Rambus

At Rambus, we create cutting-edge semiconductor and IP products, spanning memory and interfaces to security, smart sensors and lighting.

Home > Blogs

AI Requires Tailored DRAM Solutions: Part 2

by Leave a Comment

Written by Rambus Press

Frank Ferro, Senior Director Product Management at Rambus, and Shane Rau, Senior Research Executive at IDC, recently hosted a webinar that explores the role of tailored DRAM solutions in advancing artificial intelligence. Part one of this four-part series reviewed a range of topics including the interconnected system landscape, the impact of COVID-19 on the data center, and how AI is helping to make sense of the data deluge. This blog (part two), takes a closer look at how AI enables useful data processing, various examples of AI silicon, and the evolving role of DRAM in advancing artificial intelligence.

How AI Enables Useful Data Processing

According to Rau, the sheer amount of data that has been generated in recent years more than justifies the need for AI. As well, AI requires a significant amount of processing power to handle data complexity.

“When you have more distributed data across the landscape generated by different system types, you have different data types. Some of that data is more important than other data. For example, the non-entertainment imaging share of total data, think a lot of static images, is declining” he explains.

“In contrast, entertainment remains a huge part of the data being created and think a lot of moving images, think videos, think Netflix, where the data cannot be interrupted, no one wants the sound or the video of their Netflix movie to be interrupted. That is a form of critical data that cannot be interrupted. It is real time data.”

As Rau emphasizes, AI needs to know how to prioritize data as well as process it.

“You have a combination of AI dealing with a lot of data, a lot of distributed data across that landscape, having to assess whether it is critical or not, and then how sophisticated that data type is. But immediately, the utility for AI is identifying the useful data and bringing that data to the surface for human attention,” he elaborates. “AI is stepping in between our data that we can no longer process because of the amounts and the sophistication of that data and doing the job, and also bringing the data to our attention so we can make good decisions.”

Examples of AI Silicon

As Rau observes, the industry will be working for the next decade or more to advance AI algorithms and processors.

“They will also be developing memory, memory capacity, and various memory types to adapt to the needs that AI will have across this period and across this whole data landscape,” he states.

To more clearly illustrate the market growth of various chips, Rau points to the slide below that aggregates different types of silicon including FPGAs and GPUs, along with specialized AI ASICs/ASSPs.

“You can see significant growth in devices like PCs, phones and tablets. Phones drive a lot of early AI data processing because many of the phone manufacturers, think Apple, think Huawei or their chip providers like Qualcomm, have AI-specific processing capabilities they can put in a phone,” he elaborates.

“This is critical for a phone when it’s doing AI, it’s right in front of you and can process a lot of incoming data through your voice or the video that you’re creating. It can then determine what is important to process and what needs to move on further through edge infrastructure, communications infrastructure, and then into the data center.”

According to Rau, PCs, helped by GPUs, will also be processing AI applications and data, while PCs, phones and tablets are a huge driver of the AI data processing silicon opportunity. Networking infrastructure is “very small” at this point, says Rau, but networking infrastructure will also be processing AI. Specifically, packet processing, compression, and decompression of data as it moves through infrastructure will require AI.

“We have a silicon opportunity that’s pervasive across the AI landscape (or the system landscape) from the IoT endpoints into the data center and cloud. So, we have established the need for AI, the need for processing of AI, and the opportunity for the processing silicon to do AI,” he adds. “With these processors comes the need for memory and most often DRAM. TPUs, GPUs, FPGAs, and other data processing silicon types need DRAM attached to them to bring the data close to the processing so it can be done quickly, such as in real time processing of video.”

The Evolving Role of DRAM in Advancing Artificial Intelligence

As Rau points out, DRAM is a core technology that has proven itself to be extremely adaptive over time, enabling it to support a wide range of system types.

