IC Security Threat Grows As More Devices Are Connected

Designing for security is beginning to gain traction across a wider swath of chips and systems as more of them are connected to the Internet and to each other, sometimes in safety- and mission-critical markets where the impact of a cyber attack can be devastating.

But it’s also becoming more difficult to design security into these systems. Unlike in the past, connectivity is now considered essential to functionality. And rather than a single chip, many of these devices are now multi-chip implementations with multiple layers of connectivity used for updates and communication within a system or between systems. Identifying security holes is becoming much harder, and plugging them sometimes requires the cooperation of multiple vendors.

“We’re connected now with everything,” said Dana Neustadter, DesignWare security IP product marketing manager at Synopsys. “Even a sensor could be connected through the Internet, and then it can open yet another attack surface. And we’ve been talking about AI for all the good reasons, but AI can also be used to more efficiently break the system. As technology evolves, data becomes more important, and we see more attacks. It’s a continuum, and security has been part of that for a while. But in the past, security was at the end of the chip design process. That was okay then, but not today. The pressure is much higher, and the risks are much more serious.”

Those concerns are echoing across the semiconductor supply chain these days as the number of connected devices continues to explode.

“What’s different is the number of IoT devices,” said Andreas Kuehlmann, CEO at Tortuga Logic. “IoT devices are traditionally not the most expensive devices. The margins on these devices are very low, and as a result security is treated like as an option, if it’s there at all. The problem with security fundamentally comes down to the weakest link. Hackers string vulnerabilities together. They just need to find one — maybe on a chip, maybe in software, another one maybe on the chip, maybe in software, and so on. Then they can string an attack together.”

Most people are aware when an IoT device is connected to the Internet. What they…