“Multiple vendors are responding with products meant to keep the IoT devices protected from the cyberattacks that are becoming more common,” he explained. “While IoT privacy remains a key concern for consumers and homeowners, IoT security has taken on top-of-mind priority for the many companies entering and serving the market.”

As Dorsch points out, hardware vendors have been focused on this issue for some time, often with mixed results.

“[This is] because threat levels—and perceived threat levels—vary greatly from one market to the next, and from one product to the next,” he added.

Nevertheless, the U.S. Department of Homeland Security recently outlined six principles for securing the Internet of Things, including incorporating security at the design phase.

As Asaf Ashkenazi, senior director of product management in Rambus’ Security Division notes, building hardware that incorporates hardened security features would see devices protected throughout their lifecycle from chip manufacture, to day-to-day deployment, to decommissioning.

“This can be accomplished with a silicon-based hardware root-of-trust that offers a range of robust security options for IoT devices, including secure connectivity between the IoT device and its cloud service,” he told Semiconductor Engineering.

As Ashkenazi tells Rambus Press, the DHS also recommends that device manufacturers promote security updates and vulnerability management. To be sure, even when security is included at the very beginning of the design process, vulnerabilities may be discovered in products after they have been deployed. These flaws can be mitigated through patching, security updates and vulnerability management strategies.

“From our perspective, life-cycle management, which includes over-the-air (OTA) updates and vulnerability management, is essential to maintaining the continued security of IoT devices,” he stated. “Life-cycle management should be implemented utilizing a secure hardware root- of-trust to ensure secure updates of firmware and cryptographic keys.”

In addition, says Ashkenazi, a hardware root- of-trust with a unique cryptographic identifier allows each IoT device to be uniquely and cryptographically verified to determine if it is authorized to connect to a specific cloud service.

“Spoofed or unauthorized devices are easily identified by the service and denied access. This secure connectivity paradigm also helps mitigate the effectiveness (and damage) of DDoS attacks against the IoT service itself, while ensuring the integrity and protection of collected data,” he added. “Preventing malicious actors from manipulating the flow of information to and from network-connected devices is the cornerstone of establishing a secure IoT network.”

As Woo notes, Moore’s Law, which helped fuel a relentless progression in computing performance, has been an important semiconductor industry mainstay for decades. However, Moore’s Law is waning, with an end on the horizon due to a combination of physical limitations and economic factors.

“With the loss of Dennard Scaling roughly 10 years ago, the industry is at a critical juncture as it contemplates a future in which the two historical driving forces behind semiconductor development and design are no longer present,” he explained. “As advances in process technology slow, increased attention is being paid to emerging computing paradigms and alternative system architectures to drive future performance improvements.”

For example, says Woo, researchers at Supercomputing 2016 (SC16) in Salt Lake City spent time discussing key trends and new approaches to enable the next wave of innovation in computer architecture.

“In this context, the first International Workshop on Post-Moore Era Supercomputing (PMES) convened at the conference and explored potential methods of advancing semiconductor design in a post-transistor scaling world,” Woo continued. “As part of the workshop, Tom Conte detailed the IEEE’s Rebooting Computing Initiative and the International Roadmap for Devices and Systems.”

In addition, Franck Cappello, Kazutomo Yoshii, Hal Finkel and Jason Cong presented a paper that discussed FPGA-powered true co-design flow for high-performance computing in the post-Moore’s Law era.

“Multicore scaling will end soon because of practical power limits. Dark silicon is becoming a major issue even more than the end of Moore’s Law. In the post-Moore era, the energy efficiency of computing will be a major concern. FPGAs could be a key to maximizing the energy efficiency,” the researchers wrote. “FPGAs are gaining the spotlight as a computing resource; modern FPGAs include thousands of hard DSPs or floating-point units. In the preparatory stages, we addressed the technology gaps in adopting FPGA technology for HPC. Our goal is to design and implement ‘Re-form,’ an FPGA-powered true co-design flow that significantly improves the energy efficiency of the post-Moore era supercomputers.”

