{"id":13831,"date":"2019-05-14T16:12:46","date_gmt":"2019-05-14T23:12:46","guid":{"rendered":"https:\/\/blogs.mentor.com\/verificationhorizons\/?p=13831"},"modified":"2026-03-27T08:42:09","modified_gmt":"2026-03-27T12:42:09","slug":"mitigating-security-risks-when-designing-with-3rd-party-silicon-ip","status":"publish","type":"post","link":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/2019\/05\/14\/mitigating-security-risks-when-designing-with-3rd-party-silicon-ip\/","title":{"rendered":"Mitigating Security Risks When Designing with 3rd-Party Silicon IP"},"content":{"rendered":"<h3><a href=\"https:\/\/www.dac.com\/\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" style=\"margin: 0px 0px 4px 4px;float: right\" src=\"https:\/\/www.accellera.org\/images\/news\/events\/56dac_logo_small.png\" align=\"right\" \/><\/a>Accellera DAC Panel to Discuss<\/h3>\n<p>There is probably not one embedded system that is not built without open source software, 3rd party silicon IP or manufactured far from the design and distribution centers that make and sell these systems.\u00a0 Those who want to secure the design and delivery chain have no standard to use to address this.\u00a0 This has left develop teams to struggle with means to mitigate and address security risks when third party IP and associated components are integrated into today\u2019s modern embedded systems.<\/p>\n<p>There are many conferences devoted to security related issues and we have all read about <a href=\"https:\/\/en.wikipedia.org\/wiki\/Meltdown_(security_vulnerability)\" target=\"_blank\" rel=\"noopener\"><strong>Meltdown<\/strong><\/a> and <a href=\"https:\/\/en.wikipedia.org\/wiki\/Spectre_(security_vulnerability)\" target=\"_blank\" rel=\"noopener\"><strong>Spectre<\/strong><\/a>, I suspect.\u00a0 There are some security risks which may not have gotten extensive global attention like <a href=\"https:\/\/www.eecs.umich.edu\/cse\/awards\/pdfs\/A2_SP_2016.pdf\" target=\"_blank\" rel=\"noopener\"><strong>A2<\/strong><\/a> which is an analog attack exploiting an almost hidden capacitor.\u00a0 The Electronic Design Automation industry has even had exploits documented in conference papers that show how encrypted design and verification IP can be made visible, for which the standards team is now hard at work to address.<\/p>\n<p>And for embedded systems we have accepted a certain level of risk when it comes to integrating third-party IP into our SoC devices.\u00a0 Modern SoC designs gain productivity leverage when they can be designed with silicon IP that comes from multiple sources, from sources that have expertise in those particular blocks.\u00a0 Who do you use and trust for your memory controllers, protocol interface handlers and the like?\u00a0 In order to build the best SoC, we seek out the highest quality silicon IP to be part of our SoC\u2019s.<\/p>\n<p>Are these high quality silicon IP\u2019s free of exploits?\u00a0 Have they arrived for integration into your SoC without being tampered?\u00a0 What level of assurance do you have they are safe and clean?\u00a0 You may have the source, but when SoC integrators use the blocks, they are most likely treated as a black-boxes and not heavily vetted for compromise.<\/p>\n<p>To help address these issues, Accellera\u2019s newest working group, the <a href=\"https:\/\/www.accellera.org\/activities\/working-groups\/ip-security-assurance\" target=\"_blank\" rel=\"noopener\"><strong>IP Security Assurance Working Group<\/strong><\/a> was formed.\u00a0 To share more with the design automation and IP community, Accellera is hosting a luncheon on Monday at the 56th Design Automation Conference with a panel of industry experts to address these issues and more.\u00a0 You are invited to attend!<\/p>\n<h3>Accellera DAC IP Security Assurance Luncheon &amp; Panel Event Details<\/h3>\n<p>Join panelists from Analog Devices, DARPA, Intel and Tortuga Logic for a lively discussion.\u00a0 The luncheon is free for DAC\u00a0 attendees, but <strong><a href=\"https:\/\/www.accellera.org\/news\/events#dac2019\" target=\"_blank\" rel=\"noopener\">registration<\/a> <\/strong>with Accellera is required.<\/p>\n<p>Monday, June 3rd<br \/>\nNoon \u2013 1:30pm<br \/>\nRoom N246, Las Vegas Convention Center<br \/>\nRegistration and more information: <a href=\"https:\/\/www.accellera.org\/news\/events#dac2019\" target=\"_blank\" rel=\"noopener\"><strong>Click Here<\/strong><\/a><\/p>\n<p>I look forward to seeing you there!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Accellera DAC Panel to Discuss There is probably not one embedded system that is not built without open source software,&#8230;<\/p>\n","protected":false},"author":71541,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spanish_translation":"","french_translation":"","german_translation":"","italian_translation":"","polish_translation":"","japanese_translation":"","chinese_translation":"","footnotes":""},"categories":[1],"tags":[322,326,409,431,584,705,717,729,732,825],"industry":[],"product":[],"coauthors":[],"class_list":["post-13831","post","type-post","status-publish","format-standard","hentry","category-news","tag-a2","tag-accellera","tag-dac","tag-design-ip","tag-meltdown","tag-security-assurance","tag-silicon-ip","tag-spectre","tag-standards","tag-verification-ip"],"_links":{"self":[{"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/posts\/13831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/users\/71541"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/comments?post=13831"}],"version-history":[{"count":1,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/posts\/13831\/revisions"}],"predecessor-version":[{"id":14567,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/posts\/13831\/revisions\/14567"}],"wp:attachment":[{"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/media?parent=13831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/categories?post=13831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/tags?post=13831"},{"taxonomy":"industry","embeddable":true,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/industry?post=13831"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/product?post=13831"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blogs.sw.siemens.com\/verificationhorizons\/wp-json\/wp\/v2\/coauthors?post=13831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}