Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.1
Secure SiliconCommercial Electronic Design Best Practices To Support
MOSIACS JCTD
Steven Carlson, James Chew, Charlie Schadewitz
Cadence Design Systems, November 2020
www.cadence.com
https://www.cadence.com/go/national-security
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.2
Bottom Line Up Front
• “Shift-left: software integration, bring-up, and verificationo Emulate before you fabricate to show functional interoperabilityo Integrate before you fabricate for electrical/power integrity and thermalo Attack before you fabricate to stress security policy early
Do It right the First Time
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.3
Microelectronics: heart of the matter
DoD Modernization Areas: • Artificial Intelligence / Machine Learning (AI/ML)• Autonomy • Cyber • Directed Energy • Fully Networked C3 (FNC3) • Hypersonics • Microelectronics • Quantum • Space
Additional joint interest areas include: • Autonomous Close Air Support Capabilities • Emerging Disruptive Technologies and Capabilities • Enhanced Soldier Close Combat Lethality • Integrated Command and Control Solutions • Intelligent Electronic Warfare • Operationalizing the Stratosphere • Rapid Decision Making Tools and Systems • Reducing the Sensor-to-Shooter Timeline • Sensors for Time Sensitive Targeting • Sustained Logistics in a Contested Environment
Fighter CapabilityDomain-Specific Reference Platforms
HeartbeatOf Modern
Systems
Microelectronics
AI/ML
Autonomy
Cyber
FNC3
Hypersonics
Space
Autonomous Close Air Support Capabilities
Intelligent Electronic Warfare
Enhanced Soldier Close Combat Lethality
Sensors for Time Sensitive Targeting
Rapid Decision Making Tools and Systems
Reducing the Sensor-to-Shooter Timeline
Integrated Command and Control Solutions
Sustained Logistics in a Contested Environment
Operationalizing the Stratosphere
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.4
• Symptomso Rifle scopeo Atmospheric monitoring systemo Fighter helmet
o Fighter EW system
Microelectronics & DoD: Something’s wrong
Huge SWaP/PPA disadvantage
Antiquated technology, architecture, SWaP
1990’s design & verification approaches
1990’s design & verification approaches
Defense Industrial Base is the perfect evolution of the DoD’s
laws, rules and regulations
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.5
Commercial Best Practice: Integrate Before You FabricateComprehensive verification, implementation & analysis solutions
AnalogMixed Signal
HW/SW Verification“Is it functionally correct?”Hardware/Software, Power,
Architecture, Safety, Security
Chip Implementation“Optimized, Advanced Node
Implementation”Performance, Power, Cost
PackagingPCB Integration
“Silicon into packages and parts into Printed Circuit Boards”
System Analysis“Does it work when put together?”Electromagnetic, Thermal, Low Power
IP Selection“Reuse the right building blocks”
Processors, Interfaces, Analog
Apps
Engines
Formal Simulation Emulation Prototyping
Smart Verification Management
X86 ServerArm Server Custom Processor FPGACompute X86 Server
Arm ServerConcept
Des
ign
Impl
emen
tatio
n
Innovus™Implementation System
Stratus™High Level Synthesis
Genus™RTL Synthesis
Conformal®LEC, ECO, LP
ModusDFT
Joules™RTL Power
Pegasus™DRC, LVS, DFM
Tempus™Signoff STA
Quantus™Signoff Extraction
Voltus™Signoff Power
Tempus™Signoff STA
Quantus™Signoff Extraction
Sign
off
Des
ign
Cre
atio
n
Liberate™Characterization Portfolio
Verified hardware description
GDSII for masks to fab
Board & Package
IP & Subsystems
Implementation
Systems
Verification
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.6
Dynamic Duo: Emulation & Prototyping
Palladium Z1 Emulation• Optimized HW/SW debug
• SoC acceleration, HW/SW
• Power & Performance Analysis
• Advanced Use Models
• Up to 12 Racks or 6.9B gates
Protium X1 Prototyping• Automated Bring-Up
• Scalable performance
• SW development
• HW/SW regressions
• Up to 4.8B FPGA Gates (Q1’20)
Compile
DUT
RTL
SamePhysical Interfaces
The Dynamic Duo of the Electronics Industry DoD Currently Has Five Palladium Emulation Systems Available for Use
AFRL @ DAC 2019: https://bit.ly/3dUOAZm
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.7
Example Digital Twin Setup
Compile
Design
Load Design
Connect to existing hardware
Load software
Compile
C/C++
Performance data analysis/analytics
Function – Performance Power – Reliability – Safety
Security - Rad-hardness
Apply ActualData
Note: Example conceptual, does not representing actual design
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.8
Example: Inside NVIDIA’s Emulation Lab
Software-Based Hardware Tests
=
ChipProduction
SiliconBringup
Post SiliconFab
ArchitectureExploration
andSpec
DefinitionPhase
Place andRoute,
Tapeout
SoC Development
Functional Bug Rate
Frontend Design and Functional Verification
SystemOn
Chip
https://blogs.nvidia.com/blog/2011/05/16/sneak-peak-inside-nvidia-emulation-lab/
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.9
Northrop Grumman Collaboration With Cadence Palladium Z1
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.10
Hardware Vulnerabilities are Widespread, Dangerous, and Costly
Why?