“DRAM has adapted to the needs of new systems, starting with the 90s when personal computing and PCs drove the need for processing and large amounts of memory to meet the general-purpose needs of PCs. When DRAM was, what we called a commodity DRAM, it was ubiquitous, but then as graphics and gaming and other applications came in DRAM adapted into more specialized forms of DRAM for servers, for graphics, and GDDR for example,” he explained.

“More recently with the advent of smartphones, specialized low power LPDRAM is used for those devices. As well, cloud servers sometimes use commodity DRAM or specialized DRAM in large quantities and even some memory modules with their own data buffer chips are used to put more intelligence on the DRAM, next to the DRAM on the module so that DRAM can make some decisions on its own and offload some functions from the CPU. In this way, DRAM is also adapting.”

In terms of the next decade, says Rau, DRAM will once again adapt to new applications across multiple verticals like automotive, video surveillance, and smart homes.

“These applications will need DRAM and processing and heavy amounts of AI. Think in the smart home, think of Alexa, for example, when you talk to Alexa right now, Alexa sends your requests back to the data center,” he elaborates. “In the future, we think that smart home systems will be more locally intelligent to process your request in real time. That means more memory, that means more DRAM.”

Although the smart home space is different than automotive, says Rau, vehicles will also need significant amounts of memory and processing to support AI systems with varying levels of autonomous driving capabilities. In terms of video surveillance, says Rau, AI processing is used to process the event, analyze its severity, and determine will happen next.

“Will that event need to be reported through the video surveillance endpoint, through infrastructure, into the data center in the cloud for some form of more detailed analysis and response?”

The Ubiquity of AI and DRAM

According to Rau, AI will ultimately become ubiquitous in electronic systems.

“As human beings, we use those systems, conceivably seven billion human beings on the planet. There will be seven billion types of AI solutions – especially when you consider all the potential combinations of training versus inferencing, different processing types, the different DRAM types and capacities and configurations that will support that AI,” he explains. “With all of this, DRAM technology continues to adapt. We have GDDR6, which formerly was just graphics DRAM, now being applied in automotive, for example. And HBM, which is high bandwidth memory. Again, formerly just for graphics, but now applied to applications outside of graphics that require very high performance, low latency, as well as a non-proprietary, cost-effective form of performance. There are also memory buffers that go on modules that help the DRAM be more intelligent to respond and offload the needs of CPUs.”

For the next decade and beyond, Rau concludes, DRAM will continue to adapt to new applications driven by AI and data processing.

AI Requires Tailored DRAM Solutions: Part 1

by Leave a Comment

Frank Ferro, Senior Director Product Management at Rambus, and Shane Rau, Senior Research Executive at IDC, recently hosted a webinar that explores the role of tailored DRAM solutions in advancing artificial intelligence. In part one of this four-part series, Ferro and Rau discuss a wide range of topics including the interconnected system landscape, the impact of COVID-19 on the data center, and how AI is helping to make sense of the data deluge.

The Interconnected System Landscape

According to Rau, the internet is “segmenting” with the advent of ubiquitous communications: cellular and Wi-Fi.

“Over the last 10 years, we’ve built ubiquitous communications across different system types with interconnected servers and data centers,” he explains. “For interconnected data centers, we have the cloud connecting through communications infrastructure to PCs, phones, and tablets, but also through edge infrastructure to IoT systems. What we used to call embedded systems are now IoT systems and even cars.”

According to Rau, there is now a landscape of interconnected systems. This means data – and the computing of that data – can be located anywhere across this broad landscape.

“The opportunity for AI – and by extension semiconductors – is vast across the internet system landscape,” he elaborates. “Even when you look at the relatively new segments of the landscape, those would be IoT, and the edge infrastructure systems that bring computing power closer to both IoT and endpoints. The opportunity there is newer, but also growing significantly. And indeed collectively, the revenue for all of those microcontrollers and microprocessors that are running AI – the opportunity at the endpoints and in the edge infrastructure – is more than it is in the traditional data center and cloud.”

COVID-19 & the Data Center

Rau also touched upon IDC’s semiconductor forecast in the context of COVID-19.

