Page 4

EETE NOV 2014

cybersecurity IoT cybersecurity: is EDA ready to deliver? By Julien Happich During a brief stint in Paris to visit customers and before hosting Mentor Graphics’ Integrated Electrical Solutions Forum (IESF Europe) in Munich, CEO Wally Rhines delivered a keynote speech to share his views on Internet-of-Things (IoT) cybersecurity and what could be the role of EDA, at the root of every design. “There is so much buzz around Cloud computing, IoT and Cybersecurity nowadays that just by attending all the conferences and talks on these three topics, you could never have to go back to your office”, jokingly said Rhines. “In fact, all three topics share a common concern, security” he noted, “and while the cloud is exposing us more, IoT magnifies both the amount of data and the number of data collection sites”, he added, inferring that each new node potentially offers a new entry point to hackers. It is true that security breaches regularly make the news, from credit card databases to Facebook or iCloud accounts to medical records. That also includes virus exploits compromising industrial or military assets, the Stuxnet being the most famous one. The latter may have been delivered using the so-called “candy drop” tactic, when infected USB drives are scattered in public places (parking lots, smoking areas nearby the targeted sites) and picked up randomly by unsuspecting passers-by. In fact, nowadays most security breaches are softwarebased, when an application can be compromised and data collected, either through social engineering, malware and viruses or Trojans. Counter-measures for such attacks range from basic antivirus scanning software, to embedded hypervisors to hardware-bound secure applications tying their execution to uniquely identifiable hardware (for example an embedded secure element or even better, a Physically Unclonable Function derived from intrinsic hardware properties). “But the threats extend way beyond software and some hackers will put a lot of effort into compromising a system’s security at silicon-level”, continued Rhines. Well-documented examples include side-channel attacks for which counter measures include hardened IP to resist attacks and make key extraction more difficult. At board-level, counterfeit chips have also been widely reported, some are pure fake or cloned or even recycled parts de-soldered from eWaste, but you could also find additional chips spying on the board’s transactions. What about malicious logic inside a chip or rogue hardware? When using third party IP blocks bearing millions of transistors, who is going to reverse-engineer every single transistor to ensure that they do no more than what it says on the tin? “Ultimately, it is at the chip-design stage that companies will have to protect their systems, detecting hardware Trojans through RTL analysis and through the insertion of dedicated logic to analyse run time activity”, emphasized Rhines who readily positions Mentor Graphics as the forefront of EDA-based IoT cybersecurity. “There is emerging customer demand for silicon authentication and sooner or later, some customers will say “I am not buying your chip if it can’t be traced””, said Rhines. “Authentication is good but is not enough”, Rhines added, “what you need is a comprehensive design for security”. Rhines sees there a new sector of activity for EDA, where companies like his will have to play a bigger role, with more IP emulation and verification strategies to ensure that the chip not only does what it is supposed to do, but does nothing that it is not supposed to do. Some solutions he proposes include on-chip odometers that can address recycling threats (counting power cycles or memory accesses), activation IP that guarantees the IP-rights holder control over the chip operation, or dedicated co-processors for run-time Trojan detection. The latter delivered as IP could prevent undeclared communications or detect peripherals with a hidden functionality. But what is going to safeguard your IP from an insider’s job, say by the very designer supposed to implement that safe design? And pushing the debate further, one can never be suspicious enough, so why assume that EDA tools themselves are immune to manipulation and code corruption? “You have to trust someone!” admitted Rhines, taking a bit of distance with his initial scaremongering and suspicion-raising pitch. “We have no vested interest to cause issues to our customers, our motivations both financial and in terms of reputation is to make sure that our customers can verify that their designs work as intended” he concluded. 4 Electronic Engineering Times Europe November 2014 www.electronics-eetimes.com


EETE NOV 2014
To see the actual publication please follow the link above