1. Increasing chip complexity
2. Hardware attack ROI is high; breaks large investments in cybersecurity
3. Shift to hardware based security architectures prone to vulnerabilities
MITRE records a 5X increase in hardware vulnerabilities in the last 2 years
# of
Har
dwar
e V
ulne
rabi
litie
s
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.11
EDA technologies address broad array of security challenges
Hardware logicProgrammable system
Processors SRAM
AI/ML
Display
EHSM
Network
DSPUSB
UARTGPIO
User
logi
c
AMS
Errant behavior2+2 = 5
Malicious modifications
Insecure components
Data leaksCounterfeits/ clones
Side channels
Malware
Bugs
System-on-chip security attack surfaces
Physical analysis
Functional verification
SW dev/debug
FormalEquivalence
FormalProof
Design IP
Processor/ IP
Security design
servicesProvenance
tracking
Datapath security appSeq equivalenceGeneral assertion proofFault selection/injection
Equivalence checkPower mgt verif
Multi enginePlanning, mgtPortable stimulus genHW/SW verif/debugSafety/Fault injection
Auto qualifiedAdv nodeStandards interfacesConverters/mixed-signalBIST/BISA automation
Security function implAdv node expert teamCleared personnel
PowerThermal Reliability/agingEMIR
HW verif links to SW envsAccurate HW/SW interactionBlended abstraction w/ real devices
EncryptionAuthenticationHROT compatibleSecure RTOS compatibleAuto qualified safety
Interfaces to PLMsVplan/tracking/mgt
Supply Chain Trust Assurance
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.12
Shift-left: best practice with big payoffs
Early functional integration, interoperability debug, mitigation
Early physical integration , integrity, thermal, EMI, …
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.13
Shift-Left: enables security susceptibility analysis
• “Shift-left” enables pre-silicon attack.
• Coming mandate to attack before you fabricate:o Emulate before you fabricate – get the system function
(HW, HW/SW) correct before any physical fabrication
o Integrate before you fabricate – co-optimize the chip/package/board/interconnect/enclosure
o Attack before you fabricate – explore and stress vulnerability surfaces
• Mandates ensure early attack analysis is possible
• Capabilities can be retrofitted into systems facing DMS issues or are due for upgrades and technology insertions.
• Shift-left movement has opened an opportunity to significantly improve the first-pass success in meeting system security specifications
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.14
Performance testing
Palladium - DPA
Power Analysis
Joules/Voltus
Thermal Analysis
Celsius Thermal model extraction
Transient thermal simulationDie DimensionsPackage Design (.sip file)Board (.brd file) ß optional
Power over time per tileTiling file
Transient temperature maps
LIB/LEFSDCRTL/DEFUPF/CPFSPEF (optional)
Activity Data (PHY)
Android SW stackAntutu SW
Virtual HW/SW Bring-up
Palladium/Protium
Mission-specific workloads
Toggle Activity ProfileAnTuTu CPU score
Detailed Power reportsFrequency sweeps
Known good design
DesignExecution env
What if Sensor placement
Reliability/Aging Analysis
Legato/Voltus-Fi
Temp/pwr over time per tileTiling file
1
3
2
4
5
6
Conceptual analysis waterfall diagram
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.15
Red TeamBlue Team
Attack While You Design:Verification platform independent pre-silicon attack generation; post silicon digital-twin analysisSupport Blue/Red team’s work (performance/denial of service, power, timing, EMI, reliability functional attack automation andanalysis)
Blue team passes design image to Red
team in Protium image
Perspec System Verifier
Attacks at HW/SW interface
Palladium® Z1
RTL
Protium S1® Protium S1®
Perspec System Verifier
Red team passes successful attack tests
to Blue team
Design/attack HW/SW tests
UPF
Cadence Proprietary ©
© 2020 Cadence Design Systems, Inc. Cadence confidential. Internal use only.16
• Shift-left software integration, bring-up, and verificationo Emulate before you fabricate to show functional interoperabilityo Integrate before you fabricate for electrical/power integrity and thermalo Attack before you fabricate to stress security policy early
• Using Commercial Electronics Design Best Practices yields a system digital twin o Use to ensure cyber security
Summary Recommendations
Do It right the First Time
© 2020 Cadence Design Systems, Inc. All rights reserved worldwide. Cadence, the Cadence logo, and the other Cadence marks found at www.cadence.com/go/trademarks are trademarks or registered trademarks of Cadence Design Systems, Inc. Accellera and SystemC are trademarks of Accellera Systems Initiative Inc. All Arm products are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All MIPI
specifications are registered trademarks or service marks owned by MIPI Alliance. All PCI-SIG specifications are registered trademarks or trademarks of PCI-SIG. All other trademarks are the property of their respective owners.