DARPA Sponsors a Hunt For Malware In Microchips 106
Phurge links to an IEEE Spectrum story on an interesting DARPA project with some scary implications about just what it is we don't know about what chips are doing under the surface. It's a difficult problem to find invasive or otherwise malicious capabilities built into a CPU; this project's goal is to see whether vendors can find such hardware-level spyware in chips like those used in military hardware. Phurge excerpts: "Recognizing this enormous vulnerability, the DOD recently launched its most ambitious program yet to verify the integrity of the electronics that will underpin future additions to its arsenal. ... In January, the Trust program started its prequalifying rounds by sending to three contractors four identical versions of a chip that contained unspecified malicious circuitry. The teams have until the end of this month to ferret out as many of the devious insertions as they can."
Right out of the fiction section (Score:2, Informative)
Speaking as a chip designer... (Score:5, Informative)
I deal with foreign fab houses on every project. The odd things is that most of the backend software used by these fab houses are sold by American companies (much of which is written in India).
There is a step in the process where a point tool (one not written by the fab house - but again an American company) is used to re-extract the design out from the polygons that describe the silicon to be fabbed. This is compared to the source gate level design I originally supplied using formal verification methods. This is done by me.
So I suppose someone could surreptitiously change the gates I'm getting back to hide what is being inserted in there (not an easy thing to do all by itself at this level) There are places where it could be done in the process.
At the same time - to add additional logic to a design you are not well versed in is REALLY difficult.
Re:All about China (Score:3, Informative)
The thing with embargoes is that they work both ways. Currently, China is so dependent on the US consumer market to absorb its production that an embargo would hurt them as much as it hurts us.
The other thing is that, despite what you've been hearing, China is not the be-all-end-all for electronics. Korea still holds the crown for manufacturing memory, Taiwan is still the leader for TFT LCDs, Israel is still manufacturing networking equipment, etc. If China embargoes the US, these other countries will ramp up production and diversify their offerings to meet the redirected demand from the US market.
On the other hand, China's only large customer is the US. If they slap an embargo on the US, the US can go to other suppliers, whereas China has few other customers rich enough to buy the massive quantities of goods they are producing.
The Chinese know that, at least in the near future, an embargo will hurt them at least as much as it hurts us. This is why they've been actively growing their trade surplus vis a vis the US. Having a massive amount of dollar reserves gives them the option of manipulating our currency (and, by proxy, our economy) without resorting to something as blunt as an embargo.
It's about the design, not the fab (Score:3, Informative)
And, for that matter, a designer or even an applications engineer can tell, at a glance, if the silicon that came back from the fab is the same as their design. Some of our applications engineers can tell, without a microscope, what another manufacturer's raw silicon does, just by looking at it. (Not everything, obviously, but they can say "this part is logic, this part is a big power FET, there's a bunch of ESD stuff over here...")
Bottom line: if you have to trust the design, you need to have your designer and your design review team where you can see them. The fabs don't really matter that much.
Re:It's about the design, not the fab (Score:2, Informative)
How many layers of metal are we up to now? If I rewired a chip and left all the transistors in place but changed the metal, would anyone be able to tell? Can you even look down to that 7th layer of metal sandwiched underneath all the transistors to even tell that it was changed? It would be tough, but the chip could be rewired without moving any of the visible surface structures.
But the biggest area of concern would be the microcode. It would be nearly impossible to see the differences and a whole lot of changes could be done without anyone noticing.
IMHO, it would be really really really hard to do any of the things I listed above. But, I think it would be completely impossible to detect.