-->

Awards Registry

Side Channel Attack Testbench Emulator (SCATE)
Profile last edited on: 5/26/2022

Program
SBIR
Agency
DARPA
Total Award Amount
$5,841,041
Award Phase
2
Principal Investigator
Mark Beal
Activity Indicator

Location Information

Intrinsix Corporation (AKA:Intrinsix)

100 Campus Drive
Marlborough, MA 01752
   (508) 658-7600
   jpollak@intrinsix.com
   www.intrinsix.com
Multiple Locations:   
Congressional District:   03
County:   Middlesex

Phase I

Phase I year
2020
Phase I Amount
$199,998
Side channel analysis and fault injection are a solid part of the relevant attack space for any chip that can be physically reached by an attacker. Both allow key extraction from cryptographic implementations, and fault injection specifically allows complete takeover of devices. Current commercial chip design tools do not offer integrated analysis to verify resistance against these attacks at design time. The effect is that countermeasure design is a manual and error-prone process: multiple tape outs may be required, and even for experts it is nontrivial to pinpoint and mitigate sources of vulnerability. The tools being created allow an EDA designer without specific side channel and fault injection knowledge to create a design with countermeasures, without the need to perform post silicon analysis and a silicon re-spin. This is achieved by automatically detecting points of vulnerability, and either suggesting or automatically implementing design changes to mitigate these. With back-end physical design tool costs and wafer mask cost becoming staggeringly high for advanced silicon process nodes, these tools can result in shortened development schedules and significant cost savings.

Phase II

Phase II year
2021 (last award dollars: 2021)
Phase II Amount
$5,641,043
Side channel analysis (SCA) and fault injection (FI) are a solid part of the relevant attack space for any chip that can be physically reached by an attacker. These hardware attacks allow key extraction from cryptographic implementations, and fault injection specifically allows complete takeover of devices. Current commercial chip design tools do not offer integrated analysis to verify resistance against these attacks at design time. The effect is that countermeasure design is a manual and error-prone process: multiple tape outs may be required, and even for experts it is nontrivial to pinpoint and mitigate sources of vulnerability. The tools we are creating allow an EDA designer without specific side channel and fault injection knowledge to create a design with countermeasures and validate them pre-tapeout. We enable secure design space exploration by allowing the designer to analyze the security and PPA impact of various countermeasures. This Phase 2 effort extends the results from the Phase 1 data that indicates the feasibility of this approach, with several challenges to still overcome. By bringing this type of analysis and countermeasure insertion into the design flow, security joins power, performance, and area in the ASIC design flow. The goal is to significantly bring down the cost of creating chips with side channel and fault attack resistance, by enabling non-expert designers to create a resistant chip without having to perform multiple tape-outs. At the maximum security setting, the chip will have 10x less leakage and 10x smaller fault probability than without this technology, and we target an iteration time of 24 hours. The result is a design process and commercializable tooling to enable a non-security-expert designer in creating a side channel and fault resistant design. The effect of this tooling is massive cost savings through reduced tape-outs, and significant increase in security.