“We see in the data center, cloud and infrastructure and edge infrastructure, that there will still be significant investment this year from folks like Google and Amazon in their cloud infrastructure,” he continues. “2020 and 2021 could actually be better years in light of COVID-19 and the need to build out infrastructure and serve a more distributed user base – folks like us who are working from home and edge infrastructure servers – and also servers closer to the endpoints that enable distributed computing and reduce latency.”

The industry, says Rau, clearly sees the need to move data and locate the data closer to the end user. This, he emphasizes, presents an opportunity for more processing silicon.

“Coming out of the crisis, the essential technologies enabling data center and cloud infrastructure and edge infrastructure will include connectivity technologies like 5G,” he states. “A specific example of the need for more processing silicon to support AI capabilities is in healthcare systems for equipment like MRI and other medical imaging systems that need high performance computing to drive real time insights and decision making using large pools of data.”

When we think about AI, said Rau, we should also think about processing those large pools of data.

“Where there is a processor, there needs to be memory and storage. So, we cite memory and storage as one of the major beneficiaries of COVID-19 to move to AI to process data – the processors and the DRAM attached to those processors,” he explains. “More memory means a need for more intelligent memory, and a need for storage and more intelligent storage: real time DRAM serving data processing semiconductors, or storage mechanisms built on NAND such as SSDs and hard drives.”

The Data Deluge and AI

As Rau points out, the ongoing data deluge is the “very basis” for AI. Put simply, there is far too much data for human beings to process on their own with traditional methods.

“By 2024, we’re looking at 143 zettabytes of new data created (in that year). If we further segment the data between data that is original and the copies of that data, 90% of that data will be copies,” he states. “There are organizations, financial and government organizations, that are required by law to have copies of data. As well, we have data center owners who, for reasons of latency, distribute copies of data across the world. By 2024, the ratio of original data to copy data will be about 1:10.”

AI says, Rau, addresses the deluge by intelligently sorting through all the data, helping organizations decide what data to keep, process, and move through the internet system landscape for analysis.

“For example, at an IoT endpoint there is a lot of data created, although not all of that data is going to need to move. When data moves, that costs money, time, and power. AI can be used to sort through that data and decide what is going to move into the data center and cloud for further analysis,” he adds.

Rambus Announces 2020 Design Summit

by Leave a Comment

The Rambus 2020 Design Summit kicks off on Thursday, October 08, 2020 at 09:00 AM Pacific Daylight Time. Throughout the day, our technology experts will discuss the selection and implementation of IP solutions across multiple markets such as the data center, 5G/edge and IoT devices, and AI/ML applications. Critical enabling IP that will be covered during the summit includes HBM2E, GDDR6 and PCIe 5 interfaces, as well as Root of Trust and 800G MACsec security solutions.

IDC’s Shane Rau, who leads computing semiconductor research within IDC’s Enabling Technologies team, and Rambus fellow Dr. Steven Woo will offer their respective visions of how the latest technology developments are shaping the evolution of the data center and AI/ML. Chip designers and architects can register here to gain expert insights and practical information for the implementation of their next-generation SoCs.

Rambus Design Summit promotional material

Specific session details are below.

Session 1: Protecting Data at Rest and in Motion (9:00 – 10:45)

With the rising value of data travelling across the global network, implementing robust hardware-level security is more important than ever. Technology experts from the Rambus security business will discuss the methodology of security by design, as well as the implementation of hardware root of trust and protocol engine solutions. A live Q&A session is slated to follow the presentations.

Specific topics and presenters include:

* Security by Design Approach – Neeraj Paliwal
* Choosing the Right Root of Trust – Bart Stevens
* Protecting Data in Motion with MACsec – Gijs Willemse
* Security Q&A

Session 2: Data Center Evolution Roundtable (11:00 – 11:45)

In this roundtable session moderated by Ed Sperling of Semiconductor Engineering, IDC research vice president, Shane Rau, will lay out the macro trends that are shaping the future of the data center, and the impact of these trends on compute and network device architectures. Rambus technology leaders – including Matt Jones, John Eble, and Neeraj Paliwal – will discuss various chip and IP solutions to optimize data center performance and harden security.

