Accellera Proposes a New Working Group
Accellera to explore the need for an IP Security Assurance Standard
In the era of SoC design where major design intellectual property (IP) blocks come from multiple sources and are combined to create an SoC or major block to be incorporated into yet another SoC, how can one test such systems to ensure they are free from security risks?
When design verification practice uses verification intellectual property (VIP) from a source other than the design IP supplier, designs can be checked to determine if they perform what they were intended to do in conformance to their defined specifications with some level of assurance. That same VIP can often catch unsupported behavior and flag illegal uses of the design IP. But there could be other embedded features that fall outside the bounds of such checking that could allow security risks to go unchecked.
Even the move to open-source design code or inspection of source code via contractual agreements does not make it easy to overcome the black-box nature of design IP used in SoCs.
There are some efforts to address security or that impact security, like ISO/IEC 27034, but they are silent on security assurance for design IP in SoCs. This leaves a question to be answered: Is there interest to standardize IP Security Assurance or produce some guidelines and/or recommended practices to limit these risks? The industry has acknowledged the problem exists and a solution is needed when it published the article Security Assurance Guidance for Third-Party IP in the Journal of Hardware and Systems Security. To avoid customized, one-off solutions to this problem, it may be best to define a standard that the collective industry of design IP suppliers, silicon providers and EDA vendors can support.
The first Accellera IP Security Assurance Proposed Working Group is set to be held on Tuesday April 17 from 10am – noon PT to see if there is interest to for such a working group with the goal to develop a Security Assurance standard. The meeting will be held Intel SC9, 2250 Mission College Blvd. Clara, CA 95054 USA [Link to map]. All interested parties are invited to attend, and registration is required. Click here to register. You can also find more information from Accellera about this proposed standardization activity here.
Comments