Field-programmable gate arrays were also the topic of a paper presented by Hiroka Ihara and Kenjiro Taura of the University of Tokyo, who explored the use of the silicon in future HPC scenarios.

“It is known that intermediate fabrics for FPGA accelerators can improve the end-user productivity through both program deployment free of logic synthesis and high portability,” Ihara and Taura stated. “[We discuss] one possible ecosystem for intermediate fab, where pipelined reconfigurable architecture is employed to enable scalable and parallel execution. Such [an] ecosystem can improve the utilization rate of FPGA accelerators in the field of supercomputing.”

According to Woo, the continued evolution of HPC (alongside conventional computing) will require system designers to rethink traditional architectures and software, while considering the use of new devices and materials.

“As the above papers and Microsoft’s Project Catapult illustrate, FPGAs are already helping the semiconductor industry shape the computing platforms of the future. As we prepare for the Post-Moore Era, system architectures will need to evolve to move forward. Traditional processors coupled with FPGAs, along with technologies to minimize data movement, offer new approaches to improving performance and power efficiency and offer a glimpse of things to come in next-gen systems,” he concluded.

“Smart cities encompass all manner of usage models and equipment — parking meters, traffic lights, power and water meters, mobile telephone networks, apps on every resident user’s handheld phone, including cameras and microphones,” she explained. “The engineer’s challenge is integrating all of these devices using common communication links, ubiquitous GPS technology, algorithms that make sense of the data collected and central repositories for relevant data.”

Another issue identified by Morrison is the challenge of maintaining individual privacy in ultra-connected smart cities, a concern that is driving demand for lensless optical sensors such as Rambus’ lensless smart sensor (LSS) technology. Rather than producing images with the kind of visual acuity of a camera, lensless smart sensors generate data and rough images.

“This is a new kind of optic that is extremely flat and easier to use. So instead of generating an image with a photo-sensitive array and a lens, which is what you find in a camera, this replaces the lens with a diffractive grating,” Patrick Gill, principal scientist for Rambus Labs, told Semiconductor Engineering. “You can still see people moving and tell whether they’re sitting, walking, avoiding certain regions and identify a change in the traffic flow or pick up moving car headlights. But it also allows you to replace something that’s analog with a binary diffraction grating. In addition, it’s easy to manufacture—you can do this as large as 2 microns—and it’s a very good detector of motion.”

According to Gill, there can be a wide space between lensless smart sensors, with at least a 140-degree field of view.

“This provides more detail than a motion detector, but also combines an element of privacy so you’re not going to see something end up on YouTube that you don’t want to be made public,” he stated.

One potential deployment for lensless smart sensors, says Gill, is to place the technology on a multi-function chip that measures temperature and humidity – where it’s too expensive to integrate a lens.

“What’s noteworthy is that all camera modules do not survive a solder re-flow,” he added. “The lens would come out as a puddle. But you can make a diffraction grating with a high-temperature polymer. And there are few things that can do this using low power.”

Interested in learning more about smart cities and sensors? The full text of “Smart Cities, Challenging Issues,” by Gale Morrison is available on Semiconductor Engineering here. You can also check out our LSS product page here and our article archive on the subject here.

Perhaps the most important of these principles, says Ashkenazi, is the concept of implementing security at the design phase, with the DHS recommending the use of hardware that incorporates security features to strengthen the protection and integrity of a device. This includes leveraging computer chips that integrate security at the transistor level – embedded in the processor itself – to provide encryption and anonymity.

“Treating security as a primary design parameter rather than a tertiary afterthought is certainly an approach that is long overdue for a very vulnerable Internet of Things,” he explained. “As more and more ‘things’ connect to the Internet, the danger of nefarious attackers exploiting unsecured devices looms ever larger.”

As Ashkenazi points out, building hardware that incorporates hardened security features would see devices protected throughout their lifecycle from chip manufacture, to day-to-day deployment, to decommissioning.

“This can be accomplished with a silicon-based hardware root-of-trust that offers a range of robust security options for IoT devices, including secure connectivity between the IoT device and its cloud service,” he stated.

