encryption and decryption, are often designed by third parties.
the other obvious time for an integrated circuit to be altered
is during manufacturing. this was less of a concern decades
ago, when chip manufacturing was more affordable and com48

|

feB 2015

|

north AmericAn

|

spectrum.ieee.orG

panies could make their own chips in their own fabrication
plants, or fabs. But nowadays a new chip fab can cost upwards
of us $10 billion, and research and development costs keep
increasing. Because of this very high up-front cost, most chipmakers now rely on a handful of outside foundry services,
based in China, south Korea, taiwan, and the united states,
among other countries, that specialize in implementing silicon designs. although there is no reason to suspect that any
of these foundries may be adding malicious hardware, it's
impossible to exclude the possibility that they might make
undesirable adjustments to the designs, potentially altering
an entire batch of chips or a subset of them.
the u.s. Department of Defense is of course well aware
of these vulnerabilities. to help address them, its trusted
Foundry program has accredited foundries, along with other
links in the supply chain. the set of foundries allowed to work
on these "trusted" chips is generally restricted to those in the
united states. this limits access to the most advanced chips;
many trusted u.s. foundry services have not been able to
keep up their investments and are producing chips that are
10 years or more behind the current state-of-the-art manufacturing process. What's more, the DoD program is focused on
military chips for applications such as weapons and avionics.
the integrated circuits used in such vital nonmilitary applica-

ProP stylist: robin Finlay

questions about just how much the global supply chain for integrated circuits can be trusted.
If any such episode has led to calamity, the role
of the trojan has been kept secret. Indeed, if any
potentially threatening hardware trojans have
been found, the news hasn't yet been made public. But clearly, in the right place a compromised
chip could scuttle antimissile defenses, open up
our personal data to the world, or down a power
plant or even a large section of a power grid.
a lot of research is still being devoted to understanding the scope of the problem. But solutions are already starting to emerge. In 2011, the
united states' Intelligence advanced research
Projects activity (IarPa) started a new program
to explore ways to make trusted chips. as part of
that program, our team at stanford university,
along with other research groups, is working
on fundamental changes to the way integrated
circuits are designed and manufactured.
today we try to protect against hardware
trojans by keeping careful tabs on where chips
are made, limiting the opportunity for mischief
by limiting who is authorized to make a chip.
But if this research succeeds, it could make it
practical for anyone to design and build a chip
wherever they like and trust that it hasn't been
tampered with. More radically, our research
could open up ways to let you use a chip even
if there is a trojan inside.



http://spectrum.ieee.orG

Table of Contents for the Digital Edition of IEEE Spectrum February, 2015

IEEE Spectrum February, 2015 - Cover1
IEEE Spectrum February, 2015 - Cover2
IEEE Spectrum February, 2015 - 1
IEEE Spectrum February, 2015 - 2
IEEE Spectrum February, 2015 - 3
IEEE Spectrum February, 2015 - 4
IEEE Spectrum February, 2015 - 5
IEEE Spectrum February, 2015 - 6
IEEE Spectrum February, 2015 - 7
IEEE Spectrum February, 2015 - 8
IEEE Spectrum February, 2015 - 9
IEEE Spectrum February, 2015 - 10
IEEE Spectrum February, 2015 - 11
IEEE Spectrum February, 2015 - 12
IEEE Spectrum February, 2015 - 13
IEEE Spectrum February, 2015 - 14
IEEE Spectrum February, 2015 - 15
IEEE Spectrum February, 2015 - 16
IEEE Spectrum February, 2015 - 17
IEEE Spectrum February, 2015 - 18
IEEE Spectrum February, 2015 - 19
IEEE Spectrum February, 2015 - 20
IEEE Spectrum February, 2015 - 21
IEEE Spectrum February, 2015 - 22
IEEE Spectrum February, 2015 - 23
IEEE Spectrum February, 2015 - 24
IEEE Spectrum February, 2015 - 25
IEEE Spectrum February, 2015 - 26
IEEE Spectrum February, 2015 - 27
IEEE Spectrum February, 2015 - 28
IEEE Spectrum February, 2015 - 29
IEEE Spectrum February, 2015 - 30
IEEE Spectrum February, 2015 - 31
IEEE Spectrum February, 2015 - 32
IEEE Spectrum February, 2015 - 33
IEEE Spectrum February, 2015 - 34
IEEE Spectrum February, 2015 - 35
IEEE Spectrum February, 2015 - 36
IEEE Spectrum February, 2015 - 37
IEEE Spectrum February, 2015 - 38
IEEE Spectrum February, 2015 - 39
IEEE Spectrum February, 2015 - 40
IEEE Spectrum February, 2015 - 41
IEEE Spectrum February, 2015 - 42
IEEE Spectrum February, 2015 - 43
IEEE Spectrum February, 2015 - 44
IEEE Spectrum February, 2015 - 45
IEEE Spectrum February, 2015 - 46
IEEE Spectrum February, 2015 - 47
IEEE Spectrum February, 2015 - 48
IEEE Spectrum February, 2015 - 49
IEEE Spectrum February, 2015 - 50
IEEE Spectrum February, 2015 - 51
IEEE Spectrum February, 2015 - 52
IEEE Spectrum February, 2015 - 53
IEEE Spectrum February, 2015 - 54
IEEE Spectrum February, 2015 - 55
IEEE Spectrum February, 2015 - 56
IEEE Spectrum February, 2015 - 57
IEEE Spectrum February, 2015 - 58
IEEE Spectrum February, 2015 - 59
IEEE Spectrum February, 2015 - 60
IEEE Spectrum February, 2015 - 61
IEEE Spectrum February, 2015 - 62
IEEE Spectrum February, 2015 - 63
IEEE Spectrum February, 2015 - 64
IEEE Spectrum February, 2015 - 65
IEEE Spectrum February, 2015 - 66
IEEE Spectrum February, 2015 - 67
IEEE Spectrum February, 2015 - 68
IEEE Spectrum February, 2015 - Cover3
IEEE Spectrum February, 2015 - Cover4
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1217
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1117
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1017
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0917
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0817
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0717
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0617
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0517
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0417
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0317
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0217
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0117
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1216
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1116
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1016
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0916
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0816
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0716
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0616
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0516
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0416
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0316
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0216
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0116
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1215
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1115
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1015
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0915
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0815
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0715
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0615
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0515
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0415
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0315
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0215
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0115
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1214
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1114
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1014
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0914
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0814
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0714
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0614
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0514
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0414
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0314
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0214
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0114
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1213
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1113
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1013
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0913
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0813
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0713
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0613
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0513
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0413
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0313
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0213
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0113
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1212
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1112
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1012
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0912
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0812
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0712
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0612
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0512
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0412
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0312
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0212
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0112
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1211
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1111
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1011
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0911
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0811
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0711
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0611
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0511
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0411
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0311
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0211
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0111
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1210
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1110
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1010
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0910
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0810
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0710
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0610
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0510
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0410
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0310
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0210
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0110
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1209
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1109
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1009
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0909
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0809
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0709
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0609
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0509
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0409
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0309
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0209
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0109
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1208
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1108
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1008
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0908
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0808
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0708
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0608
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0508
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0408
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0308
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0208
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0108
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1207
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1107
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_1007
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0907
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0807
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0707
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0607
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0507
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0407
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0307
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0207
https://www.nxtbook.com/nxtbooks/ieee/spectrum_na_0107
https://www.nxtbookmedia.com