downloadGroupGroupnoun_press release_995423_000000 copyGroupnoun_Feed_96767_000000Group 19noun_pictures_1817522_000000Member company iconResource item iconStore item iconGroup 19Group 19noun_Photo_2085192_000000 Copynoun_presentation_2096081_000000Group 19Group Copy 7noun_webinar_692730_000000Path
Skip to main content
Default Banner Image

IP

In an era where technology permeates every aspect of our lives, the semiconductor industry serves as the backbone of innovation. From IoT devices to data centers, every piece of technology relies on integrated circuits (ICs) such as intellectual property (IP) cores and system on chips (SoCs). As these technologies become increasingly pervasive, the importance of hardware security assurance in the design and development of IP and SoCs cannot be overstated. Evolving cyber threats and sophisticated attacks make it essential for vendors to integrate advanced security measures into their workflows.Market Pressures Driving Demand for Enhanced Hardware Security The semiconductor market is projected to reach $1 trillion by 2030. At the same time, semiconductor devices and system designs are becoming increasingly complex. With that complexity comes the added difficulty and effort required to conduct thorough security analyses. Additionally, competitive pressure to reduce time-to-market means that vulnerabilities can be more easily overlooked or exploited, making it crucial for the industry to adopt automated security solutions. As more products are deployed in critical systems, from consumer electronics to national infrastructure, the stakes become even higher, underscoring the necessity for robust security measures.According to the SEMI Electronic Design Market Data (EDMD) report, in 2023, the electronic design automation (EDA), semiconductor IP, and related services market reached $17.1 billion, fueled by the increasing complexity of semiconductor designs and the growing emphasis on security. While the overall EDA market is growing at a 7.4% compound annual growth rate (CAGR), the semiconductor IP segment is expanding at 9.7%, and in comparison, the logic verification tools market alone is surging ahead at 24.2%. Deeper verification processes and tools are needed to not only handle the rising complexity of semiconductor designs, but also to support the growing emphasis on secure-by-design principles to ensure robust and reliable products in an evolving technological, security, and threat landscape. As a result, the market for logic verification tools — a key component of the EDA market — is surging. The Rising Cost of Cyber Threats from Data Breaches and Architectural Flaws Pavani Jella, Silicon AssuranceThe average cost of a data breach is $4.88 million1, encompassing lost business, regulatory fines, legal fees, and damage to brand reputation. As the semiconductor market grows, the potential financial impact of security breaches due to hardware vulnerabilities also escalates. Companies must invest in robust security measures to mitigate these risks and protect their financial health.Cyber threats from the exploitation of architectural flaws are another threat. Plundervolt is one example of an architectural flaw that could lead to hardware exploitation. Discovered by ethical hackers, Plundervolt is the name of an attack that exploited voltage fault injection to compromise the security of Intel processors. By manipulating the voltage supplied to the CPU cores, attackers could induce errors in the SGX enclave, allowing them to leak sensitive data or even bypass security protections intended by the enclave. This flaw was particularly concerning because it operated at the hardware level, making traditional software security measures ineffective. The attack leveraged the SoCs’ power management features, specifically dynamic voltage and frequency scaling (DVFS), to achieve its malicious objectives.Exploiting such a vulnerability could lead to the exposure of sensitive data, such as cryptographic keys and proprietary information, compromising the confidentiality of secure enclaves. This breach could erode trust in an IP or SoC provider’s security features, particularly in environments that rely on using the IP or SoC for protecting critical data. In cloud environments, a successful exploit could result in multi-tenant data breaches, impacting numerous users.The vulnerability also poses risks to secure applications, potentially leading to manipulated outcomes and decrypted communications. Businesses could face significant financial losses, operational disruptions, and regulatory consequences due to such an attack. It is a stark reminder of how architectural flaws in SoCs can be exploited, leading to severe security breaches that are challenging to mitigate without hardware-level fixes.Industry Believes Hardware Security Assurance Is a Key Priority A majority of security professionals from a diverse group across industry, defense, government, and academia rate hardware Trojan detection, IP piracy protection, and SoC vulnerability assessment as high priorities. This prioritization reflects the industry's awareness of the critical importance of security measures in maintaining the integrity and reliability of semiconductor products.As a result of this awareness, investments in cybersecurity are expected to reach $345.4 billion by 2026, growing at a CAGR of 9.7%2. This substantial investment demonstrates the global commitment to enhancing security measures across all industries, including semiconductors, to combat the escalating threat landscape.New EDA Tools and Investments Needed to Combat Cyber Threats The adoption of new EDA solutions is essential, despite the initial costs. Costs can range from $100,000 to $1 million per license for general EDA design and verification tools, depending on the complexity and capabilities of the software. Pre-silicon security EDA tools can detect vulnerabilities early in the design phase, significantly reducing the risk of exploitation and the need for costly post-production fixes while enhancing product reliability. Secure-by-design principles ensure that security measures are integrated throughout the development process, rather than added as afterthoughts.Integrating these new tools also requires investment in training and potential adjustments to existing workflows. However, the improved security and efficiency provided by these tools can offset these initial costs.While the costs of acquiring advanced EDA tools and deploying them in the workflow is significant, the investment is justified by the long-term benefits of enhanced security and reduced risk of costly breaches. Secure-by-design practices can prevent significant financial losses from security breaches, offering substantial long-term savings. Companies that invest in robust security measures are better positioned to demonstrate market leadership and build customer trust and loyalty, while avoiding the reputational and financial damage associated with breaches.ConclusionThe semiconductor industry is at a critical juncture where the application of advanced EDA solutions for hardware security is not just beneficial, but essential. The time to act is now.The increasing sophistication of cyber threats and the financial repercussions of security breaches make it imperative for IP and SoC vendors to adopt advanced EDA security assurance solutions to secure their designs. By investing in cutting-edge EDA tools and prioritizing security from the earliest stages of design, vendors can safeguard their products, maintain market competitiveness, and protect against the ever-evolving landscape of cyber threats.References1. IBM Cost of a Data Breach Report 20242. KPMG 2024 Global Semiconductor Industry OutlookPavani Jella is the Vice President of Business Development at Silicon Assurance, a member of the Electronic System Design Alliance (ESDA) a SEMI Technology Community. Silicon Assurance specializes in hardware security assurance solutions. With a strong background in the semiconductor and EDA industries, Pavani plays a pivotal role in driving strategic growth and fostering innovative partnerships. Passionate about the intersection of technology and security, she helps organizations adopt state-of-the-art solutions that ensure the resilience and trustworthiness of their hardware systems.