Session 3: Moving Data Faster (12:00 – 1:45)

With data across the global internet rising at an exponential pace, the need for higher data rates and more bandwidth is an imperative. Technology experts from the Rambus interface IP business will provide insights and recommendations for implementing HBM2E and GDDR6 high-bandwidth memory, along with the latest-generation PCIe 5 interface solutions. A live Q&A session will follow the presentations.

Specific topics and presenters include:

* HBM2E Selection and Implementation – Frank Ferro and Joe Rodriguez
* GDDR6 Selection and Implementation – Frank Ferro and Joe Rodriguez
* PCIE 5 Selection and Implementation – Phani Paladugu and Vinitha Seevaratnam
* Interface IP Q&A

Session 4: How Bandwidth is Key to Unlocking Greater AI Performance (2:00 – 2:50)

Rambus fellow and distinguished inventor, Dr. Steven Woo, will explore the latest developments in AI/ML training and inference. AI/ML performance is advancing at an astonishing rate thanks to purpose-built AI accelerators. Dr. Woo will discuss how emerging memory and system interfaces are key to providing the bandwidth needed for the next generation of AI/ML hardware. A live Q&A session will follow the presentation.

Register here to save your seat!

PCIe 5 Drill-Down with Rambus’ Suresh Andani: Part 3

by Leave a Comment

In part two of this three-part series, Semiconductor Engineering Editor in Chief Ed Sperling and Suresh Andani, Senior Director, Product Marketing and Business Development at Rambus, discussed early market adoption of PCIe 5, as well as the networking environment the specification will support in the data center. In this blog post, Sperling and Andani explore the compute and storage demands that necessitate PCIe 5.

“Once the data [is fed] into the CPU, it has to be processed. Workloads such as HPC and AI/ML require a lot of computing. As you can see [in the video below], the ToR switch to the NIC is going to 400G Ethernet – and the link between the NIC and CPU is PCIe 5,” he explains.

“Now the CPU has a linear architecture. With multi-threading, hyper-threading and adding more cores, you can do a bit more parallel processing. However, applications such as convolutional neural networks (CNNs) and deep neural networks (DNNs) used in AI/ML workloads such as video transcoding and image processing require a massively parallel compute architectures. This is where we are seeing more and more accelerators go into hyperscale servers.”

As Andani observes, there are multiple neural networks for various applications.

“For image recognition, you’re going to use a CNN or DNN. If you look at voice recognition or natural language processing, these are different types of AI workloads, so the algorithms needed to run these workloads are different,” he states. “That is why you see different types of neural networks, but they all work in parallel, depending on what kind of workload you’re running.”

Andani continues, pointing out that although the data is fed to the CPU (via PCIe 5), the CPU is assisted by accelerators which themselves will interface with the CPU via PCIe 5.

“These could be GPUs that you see a lot in AI training type of applications. You are also starting to see a lot of FPGAs, specifically for high-performance compute workloads like video transcoding, although FPGAs are also quite good from an AI inference perspective. In addition, some companies are building dedicated or custom ASICs,” he explains.

“With all accelerators, the way to connect to the CPU is via PCIe. With older workloads, which were not as sophisticated, it was sufficient to use PCIe 4 bandwidth. However, new sophisticated workloads like AI/ML require a lot of bandwidth over PCIe 5.”

“There is a distinction between certain workloads that are very latency sensitive, for example, real time AI. If you are running real time AI workload in a cloud, you cannot tolerate a lot of latency between various compute nodes. That is where some new cache coherent protocols like Compute Express Link (CXL) and CCIX are gaining more steam.”

On the storage side, says Andani, data centers that did not have a hyperconverged architecture typically maintained storage servers that were SAS/SATA based running over fiber channel. However, in the modern data centers these servers are becoming hyperconverged to save on TCO.