In addition to implementing security at the design phase, says Ashkenazi, the DHS recommends device manufacturers promote security updates and vulnerability management. Indeed, vulnerabilities may be discovered in products after they have been deployed, even when security is included at the design stage. Such flaws can be mitigated through patching, security updates and vulnerability management strategies.

“From Rambus’ perspective, over-the-air updates and vulnerability management are crucial elements of IoT security. However, to be truly secure, both must be tied to a hardware root-of-trust,” he emphasized. “Infected, hijacked or spoofed devices that are not authenticated are denied access to the service. This approach can also help mitigate the effectiveness (and damage) of DDoS attacks against service providers.”

As Ashkenazi concludes, the six “Strategic Principles” outlined by the DHS will go a long way in helping to convince the industry that IoT devices should not be pushed to market with little regard for security.

“Put simply, IoT security needs to be treated as a primary design consideration, rather than a haphazard afterthought,” he added.

Interested in learning more about IoT security? You can check out our article archive on the subject here.

For example, says Sperling, the increasing use of system partitioning into multiple chips connected by high-speed buses rather than putting everything on a single chip offers some interesting possibilities for managing power.

Read first our primer on:
HBM2E Implementation & Selection – The Ultimate Guide »

According to Kelvin Low, senior director of foundry marketing at Samsung, system architects are now looking at power management in a different way rather than simply relying on silicon technology.

“You can partition a system to achieve system-level performance scaling,” Low told SemiEngineering. “So if you use a 2.5D approach with HBM2 (second-generation High-Bandwidth Memory), the system-level performance increases. It becomes a partition problem, but the distributed processing approach is an important enabler.”

As Sperling points out, this approach has a bearing on power as well, because it takes less power to drive signals through an interposer than through increasingly narrow wires on a single die at advanced nodes. As a result, there are significant power savings in addition to performance increases.

Frank Ferro, a senior director of product management for memory and interface IP at Rambus, expressed similar sentiments.

“One of the advantages of HBM2 is that it is that you can move it closer to the processing, and you have 2 gig (gigatransfers/second per pin) rates,” Ferro told the publication. “The power of HBM2 is lower, too, and you can re-use quite a bit of technology. But it does require a new PHY design.”

As Ferro explained in a Semiconductor Engineering article earlier this year, HBM bolsters local available memory by placing low-latency DRAM closer to the CPU. In addition, HBM DRAM increases memory bandwidth by providing a very wide interface to the SoC of 1024 bits. This means the maximum speed for HBM2 is 2Gbits/s for a total bandwidth of 256Gbytes/s. Although the bit rate is similar to DDR3 at 2.1Gbps, the 8, 128-bit channels provide HBM with about 15X more bandwidth.

Perhaps not surprisingly, mass-market deployment of HBM will present the industry with a number of challenges. This is because 2.5D-packaging technology, along with a silicon interposer, increases manufacturing complexities and cost. In addition, HBM routes thousands of signals (data + control + power/ground) via the interposer to the SoC (for each HBM memory used). Clearly, maximal yields will be critical to making HBM cost effective, especially since there are a number of expensive components being mounted to the interposer, including the SoC and multiple HBM die stacks.

Nevertheless, even with the above-mentioned challenges, the advantage of having – for example – four HBM memory stacks, each with 256Gbytes/sec in close proximity to the CPU, provides both a significant increase in memory density (up to 8Bb per HBM) and bandwidth when compared with existing architectures.

Interested in learning more? The full text of “Partitioning for Power” by Ed Sperling is available on Semiconductor Engineering here.

“Connected devices of all sizes can [now] be amassed into an army of bots that can bring even giants like Amazon and Netflix to a dead stop,” they explained. “This attack was predicted and warned against by numerous security experts since [Mirai] was published as open source code several months earlier, but that did little to stop its progression.”

According to Sperling and Dorsch, there are not enough layers of security being built into electronics to stop these kinds of problems, and no standard way of creating them.

