To better understand where the semiconductor supply chain is vulnerable to insertion of Trojan circuitry, it helps to comprehend the overall manufacturing flow for integrated circuits. Figure 2 shows the general design and manufacturing supply chain for many semiconductor products. Though there are no hard and fast rules on what pieces may be outsourced, generally a vertically-integrated, Integrated Device Manufacturer (IDM), will have most if not all of the parts of the supply chain contained within its own company. Intel is one such example of an IDM, though it may choose to outsource wafer fabrication or assembly and packaging on older products.
A fabless chipmaker generally outsources the manufacturing of the chips to a foundry, such as Taiwan Semiconductor Manufacturing Company (TSMC) or GlobalFoundries. Likewise, the foundry, or perhaps the fabless chipmaker, once fabrication is complete, will contract out the Test, Assembly, and Packaging (TAP) of a part to an Outsourced Semiconductor Assembly and Test (OSAT) provide, such as ASE or Amkor. Table 1 shows a few representative companies for each category.
Design houses and intellectual property (IP) providers often sell their designs to chipmakers that then modify and fabricate chips, or outsource to foundries. For example, Apple designs its own chips used in its portable products. Their processor designs are based on ARM’s processor, additional libraries, and other Apple-unique IP it acquired through the purchase of design companies P.A. Semi and Instrinsity. Is it possible that Apple could have designed in its own backdoors into products? Yes. Apple creates its own processor design and is vertically integrated up the supply chain, allowing Apple to control its hardware and operating system (including the low-level, Core OS layer). Apple, as just one example, would be in a unique position to covertly add in what might be considered Trojan functionality. Samsung is also in a similar position.
Trojan Circuitry Insertion
Within this process flow, there are a few key points where insertion of Trojan circuitry is most likely to occur. As shown in Figure 1, and mentioned in the Apple example, the first opportunity for inclusion, ①, is during the design phase, where, perhaps a microprocessor design (i.e. from ARM) is modified by the chipmaker to include additional features which would be considered Trojan circuits by the end user. Typically a fabless chipmaker, like Marvell and their Snapdragon processor (based on ARM) will add many functions to the package in creating their System-on-Chip (SoC). The final integrated circuit design, from a fabless company is now sent to the foundry.
Prior to the manufacturing process, ②, there is an opportunity to modify the as-received design and insert malicious circuitry. Up to and including this point, the addition of circuitry would necessarily occur on a single integrated circuit design.
After the semiconductor wafer has been processed by the chipmaker or foundry, hundreds or even thousands of integrated circuits have been created on the large silicon wafer. This wafer is eventually shipped to the OSAT for wafer-level testing, thinning, and dicing into individual dies. At this point, ③, a new technology, and the focus of this paper, readily allows insertion of a Trojan chip during the packaging process. The technology, called Three Dimensional Integrated Circuits, or 3D ICs are described in following sections.
Trojan Circuitry Activation
Once Trojan circuitry is in place, there is the issue of how it might be used and/or activated. In a simple case, if Trojan circuitry were to be added to a single Wi-Fi chip, such as one designed by Broadcom, it might be possible to continuously route packets of information to an additional Internet Protocol (IP) address, allowing information to be passed to a 3rd-party. This wouldn’t be the first time such a ruse has happened. A past incident with counterfeit Cisco routers left US government installations compromised, in danger of premature system failure, potential access to otherwise secure systems, and weakened cryptographic systems. Other activation scenarios could include timers, accelerometer changes, or outside communication with an agent.
Trojan Circuit Forms
Trojan in a Chip
As previously described, Trojan circuitry may be added purposefully by the chipmaker, or surreptitiously by a foundry. Necessarily, this form of Trojan circuit is added to an individual chip, rather than inserted into a multi-chip package. If done covertly, the foundry can’t add much functionality and still remain undetected. Most Trojan circuitry, if not added by the original designer, would need to clandestinely function at a low level in the system hierarchy. Therefore, it would likely be highly compartmentalized, making it difficult to steal or manipulate sensitive data or control the system. Consider the human brain as an example. “Trojan” neurons, manifested in something such as a brain tumor or Parkinson’s disease, might be able to disrupt some memories or motor skills, but for these localized anomalies to actually access overall thoughts, conclusions, and decision making capabilities, they would have to be operating on a higher, more pervasive level—something akin to what Trojan software would be more likely to accomplish in an electronic system.
Of course, there are exceptions to the rule. For instance, if a government, either through coercion or bribery, was able to convince a chip manufacturer to design-in backdoor or Trojan functionality from the outset, the malicious circuitry is then an unidentified Trojan only to the end user. Designed-in capability done in this manner is relatively straightforward and would allow access to data and interfaces. Or perhaps, a large company might also stand to benefit by collecting low-level data for tracking, data mining, or other purposes and sees no problem adding in such capability. While testing by the end user would seem to be a way of detecting such circuitry, one can’t necessarily find what one doesn’t know to look for, particularly, post-packaging. Such testing could easily be circumvented with a simple “wake-up” trigger or a simple timer to keep the circuit in a quiescent mode until called upon, circumventing even thermal imaging often used to find hidden, active circuits within a die.
Trojan in a Package
The other means of creating a Trojan chip involves creating a Trojan “package.” Within each integrated circuit package, there can often be many individual chips. These chips may be wired together for communication purposes, or with new technology coming of age, may be stacked together by aligning industry-standardized communication and power contacts. The benefit of stuffing more chips into one package is multi-fold, providing lower power consumption, faster speeds, smaller footprint, and, ideally, lower cost. However, this packaging process is likely the easiest place in the manufacturing process to incorporate Trojan circuitry. This new method of packaging is referred to as three dimensional integrated circuits or 3D IC. As packaging, historically the “low-tech” of high-tech, has been outsourced to Asia, increasingly to China, the eventual possibility of leading-edge chips shipped to the US being tainted with a Trojan chip through use of 3D IC technology are significant. While the semiconductor industry is in the early stage of adopting 3D IC technology, it is ramping up quickly and will see acceptance on a broad scale by 2014. There is little time to get solutions in place to circumvent 3D Trojan ICs.
An example of such a 3D “stacked-die” design from Xilinx, a chipmaker providing Field Programmable Gate Arrays, is shown in Figure 2.