It is pointed out that attacks on semiconductors are becoming easier and the need for security measures is increasing.



Attacks on semiconductors were theoretical until a decade ago, but in recent years, with the use of semiconductors in a wide range of fields such as automobiles, robots, and medical equipment, attacks on semiconductors have become a reality. Threat. However, technology-related media Semiconductor Engineering points out that ensuring hardware security for semiconductors is not an easy task, and explains why it is difficult.

Why It's So Difficult — And Costly — To Secure Chips
https://semiengineering.com/why-its-so-difficult-and-costly-to-secure-chips/

If semiconductors used in medical devices or semiconductors that play a central role in self-driving cars are attacked, serious life-threatening accidents may occur, so these industries are prioritizing semiconductor security measures. is. However, companies belonging to other industries, especially companies that have never experienced attacks on semiconductors, tend to neglect security measures because of the high cost. Regarding this situation, Scott Best, director of security technology at electronics manufacturer Rambus , said, 'Running security algorithms on unsafe processors is one of the hallmarks of security failures. Processors are for power, performance and security. But if you don't, you won't get the benefits of the processor, 'he said, claiming that security cannot be ensured without security measures.

Some companies and organizations are beginning to realize that security should be prioritized over cost. 'It's good to focus on security requirements over cost,' said John Hallman, security product manager at OneSpin , a circuit design tool developer. 'In recent years, many threats have been reported in the hardware arena. These can be incorporated as part of the security verification process, 'says the need to gather information about threats. Semiconductor Engineering also lists MITER's Threat Information Report, which is funded by US government agencies, and the Threat Report published by the European Union Agency for Cybersecurity, as a source of information on threats.

Threat Landscape for Supply Chain Attacks — ENISA
https://www.enisa.europa.eu/publications/threat-landscape-for-supply-chain-attacks



Another reason why semiconductor security measures are becoming difficult is the technological innovation of semiconductors. Semiconductor manufacturing technology is improving year by year, and it is now possible to incorporate more functions into semiconductors of the same area than before, so chip developers are moving to incorporate more components into semiconductors. became. However, the details of these components have not been revealed to the user, and Semiconductor Engineering points out that security measures are difficult because the user cannot confirm the safety of the component.

Also, the above problems are noticeable in semiconductors optimized for AI. When a problem related to AI occurs, it is difficult to isolate the problem as to whether the problem is due to learning data, AI, or semiconductor, and it is difficult to grasp the existence of the attack. ..



'Security continues to be a challenge,' said Semiconductor Engineering. 'For decades, it was much easier to hack software than hardware, so the semiconductor industry has downplayed security, but in recent years. It has become easier for organized crime groups and governments to obtain the equipment needed to reverse engineer semiconductors, 'he emphasizes the growing need for security measures for semiconductors.

in Hardware,   Security, Posted by log1o_hf