“It makes a lot of sense to have a storage drive like an SSD flash drive (which is quite fast) that can be plugged into the same compute server, so you don’t need extra storage servers. That is why you are seeing more and more NVMe-based SSD drives on the market,” he elaborates. “With more and more ultra-high definition videos being stored and accessed on demand, you cannot tolerate a lot of latency of this transfer, like video being transferred from the SSD drive to the CPU back to the network. So, you need a very fast and efficient interface between these SSD drives and the CPUs. Hence, these are basically now PCIe 5-based interfaces between NVMe SSDs and the CPU.”

According to Andani, this is typically an x4 link (between NVMe SSDs and the CPU), versus the SmartNIC and the accelerators which are typically x8 or x16. Because of the small form factor and limited space, SSDs are typically put on an x4 slot.

“The key point: PCIe is driving the speeds and feeds needed for very fast video or storage access to the NVMe drives between the CPU and the SSD controllers. From a storage perspective, the videos are [scaling to] higher and higher resolution, which means the interface between the controllers and the CPU must become faster and faster.”

As Andani points out, there are two ways of increasing the bandwidth between the SSD and the CPU.

“One, you can take the PCIe 3 or PCIe 4 that you have and go from an x4 form factor to an x8 or x16. However, you are very space-limited in a very crowded server and cannot afford to go to x8 or x16 for storage,” he says. “This is where the solution is to keep the x4 form factor, but to get the double bandwidth, you double the speed [by moving from] PCIe 4 to PCIe 5.”

In terms of thermal impact, Andani observes that the increase in data bandwidth, computation and  number of IOPS (Input/Output Operations Per Second), corresponds to an increase in heat.

“Your TDP per chip, whether it’s an accelerator or a storage drive or even a SmartNIC, is going higher and higher. Luckily, thermal cooling technologies are also evolving. We are seeing liquid cooling in more and more data centers, which is passing liquid over the hot chips. As well, we are also seeing racks immersed in liquid, which is quite sophisticated,” he explains. “The thermal cooling technology needs to keep up with [these trends]. PCIe 5 only solves the data bandwidth interface challenge, but there are many other problems that we need to solve collectively in a data center, thermal challenges being one of them.”

Andani concludes his conversation with Sperling by walking through a detailed summary chart.

“Here we see a server and an x16 slot where you have the NIC or the SmartNIC – this is the one that gets connected to the ToR. You have a couple of x4 slots on a server where you are connecting your storage and then there is another x16 slot for an accelerator like a GPU, ASIC or FPGA,” he states.

“This illustrates the different PCIe interfaces on a server like we [previously discussed]. So, between the CPU and the SmartNIC, you are running PCIe. Currently, there are 40G and 50G servers running PCIe 3 (x8). 100G servers (that are ramping now) are using PCIe 4 (x8). In the architecture phase now are the 200G and 400G servers that, as we did the bandwidth calculation a few moments ago, will require PCIe 5 (x16), especially for 400G ethernet.”

Andani continues, pointing out the PCIe link between the CPU and the accelerator.

“Depending on the workloads that were running in the past, PCIe 3 or PCIe 4 was enough. However, with modern workloads like AI/ML and HPC, you are going to need the PCIe 5 (x16) bandwidth – and that is where we are going to see PCIe 5 deployed. Finally, storage is moving towards a U.2 form factor (SSD) which is moving from PCIe 3 to PCIe 4 and PCIe 5 (x4),” he concludes.

Miss part one and two? Catch up on this series here:
Part 1
Part 2

PCIe 5 Drill-Down with Rambus’ Suresh Andani: Part 2

by Leave a Comment

In part one of this three-part series, Semiconductor Engineering Editor in Chief Ed Sperling and Suresh Andani, Senior Director, Product Marketing and Business Development at Rambus, discussed the evolving PCIe specification. In this blog post, Sperling and Andani explore early market adoption of PCIe 5, as well as the networking environment the specification will support in the data center.

