Cloud native EDA tools & pre-optimized hardware platforms
Automobiles drive themselves. Drones deliver packages. Robots clear minefields. AI advises your doctor. That future is not far away, but what if a bad actor takes over your car, the delivery drone, or the autonomous robot? What if the AI used for human safety or health turns deadly? While software has long been the focus in the security space, today’s more complex devices and increased attack surface extend the security conversation not only to hardware, but also through software, the silicon lifecycle, and the entire supply chain. As a result, a fourth dimension has been added to the traditional power, performance, and area (PPA) trifecta of semiconductor design concerns—security.
Today, advanced semiconductors are single packages comprised of disparate components, multiple dies that enable new levels of systemic PPA efficiency. But it’s precisely that complexity that provides greater opportunity for security threats to do damage.
In addition to attacks on the software stack, attacks on hardware can not only do damage, but also assist the software damage. This includes hardware trojans, temperature or laser-generated faults, RF and power side-channel attacks, and much more. Although it’s been used for decades, code coverage at signoff isn’t enough for quantifiable assurance. This is because weaknesses or vulnerabilities can be buried in the data of the hundreds (or more) waivers needed when an error or issue is identified. While code coverage at signoff can be helpful to check for rare or no-toggle coverage (indicators of a trojan), you’ll never have 100% code coverage, and it won’t cover the enormous attack surface through the lifecycle.
Defending an Enormous Attack Surface Through the Lifecycle
While attacks exploit weaknesses and vulnerabilities, the adage, “the devil is in the details,” holds true here. Each of these threat buckets has a significant number of sub-buckets that provide opportunity for breaches. Synopsys is working to address each area in addition to methodologies for secure design in the cloud. (Partial Reference: CAD for Assurance – CAD for Assurance of Electronic Systems.)
Securing your devices is an ongoing cat-and-mouse game where you will need to predict, prevent, detect, withstand, respond, and adapt to threats in an everchanging security environment. A key challenge is that there are more opportunities through time to breach the system.
Constant learning and agility and choosing the right security strategies can help you manage your risks. Here are five strategies to help you stay ahead of nefarious players:
When there are so many points of entry, it’s important to not only plug in the security misses, but also to look at the security landscape holistically to create a systemic, reinforced security fabric. Synopsys is unique in the industry because we not only have the leading portfolio of software, tools, and solutions to fortify you against attacks, but our comprehensive approach reduces risk from silicon to software and beyond. While nothing is 100% secure, Synopsys system and software security solutions help you keep your security risks as low as possible, including:
Synopsys safety and security credibility comes from our longstanding work with partners such as the U.S. Government in programs like the Defense Advanced Research Projects Agency Automated Implementation of Secure Silicon (DARPA AISS) to ensure that security is at the forefront of design parameters along with PPA. We also are part of the Department of Defense Rapid Assured Microelectronics Prototypes (DoD RAMP) programs for secure design on Microsoft Azure cloud. We additionally work with partners such as Texas A&M University and University of Florida to embed security knowledge directly into our tool flow. This embedded knowledge can be added through the design process for baseline security. The production solutions coming from AISS and RAMP are intended to democratize security to enable the IC developer while enabling security experts to focus on security reviews instead of security design.
Beyond our technology, we are also building technical sales and services, marketing, and a strong information security (infosec) capability to support secure development, whether on-prem in your enterprise or in the cloud. As the fourth dimension of semiconductor design, we make security a priority in all that we do, from our system-level software SoC and FPGA technologies to silicon lifecycle management and manufacturing test solutions. If you would like to learn more about how you can keep your designs secure sign up for our Aerospace and Government newsletter or contact us.