In a recent QandA discussion with Stanford Engineering, EE professor Subhasish Mitra and Computer Science professor Clark Barrett, describe their recent work to secure chips before they are manufactured.
What's new when it comes to finding bugs in chips?
Designers have always tried to find logic flaws, or bugs as they are called, before chips went into manufacturing. Otherwise, hackers might exploit these flaws to hijack computers or cause malfunctions. This has been called debugging and it has never been easy. Yet we are now starting to discover a new type of chip vulnerability that is different from so-called bugs. These new weaknesses do not arise from logic flaws. Instead, hackers can figure out how to misuse a feature that has been purposely designed into a chip. There is not a flaw in the logic. But hackers might be able to pervert the logic to steal sensitive data or take over the chip.
How do your algorithms deal with traditional bugs and these new unintended weaknesses?
Let's start with the traditional bugs. We developed a technique called Symbolic Quick Error Detection — or Symbolic QED. Essentially, we use new algorithms to examine chip designs for potential logic flaws or bugs. We recently tested our algorithms on 16 processors that were already being used to help control critical automotive systems like braking and steering. Before these chips went into cars, the designers had already spent five years debugging their own processors using state-of-the-art techniques and fixing all the bugs they found. After using Symbolic QED for one month, we found every bug they'd found in 60 months — and then we found some bugs that were still in the chips. This was a validation of our approach. We think that by using Symbolic QED before a chip goes into manufacturing we'll be able to find and fix more logic flaws in less time.
Does Symbolic QED find all vulnerabilities?
Not in its current incarnation. Through collaboration with other research groups, we have modified Symbolic QED to detect new types of attacks that can come from potential misuse of seemingly innocuous features.
This is just the beginning. The processors we tested were relatively simple. Yet, as we saw, they could be perverted. Over time we will develop more sophisticated algorithms to detect and fix the most sophisticated chips, like the ones responsible for controlling navigation systems on autonomous cars. Our message is simple: As we develop more chips for more critical tasks, we'll need automated systems to find and fix all potential vulnerabilities — traditional bugs and unintended consequences — before chips go into manufacturing. Otherwise we'll always be playing catch up, trying to patch chips after hackers find the vulnerabilities.
Excerpted from "Q&A: What's new in the effort to prevent hackers from hijacking chips?"
- Prototype for a Computer-on-a-chip Unveiled, February 2019
- Stanford Engineering, "Q&A: What's new in the effort to prevent hackers from hijacking chips?", June 2019.