“What’s interesting here is that the most recent attack went well beyond the usual software and network breaches. It targeted the firmware inside [connected] devices that were secured by weak passwords. And most security experts believe this is just the beginning,” the journalists observed. “[Nevertheless], digging into firmware is more difficult because it requires access to software stored and, frequently, hidden within a chip. That’s why systems companies park their SSL keys there, along with a history of private keys that can work with those SSL keys.”

Yet, security can be compromised if the keys leak.

“If you can crack into a key, you can replace the software and remotely control the device,” Asaf Ashkenazi, senior director of product management in Rambus’ Security Division told Semiconductor Engineering. “Keys are the Holy Grail for hackers.”

Many attacks against keys require a physical component, such as a grinder, physical probes and a scanning electron microscope.

“That’s an invasive attack,” said Ashkenazi. “There also are combination attacks, where you reconstruct keys from a string of bits, not from the software.”

In addition, keys can be extracted via side-channel attacks which utilize passive methods to pick up and monitor electromagnetic activity. Indeed, as we’ve previously discussed on Rambus Press, all physical electronic systems routinely leak information about their internal process of computing.

In practical terms, this means attackers can exploit various side-channel techniques to gather data and extract secret cryptographic keys from IoT endpoints. Regardless of specific instruction set architecture (ISA), most industry security solutions on the market today can be soundly defeated by side-channel attacks. Even a simple radio is capable of gathering side-channel information by eavesdropping on frequencies emitted by electronic devices. In some cases, secret keys can be recovered from a single transaction clandestinely performed by a device several feet away.

Worryingly, millions, if not billions, of connected IoT endpoints are powered by chips that are vulnerable to side-channel attacks. Such unprotected silicon can be found in a wide range of electronic devices including wearables, medical equipment, vehicles, smart appliances and rapidly evolving smart city infrastructure. Fortunately, specific DPA countermeasure strategies can be employed to protect IoT devices and related infrastructure. These include techniques to minimize information leakage, generating noise to drown out leakage signals, the use of randomness to mask computational intermediates, algorithm and implementation obfuscation as well as the use of protocols designed to preserve secrecy even in the presence of (some) leakage.

Interested in learning more? The full text of “What’s Next for IoT Security?” can be found on Semiconductor Engineering here. You can also check out our DPA countermeasures page here and our article archive on the subject here.

“When none of these options provide the necessary performance or consumes too much power, custom hardware takes over. But there is one type of processing element that has rarely been used in a major SoC— the FPGA,” he explained. “Solutions implemented in FPGAs are often faster than any of the instruction-set processors. In most cases they complete a computation with lower total energy consumption.”

However, as Bailey points out, the overall power consumption of embedded FPGAs (as opposed to discrete) is higher, while performance is slower than custom hardware. In addition, field programmable gate arrays typically occupy significantly more silicon area than ASICs.

“In the past, several companies have attempted to pioneer the embedded FPGA space, but none have been successful,” he continued. “To understand why eFPGAs may succeed this time around requires an understanding of both the changes happening across the industry at large and within specific markets.”

Indeed, numerous markets have traditionally relied on a waning Moore’s Law to enable increasing levels of integration as well as lower power, although product cycles at the top of the market are now predictably slowing.

“Networking and communications chips have long design cycles and are typically fabricated in advanced process nodes with $2 million to $5M mask costs,” Geoffrey Tate, CEO of Flex Logix, told Semiconductor Engineering. “The problem with this is that standards such as protocols and packets are changing rapidly. It used to be that these chips would be redesigned every couple of years to keep up, which is an increasingly expensive proposition. In addition, data centers are pushing to make chips programmable so they can be upgraded in-system automatically, thereby improving the economics of data centers and enabling them to do their own customization and optimization for a competitive edge.”

Steven Woo, VP of Systems and Solutions at Rambus, expressed similar sentiments.

“Rising design and mask costs at smaller process geometries, coupled with increasing chip complexity, verification effort and embedded software development, make the economics of chip design difficult, especially for smaller markets,” he explained. “FPGA technology offers the potential to help address this by allowing multiple markets and applications to be served with a single chip.”

As Woo notes, there is a tradeoff between the flexibility afforded by FPGAs and the increased area overhead such versatility incurs.