According to Andani, the enterprise and cloud data centers will be early adopters of PCIe 5. However, PCIe 5 will ultimately be adopted at the edge to support an increasing number of low-latency and time-sensitive applications.

“I do expect to see PCIe 5 adoption very soon – about in a year or so – within the edge data centers as well,” he adds.

To illustrate the need for PCIe 5, Andani highlights various aspects of a typical hyperscale data center, pinpointing where the interface will be deployed.

“There are three main elements to a hyperscale data center: networking, compute and storage. What you see [shown in the network section of the image below] is a very typical cloud architecture, also known as the leaf-spine architecture of a data center. At the base node of this architecture you will see racks of servers and these racks are combined to form clusters,” he explains.

Suresh Andani explaining cloud architecture
Suresh Andani showing an example of cloud architecture.

“The base computation, the processing, basically happens in these servers. As workloads become more sophisticated, there is a lot of east/west traffic. The servers, the applications, are running on multiple servers that are located within a rack – and traffic can also be exchanged between servers across racks and clusters. A lot of traffic flows in the east/west direction – from a rack to another rack.”

Workloads such as AI/ML training have grown so large, it needs to be performed over many servers. As Andani points out, this flow of data is enabled by the network switch fabric.

“At the base level, you see the servers, then the top of rack (ToR) switch which is responsible for data traffic exchange within a rack. Connecting these tops of the rack switches are the leaf switches that enable data traffic between racks within a cluster. When you go one layer up, there is a spine switch that enables traffic to flow between one cluster to the other clusters within a data center,” he continues.

“At the front panel of the top of the racks switch are the Ethernet QSFP nodes connecting to the standard two socket server with an Ethernet link – and there is a network interface card (NIC) sitting on the server that connects the two. So, this link between the ToR switch and the server, the NIC of the server, is Ethernet. However, the traffic that originates from the network has to be passed on to the CPU for processing and that happens over PCIe.”

Data centers, says Andani, are moving from 40G Ethernet server networking to 100G. The upgrade to 400G is just beginning and a transition to 800G will follow.

“If you look at 100G Ethernet servers, that is a total bandwidth of 200 gigabits per second (Gbps). If you convert that into gigabytes per second (GB/s), this translates to roughly 30 GB/s. Now 30 GB/s coming from the ToR switch to the NIC can easily be served with a PCIe 4 (x8), which is 32 GB/s (so that was not the bottleneck),” he states. “However, as we move from 100G ethernet networking to 400G networking between the ToR and the server, we can do the math again. 400G in full duplex is equal to 800 Gbps. If you divide by eight, that is about 100 GB/s.”

According to Andani, 100 GB/s traffic between the ToR and the server cannot be realistically served with PCIe 4. This is because the maximum bandwidth that PCIe 4 can support is 64 GB/s, which is well short of what is needed to support 400G Ethernet.

“This is where we need to get to PCIe 5 (x16). If you look at PCIe 5 (x16), it provides an aggregate duplex bandwidth of 128 GB/s, enough to service 100 GB/s (required by 400G Ethernet),” he adds.
As Andani confirms, this paradigm is the same for both an Exascale cloud operation and on-premises enterprise servers.

“On-premise data centers are looking more like hyperscale or cloud data centers because the type of processing that some big enterprises need to get done is at the same level. However, they do it on- premise because of security concerns. Nevertheless, at the end of the day, the workloads are just as intensive. For the cloud, you will observe slightly more intensive workloads, but the cloud will likely trailblaze PCIe 5 and then enterprise will soon follow,” he concludes.

Understanding Anti-Tamper Technology: Part 3

by Leave a Comment

Written by Scott Best for the Rambus Blog

In part one of this three-part blog series, we discussed the low-cost attacks that target security chips such as protocol and software attacks, brute force glitch attacks, as well environmental attacks. In part two, we took a closer look at attacks executed by more sophisticated adversaries. These include side-channel attacks, clocking attacks, fault injection, and infrared emission analysis. In this blog post, we explore the most sophisticated attacks that can target your security chip, such as laser voltage probing, focused ion beam (FIB) editing, reverse engineering, and NVM extraction.

