Security in die-to-die chips – Why it matters
03-02-2022 | By Robin Mitchell
As System-in-Packages become more popular and the complexity of cyberattacks increases, the importance of strong security measures has never been more essential. Why is die-to-die security important to consider, what has Ceva introduced with their latest SecureD2D, and will future electronics move towards system-in-packages?
Why is die-to-die security important?
As the size of semiconductors continues to shrink, the popularity of System-in-Package (SiP) has grown. Unlike a System-on-Chip (SoC), a SiP combines multiple integrated circuits and/or dies onto a single board that either has pins or contact pads for connecting to external circuits. One of the most significant advantages of a SiP is that it moves all the system’s core components onto a single board while removing hardware that is not needed for its essential operation.
One example of a SiP is the Octavo OSD3358-1G-ISM that integrates an ARM core with an oscillator, passive components, EEPROM, DDR3, power regulation, memory interfaces, peripherals, and GPU all in a single IC package. This allows full Linux systems to be integrated into what effectively looks like a microcontroller and takes up very little space. Furthermore, using a SiP removes the need for engineers to design the system from individual parts.
But while SiPs are beneficial for ease of manufacture and design, their security must not be overlooked. When creating computer systems that utilise multiple memory modules and data busses, designers must consider how private data is stored, how it is retrieved, and how to protect it during transit. The same applies to SiPs, but unfortunately, designers cannot get into the inside of a SiP without great difficulty. Therefore designers are reliant on SiP manufacturers to implement robust security methods.
Even though all the core system components are stored on a single package, that package still consists of individual units connected together. A cybercriminal with enough incentive can de-cap the package to inject signals into busses and spy on data being transferred. While this can also be done with chip dies, SiP are significantly more straightforward to probe due to the larger size.
Therefore, it is imperative that ICs and dies connected together in a SiP utilise bus protection schemes, detect attack attempts, and encrypt data in transit.
Ceva launches security IP to protect die-to-die communication
Recently, Ceva (who produce DSP and baseband processors) announced their latest development in chip-to-chip data protection called SecureD2D for RISC-V processors. The developed system provides a SiP with authentication protocols for software being loaded and boot and load code protection. The key behind the new system is using a hardware-based crypto accelerator to secure busses between different dies that operate on data in real-time. This means that the encryption/decryption tasks are done on the fly with no user input needed.
“The Fortrix SecureD2D IP enables highly-secure die-to-die communications between chiplets, paving the way for the Department of Defense to streamline the design process and lower the cost of developing chiplet systems. We’re pleased to make this IP available within the DoD SHIP program, and we look forward to helping secure the next-generation of HSoC devices,”
Mark Beal, CTO of the Intrinsix Business Unit at Ceva
Will electronics move towards SiPs?
Suppose one looks back at the history of electronics. In that case, it quickly becomes apparent that using electronic devices that combine all the functions of a circuit onto a single device will undoubtedly be the way forward. The drive for SoCs and SiPs comes from many reasons, including reduced production cost, the ability to customise a design to a specific need, the reduction of the size of a design, and the reduction in energy consumption.
However, whether electronics will move towards SiPs depends on whether SiPs prove themselves economical compared to SoCs and if designers really want to move away from discrete electronics in favour of a single IC on a PCB with a handful of components. Two advantages to using individual ICs and components is that they can easily be manufactured in house and are easy to debug. Furthermore, the tools needed to wire dies on SiPs are very different from those used by standard pick and place machines, making standard PCBs far more economical (at least in low quantity orders).
But when looking at how SiPs are manufactured and how passive components can be added to them, it makes logical sense for engineers to move away from PCBs and into totally custom SiPs, which can then be mounted into carriers with I/O connectors. In essence, the SiP could become the future PCB, which is minute in size, customisable, and easy to manufacture.