Writing for Semiconductor Engineering, Ernest Worthman notes that while stacked die may improve performance and lower power, the use of through-silicon vias (TSVs) could potentially add new security risks.
“With 2.5D architectures, IP blocks can be designed on separate dies and assembled using an interposer. Such a chip can have a stacked DRAM, a Wi-Fi radio and flash memory, together with the processor in a single package,” Worthman explained.
Image Credit: IBM via SemiEngineering
“This means a new opportunity to sneak a Trojan IC into the mix has been created. Integrating such a Trojan chip, or interposer into the 3D IC assembly is a very effective means of injecting malicious circuitry. This is even truer if the Trojan lays stealth until activated by particular command, function, or timer.”
However, Paul Kocher, president and chief scientist at the Rambus Cryptography Research division, told the publication that stacked dies actually offer a number of security-related benefits, especially on the reverse engineering side.
“[Stacking dies] makes it physically difficult to drill though without destroying the chip,” said Kocher. “When it comes to the mechanical types of probing, manipulation, and microscopy of the chip, the extra layers, thickness, number of interconnects, etc., make hacking the chip much more difficult.”
Indeed, says the chief scientist, human error during the design process is currently more of a concern than malicious chip tampering. To be sure, quite a number of bugs are inadvertently created during the design process.
“Trying to get designs to be bug- and backdoor-free is difficult,” he continued. “So from a resource allocation perspective, the most urgent priorities are around getting solid designs to begin with.”
From a broader perspective, says Kocher, the industry continues to create devices that are increasingly complex, which means more opportunities for bugs, malicious or otherwise.
“There are [also] more of these devices being deployed, which means more targets for the attackers,” he opined. “And the devices are of greater value, which means greater rewards for attackers.”
While short-term security trends may appear relatively ominous, Kocher believes robust security foundations at the silicon level can help protect the software stacks that sit on top.
“[According to Kocher], the only path out of the morass we are currently in is to work on better things to do at the chip level so we don’t have such a dependence on software being perfect,” Worthman concludes. “The security of the universe is again in the hands of the chip developers.”