“The key is whether or not critical metrics such as application performance, power and TCO justify the overhead of increased flexibility. The industry is still in the early days of understanding how to use FPGAs in environments like data centers, so the adoption of FPGAs in this market will depend greatly on how much applications can benefit from them. As Microsoft has demonstrated, there are already compelling reasons to adopt them for modern workloads,” he added.

Interested in learning more? The full text of “Embedded FPGAs Going Mainstream?” is available on Semiconductor Engineering here. You can also check out our article archive on FPGAs here.

“As the world begins to take security more seriously, it becomes evident that a device is only as secure as its weakest component. No device can be made secure by protecting against a single kind of attack,” Bailey explained. “Encryption and root of trust can add additional layers of protection. But even then, the system may not be secure.”

This is because every electronic device emits information about what it is doing, says Bailey, and that information can be used to pry open its defenses. This technique is generally referred to as a side-channel attack. Essentially, side-channel attacks, which include Simple Power Analysis (SPA) and Differential Power Analysis (DPA), can be exploited to analyze characteristics such as power, radiation and timing to infer what a system or chip is doing.

According to Bailey, a Rambus paper written by Gilbert Goodwill confirms that an unprotected AES128 algorithm running on a generic processor can be cracked with only 4 minutes of sample data collected and 10 minutes of analysis.

“When the same algorithm was implemented in an FPGA board, it increased the collection time to 50 minutes plus 12 minutes for analysis,” he noted. “Using that same board, but with a DPA-protected implementation, they were not able to crack it even after obtaining 3 hours of trace data. The statistics they collected also indicated that obtaining more traces would not enable them to crack the device.”

As Bailey points out, there are still many connected devices that have yet to be hacked.

“Lightbulbs never had to have security built into them, but they do now. Security didn’t matter until they become connected,” he added. “Now they provide a way into your network. One can only hope that more companies take hacking seriously, but early indications are that it is still an afterthought.”

As we’ve previously discussed on Rambus Press, all physical electronic systems routinely leak information about their internal process of computing. In practical terms, this means attackers can exploit various side-channel techniques to gather data and extract secret cryptographic keys from IoT endpoints. Regardless of specific instruction set architecture (ISA), most industry security solutions on the market today can be soundly defeated by side-channel attacks. Even a simple radio is capable of gathering side-channel information by eavesdropping on frequencies emitted by electronic devices. In some cases, secret keys can be recovered from a single transaction clandestinely performed by a device several feet away.

Worryingly, millions, if not billions, of connected IoT endpoints are powered by chips that are vulnerable to side-channel attacks. Such unprotected silicon can be found in a wide range of electronic devices including wearables, medical equipment, vehicles, smart appliances and rapidly evolving smart city infrastructure. Fortunately, specific DPA countermeasure strategies can be employed to protect IoT devices and related infrastructure. These include techniques to minimize information leakage, generating noise to drown out leakage signals, the use of randomness to mask computational intermediates, algorithm and implementation obfuscation as well as the use of protocols designed to preserve secrecy even in the presence of (some) leakage.

Interested in learning more about protecting silicon from side-channel attacks? You can check out our DPA countermeasures page here and our article archive on the subject here.

Subsequently, Krebs confirmed that the source code powering the IoT botnet responsible for the attack had been publicly released. According to the journalist, the easy availability of the code “virtually guarantees” that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.

“The malware, dubbed ‘Mirai,’ spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords,” Krebs explained. “Vulnerable devices are then seeded with malicious software that turns them into ‘bots,’ forcing them to report to a central control server that can be used as a staging ground for launching powerful DDoS attacks designed to knock Web sites offline.”

Perhaps more disturbingly, Mirai is reportedly only one of at least two malware families that are currently being used to assemble large IoT-based armies.

“The other dominant strain of IoT malware, dubbed ‘Bashlight,’ functions similarly to Mirai in that it also infects systems via default usernames and passwords on IoT devices,” Krebs stated. “According to research from security firm Level3 Communications, the Bashlight botnet currently is responsible for enslaving nearly a million IoT devices and is in direct competition with botnets based on Mirai.”