Read More
Adnan Hamid, CEO, founder and visionary of Breker Verification Systems, an ESD Alliance member based in San Jose, Calif., once described his job in chip design verification at AMD as “breaking things.” When it came to naming his startup, Breaker was a natural choice. After some consideration, the “a” was dropped and the company became Breker. Now Hamid is breaking the most complex semiconductor designs and Breker, moving from a startup to a scale-up company, is a noted part of the functional verification space. Smith: Why does verification continue to take the most amount of time in a project cycle? Hamid: The project cycle for semiconductor design has changed. Design abstraction has been raised to a much higher level than the days when developers were connecting logic gates. Today’s developers are typing functions that don’t include lower-level implementation details. Designs incorporate more blocks of reusable IP. Both reduce design time. Meanwhile, designs are getting bigger with more blocks of IP stitched together, all in need of testing. As design complexity grows, the amount of testing and verification increases as a square of design effort. One block requires one functional verification effort. Four blocks of IP mean up to 16 functional interactions require verification. While design is moving up the abstraction level, that’s not the case for verification, where plenty of detail must be reimplemented. Verification has certainly evolved, but engineers still think at the level of independent stimulus, response and coverage, driving the need to allocate so much time for verification. Smith: Are chips targeting artificial intelligence and machine learning applications more difficult to verify? If so, why? Hamid: Yes, absolutely and it’s an interesting challenge, especially given that machine learning is based on massively connected processing element arrays. Attempting to verify the individual processing elements and the critical interconnects is complex. AI device arrays and, interestingly, verification test content operation may both be thought of as a mathematical graph of processing elements and interconnect. Their operation involves walking through the graph form to generate a result. Finding the optimum path through these arrays is key. To understand how these systems may be effectively verified, it is worth investigating planning algorithms. Originally proposed by IBM, these hold the key to this type of verification process. The AI- style algorithm starts backward at the end of the processing element array and tracks down the most optimal and likely paths through it. At Breker, we have used these planning algorithms extensively to drive our graph-based test content synthesis process. Smith: Does system integration require verification? Hamid: Yes, it does. In the past, most functional verification has been performed at the block level. However, with the increase in more specialized SoCs, functionality is spread across multiple blocks, as well as the software running on the processors, driving full system-on-chip (SoC) functional verification. In addition, new requirements such as security and safety must be validated. A system-level infrastructure such as cache coherency and power domain execution has become more complex and these must also be tested. The new frontier in verification is ensuring a fully operational SoC. Of course, given the size of these SoCs, hardware-assisted verification such as emulation is essential, and porting tests from block simulations to SoC emulations has become a requirement. This porting process is problematic and this in turn has driven portable tests, giving rise to the idea behind Accellera’s Portable Stimulus Standard (PSS), of which Breker was a major participant. Indeed, some companies are taking this to the next level by composing their system-level testbench at the same time as they commence SoC architectural design, and then developing the hardware design, software design and test content all in parallel, in the so-called “shift-left” manner. Smith: Is “shift-left” a growing trend that are you seeing in verification? Hamid: Yes. Shift-left is taking hold in hardware and software design, giving way to an increase in early test content composition. Then as individual blocks are finished and connected, their verification is driven from this same test content, saving a significant amount of time and effort. This is a huge verification and test generation change that was inevitable given the increased time-to-market constraints and SoC complexity. Figure 1: Shift-left is ushering in the next generation of SoC verification. Source: Breker Smith: As an entrepreneur, what advice would you give someone founding a startup or thinking about starting one? Hamid: Do not take the attitude “Build it and they will come.” My best advice for an entrepreneur or fledgling entrepreneur is to solve a specific customer problem, however narrow it might seem. Including services as part of a product offering and developing partnerships with other vendors helps with this and turns your company into a solution provider not a product developer. This is essential for getting the right products to market on time and within budget, and then ultimately scaling them across the market. The ESD Alliance and Accellera are hosting a two-part webcast series on the work-from-home experience titled Remote Work, Remote Chip Design: Building Chips During a Pandemic. The first panel, Wednesday, June 9, at 9:00am PDT, will feature a discussion led by Tom Fitzpatrick, strategic verification architect from Siemens EDA verification engineers through their experiences converting their home offices into verification test labs. The second panel in July will explore how executives managed a remote workforce and explain how they plan to bring employees back to physical offices. About Bob Smith Robert (Bob) Smith is executive director of the ESD Alliance, a SEMI Technology Community. He is responsible for the management and operations of the ESD Alliance, an international association of companies providing goods and services throughout the semiconductor design ecosystem.
Read More