Since these advanced techniques typically originate from national labs or other state funded actors, your adversary will be using advanced failure analysis equipment to gain a detailed picture of the inner workings of your security chip. It is important to understand that bringing a state-of-the-art 10 billion transistor SoC to market in a leading-edge technology node necessitates the use of leading-edge failure analysis equipment to help debug a chip on its path to mass production. Your adversary will have access to this failure analysis equipment and can repurpose it to gain more insight into what a security chip is doing.

In this article:

Laser Voltage Probing

Laser voltage probing is conceptually similar to both the fault injection and infrared analysis we described earlier in this three-part blog series.

Laser Voltage Probing
From: “No Place to Hide: Contactless Probing of Secret Data on FBGAs”, H. Lohrke, Technische University Berlin, June 2016, https://eprint.iacr.org/2016/593.pdf

With laser voltage probing, a specific point in a circuit can be measured in a contactless way by zapping that specific node (in the circuit) with an infrared laser. An attacker can subsequently measure the difference in refraction . Even a slight difference in diffraction can alert the adversaries as to whether the data is transitioning from a one to a zero, from zero to a one, or if the voltage is not transitioning it at all. This is an effective technique for reading out the contents of memory buses, the output of physically unclonable functions (PUFs), the output of embedded non-volatile macros, and even some particularly important nodes inside of security core itself.

Laser voltage probing countermeasures are similar to methods we’ve described previously in this three-part blog series. For example, randomness can be used to split the data into multiple components and offset the time at which those components are traversing on a bus. This makes it difficult for the adversary to precisely time their laser voltage probes to extract the data. Randomness – both spatial and temporal (data) – is the most effective countermeasure for laser voltage probe. Since this method involves infrared lasers injected on a node, the previously described techniques of back side metallization can also be a very effective deterrent to this type of attack.

Focused Ion Beam (FIB) Editing

Most companies that have built a chip over the last 30 years probably engaged in some “FIBing.” This is because focused ion beam editing is a very standard debug technique that reaches into the chip to disconnect some signals and reconnect certain logic gates. FIBing is an effective failure analysis tool because it is essentially an additional processing step that can be applied to a chip after fabrication.

Electric Tampering via Focused Ion Beam (FIB)
Electric Tampering via Focused Ion Beam (FIB)

It is almost impossible to prevent a chip from being FIB analyzed. This is because FIB is just another processing step that is applied to the chip after is manufactured. However, this step can be exploited by an adversary to reconnect wires within your chip and deactivate any alarm (generated in the chip). In fact, additional pads can be dropped down onto the chip – and the chip can be repackaged by an adversary to grant access to internal nodes that otherwise would not have been exposed externally before.

The unfortunate reality is that countermeasures for FIB attacks are very difficult to effectively implement. Our Rambus security team is currently researching the use of tamper evidence physical unclonable functions, or PUFs. This will enable the metallization of the chip itself to be fingerprinted when the chip is manufactured. The fingerprint remains a wholly internal portion of a secret key. If an adversary were to FIB into the chip and modify this metallization, the secret key value would be inevitably corrupted, rendering the attacks unsuccessful.

Reverse Engineering

Reverse engineering enables an adversary to destructively decompose a chip, layer by layer, taking very precise scanning electron micrographs that enables an attacker to reconstruct the actual logical netlist. Oftentimes this is done to recover proprietary functions that might be realized within the chip, or to recover read-only memory that has been compiled into a standard cell library circuit within the chip.

