Scientists at the NYU Tandon School of Engineering have designed a new form of application-specific integrated circuit (ASIC) designed to spot hidden vulnerabilities deep within a processor's design.
Very few people run their own chip fabrication plants these days. Most processors are designed by one firm, which then outsources the actual building of the hardware to a company that has already spent many billions putting together a manufacturing facility. The fear is that a contractor might try and slip a hidden piece of architecture that could make the hardware insecure.
The ASIC that he and his team have designed would constantly scan the main processor for errors that could be indicative of a hardware trojan at work. You'd have to make sure the ASIC was built by a totally trusted fab operator, but once that was done, it should protect against built-in problems.
"Under the current system, I can get a chip back from a foundry with an embedded Trojan. It might not show up during post-fabrication testing, so I'll send it to the customer,"
said Siddharth Garg, an assistant professor of electrical and computer engineering - part of a five-person US research team.