Commenting on the recent slew of DDoS attacks, Asaf Ashkenazi, a senior director of product management at Rambus’s security division, notes that it is important for consumers to be aware of the very real threat posed by insecure IoT devices, including connected appliances, routers, IP cameras and digital video recorders. Indeed, unlike PCs and mobile devices such as tablets or smartphones, serious or even critical vulnerabilities are very rarely addressed with firmware updates by manufacturers in a timely manner, if at all.

“As more and more devices go online, the specter of nefarious attackers maliciously exploiting hapless victims looms ever larger. Of course, the overall effectiveness of a DDoS attack ultimately depends on the amount of IoT devices participating in any given DDoS campaign,” Ashkenazi wrote in an October 2016 Semiconductor Engineering article. “Vulnerable IoT endpoints clearly provide attackers with the scalability needed to launch effective DDoS attacks.”

In addition, says Ashkenazi, a new approach, designed from the ground up to provide security for connected devices, is obviously long overdue. One approach to achieving a safer IoT would see devices secured throughout their lifecycle from chip manufacture, to day-to-day deployment, to decommissioning. This can be accomplished with a silicon-based hardware root-of-trust that offers a range of robust security options for IoT devices, including secure connectivity between the IoT device and its cloud service.

“It may also be time to seriously re-examine the current state of DDoS protection on the service side. One possible way of shoring up defenses against costly DDoS attacks would be to bolster cloud service security,” he added. “This can be done by uniquely and cryptographically verifying each IoT device to determine if it is authorized to connect to a particular service. Devices that are not authenticated can be denied access to the service, which would, in turn, reduce the effectiveness (and damage) of a DDoS attack.”

“While discussion about the death of Moore’s Law predates the 1-micron process node, there is no question that it is getting harder for even the largest chipmakers to stay on that curve,” he explained.

“[There is now a] growing reliance on architectures and microarchitectures to optimize power, performance and area, rather than just adding more transistors onto a die. And they put far more pressure on architects of all types—power, chip, system and software—to replace the gains once provided by device scaling.”

According to Sperling, an equal or greater emphasis is now being placed on signal throughput to memory and I/O, including parallelization, lower power consumption and how chips will provide competitive advantages for specific market uses. This approach is markedly different than previous industry paradigms which saw companies focus on the performance specs of a single, general-purpose processor.

Commenting on the above, Steven Woo, VP of Systems and Solutions at Rambus, confirmed the semiconductor industry is no longer able to depend on dramatic performance and power efficiency gains from Moore’s Law and Dennard Scaling, which is why we are seeing a salient increase in smart data acceleration. Indeed, while smaller process geometries continue to provide more transistors per chip, clock speeds are plateauing due to power and thermal limits, with instructions per clock cycle remaining relatively static as well.

“We’ve been relying on Moore’s Law for several decades, and it’s outpaced technology improvements in storage, networking and memories,” Woo told Semiconductor Engineering. “But times have changed and there is so much more data these days. Bottlenecks have shifted and there’s a big issue with moving that data. In many cases, it’s better to move the processing to the data rather than to move the data to the processing. It’s smaller and more power efficient.”

Smart data acceleration, says Woo, can be implemented across a range of silicon, including CPUs, GPUs and FPGAs. The latter is particularly flexible, as it allows engineers to quickly test out new concepts and can be attached to the very same type of memories as CPUs. To be sure, design teams have for years started with an FPGA before committing to an ASIC. This is because reprogrammable and reconfigurable FPGAs can be loaded with a wide range of algorithms – without the high costs typically associated with ASICs.

Moreover, when paired with traditional CPUs, FPGAs are capable of providing application-specific hardware acceleration that can be updated over time. Applications can also be partitioned into parts that run most efficiently on the CPU and other segments which run most efficiently on the FPGA.

“We believe FPGAs will exist alongside other silicon and will continue to play an important role in helping evolve computing platforms by enabling flexible acceleration and near data processing,” he added.

Interested in learning more? You can check out our Smart Data Acceleration (SDA) program here.