3D IC Trojans—A Real Threat
3D ICs, and it’s precursor, cleverly called 2.5D ICs, provide a means to inject a Trojan chip into the system without actually having to go through the difficult effort to secretly modify circuitry on someone else’s chip design. Depending on where a 3D IC Trojan chip has been placed into a package, this scenario is a more serious threat than a singularly-packaged Trojan chip, as 3D IC Trojan likely has the broad access to data and power buses in the packaged part. Detection of a 3D IC Trojan can also be skillfully thwarted, as the chip could be added into the multichip-package design after the early-stage qualification testing, x-ray and thermal imaging, and tear-down by third-party analysts. Initial systems which pass testing would be followed up with systems containing Trojan chips, provided the Trojan chip design has been done sufficiently well that the malicious circuit does not interfere with subsequent system operation until called upon.
As a note, the 2.5D IC technology mentioned makes use of what are called “interposers,” generally passive devices which are placed between active chips allowing the data and power lines to be rerouted from chip to chip where standards don’t presently exist for the chips to be stacked directly. Interposers are particularly important for heterogeneous stacks, that is, a stack where each chip’s functionality is quite different from the others. As an example, whereas a stack of identical memory die from the same vendor would have matching connections, stacking Wi-Fi, flash, and RAM die from different vendors onto a processor die prior to packaging, may not.
In the case of 2.5D ICs, since interposers have already been placed into the design, adding malicious circuitry onto one of them is a logical path, particularly since the ability to externally test such a chip stack after assembly is difficult, if not impossible. Plans to add built-in-self-test (BIST) capability to interposers within the stack as a means of performing in-package testing are already in the works, and actually make the situation worse, as adding rogue circuitry to such a “smart” BIST interposer would, in fact, be the first likely means providing very capable and destructive Trojan chip. A simple, legacy 8051 processor, requiring a miniscule space on a large interposer, whose design is easily purchased, and is manufactured with readily accessible technology inAsia, can be used to create a highly disruptive, nearly undetectable circuit.
A Plausible Example
The author, looking ahead to when 2.5D and 3D ICs have been generally adopted by the industry at large, identified a scenario where a relatively simple design could be used to inflict a cyber-physical attack on smart-phones and tablets.
By adding additional circuitry to a 2.5D silicon interposer designed originally designed to accommodate BIST, one could incorporate additional logic to scan system data for a unique trigger code and ensuing commands. As the interposer would have access to the data and power buses, examining all data coming across is quite feasible. A command code to simply short the data bus on the 3D IC stack would render the system inoperable. If power transistors were added to the Trojan interposer allowing a short circuit of the power bus, a more dramatic end to the integrated circuit’s life could be realized, causing physical damage to the system. The electrical-current requirements to operate the complete stack of ICs in an advanced, heterogeneous stack would allow a significant amount of current to be drawn under such short-circuit conditions. Depending on whether short-circuit protection has been designed in (such as through a fusible link), long-term draw of current and subsequent heating of the systems’ epoxy resin motherboard can result in a condition where significant smoke can result. Under rare conditions, a lithium ion supply battery, if overheated, could also result in thermal runaway, rupture, and combustion. The resulting damage would not be unlike that experienced on a recent Australian Airlines flight with an iPhone4.
How could a message be passed to such a Trojan circuit? With always-on Internet, made available through Wi-Fi, 3G and 4G networks, data streams over the smart device’s system data bus continuously. Easily-hacked and tampered social networking sites, such as Twitter and Facebook, allow control messages to be embedded into Unicode text. Sending out a few, choice messages to or through a highly-followed celebrity’s account, can reach millions of follower’s smart phones and tablets within seconds. For example, Lady Gaga has nearly 19 million followers and follows nearly 140,000 accounts. Of course, a team of Twitter staff typically do the celebrity’s updating and following, which leads to many more points of message insertion through either bribed staff members or hacking the account. In this example, bi-directional communication with the Trojan is not required to carry an attack—only listening is necessary.
So what might a control message from a hacked social network account look like? Figure 3 shows a tampered message sent over Twitter containing a unique trigger code, latitude, longitude, and attack radius. This message is directed toward the example Trojan chip embedded in a smart phone having access to the data bus for Wi-Fi and GPS data. The control message is embedded within just a few of the 140 characters allotted to Twitter users, and looks only as if the message were slightly scrambled somewhat along the way. It would be even more unlikely raise suspicion in a longer message.