Reverse Engineering Attacks
Reverse Engineering Attacks

Countermeasures for reverse engineering attacks are fairly well known. The basic concept is to corrupt the automatic reverse engineering process by building lookalike or camouflage gates into the netlist. This way, when an adversary takes very careful pictures of what they believe to be a NAND gate, for example, they will discover that it is not actually a functioning NAND gate (because camouflage technology was used to modify the logical operation of that gate). Although it might look identical to a standard cell gate, it performs a different logical operation. So, when your adversary has finished extracting your 100,000 or one million gate circuit, the netlist they will have is incorrect. Because of the camouflage logic, they have no idea which one of the gates is incorrect. This can greatly delay your adversary’s attempt to recovery a proprietary netlist that is hidden on-chip.

Another way of protecting against a reverse engineering attack is a concept known as logic locking. This is similar conceptually to FPGAs which load a bit stream into the circuit – although the circuit does not perform a correct operation until the correct bit stream is loaded. Logic locking is similar, with a large digital signal (perhaps a 256-bit wide signal), loaded to a proprietary function that will not operate correctly until the right signal is applied. This means that if an adversary manages to recover your netlist from the chip, they still need to recover the very small 256-bit file that controls the correct operation of the chip. This method can help mitigate against the more straightforward approaches of reverse engineering attacks.

NVM Extraction

NVM extraction targets the contents of non-volatile memory. Most of the time, secrets inside of a security chip are hidden in a combination of proprietary netlist and NVM contents. An adversary must therefore recover both to make sense of your secret data. Unfortunately, every embedded non-volatile macro has an attack surface on it, and your adversary will be familiar with that type of macro and what type of attacks can be used against it.

NVM Macro

For example, if your NVM macro only has a very narrow data bus, a type of power analysis known as template attacks can be used to recover the data. In addition, if your NVM macro allows secret data to be read and written during a manufacturing state, then your adversary will go after the manufacturing state and try to trick a chip that has already been provisioned with secret data into thinking that it is in the manufacturing state where the data can be read out.

There are even more sophisticated attacks that use scanning electron microscopes to sense the contents of any type of charged based memory, such as EEPROM or embedded flash. Finally, more advanced techniques use the laser voltage probing or FIB attacks we described earlier to monitor the actual data bus of the chip – and perhaps to even take control of the command address portions of the chip to walk the data out of the chip after it has been repackaged.

Countermeasures for this type of attack include a lot of brute force approaches, such as very wide data buses that are much more difficult to repackage and analyze, as well as the previously described countermeasures for both laser voltage probing and FIB attacks.

Rambus Anti-Tamper Technology

Thus far, we have described a number of anti-tamper countermeasures in our three-part blog series. It should be noted that all of our fixed function cores such as AES, SHA and the Public-Key Accelerators include all of the algorithmic countermeasures for wherever algorithm countermeasures are effective, such as in power supply analysis and fault injection countermeasures.

Moreover, our root of trust cores, which are more sophisticated processor-based systems coupled with fixed function cores, include more countermeasures because there are dispatches that can be controlled by the processing elements to, for example, activate ‘first to fail’ logic cores. This ensures these cores are active during execution of the fixed function cores – and makes sure they can randomly stage secure cryptographic events to the cores to thwart timing attacks.

Our anti-counterfeiting line of products include the most countermeasures because these products exist in a chip level form. For these products, we can include some of the more advanced protections against glitch, environmental attacks, and even some more advanced attacks like laser voltage probing and FIB editing of the security chip.

The slide below presents a visual summary of the countermeasures that we have in our security products.

Secure Silicon Countermeasures
Secure Silicon Countermeasures

As you can see, the fixed function cores include algorithmic countermeasures for wherever they are appropriate, such as inside channel glitch injection and fault injection protection. Our root-of-trust cores have a wider selection of countermeasures that can be included because of the more sophisticated execution environment. In addition, our anti-counterfeiting solution, (represent by the ACF column), summarizes an inclusion of countermeasures for these attacks. Lastly, our standalone camouflage technology is used to protect against netlist recovery and reverse engineering attacks.

Read more in this series:
Understanding Anti-Tamper Technology: Part 1
Understanding Anti-Tamper Technology: Part 2

Watch Anti-Tampering Technologies

Don’t miss out on the Rambus Design Summit on October 8th!

Register Today