SBIR-STTR Award

Side Channel Attack Testbench Emulator (SCATE)
Award last edited on: 5/26/2022

Sponsored Program
SBIR
Awarding Agency
DOD : DARPA
Total Award Amount
$5,841,041
Award Phase
2
Solicitation Topic Code
HR001119S0035-05
Principal Investigator
Mark Beal

Company Information

Intrinsix Corporation (AKA: Intrinsix)

100 Campus Drive
Marlborough, MA 01752
   (508) 658-7600
   jpollak@intrinsix.com
   www.intrinsix.com
Location: Multiple
Congr. District: 03
County: Middlesex

Phase I

Contract Number: 140D0420C0016
Start Date: 12/20/2019    Completed: 4/5/2020
Phase I year
2020
Phase I Amount
$199,998
Side channel analysis and fault injection are a solid part of the relevant attack space for any chip that can be physically reached by an attacker. Both allow key extraction from cryptographic implementations, and fault injection specifically allows complete takeover of devices. Current commercial chip design tools do not offer integrated analysis to verify resistance against these attacks at design time. The effect is that countermeasure design is a manual and error-prone process: multiple tape outs may be required, and even for experts it is nontrivial to pinpoint and mitigate sources of vulnerability. The tools being created allow an EDA designer without specific side channel and fault injection knowledge to create a design with countermeasures, without the need to perform post silicon analysis and a silicon re-spin. This is achieved by automatically detecting points of vulnerability, and either suggesting or automatically implementing design changes to mitigate these. With back-end physical design tool costs and wafer mask cost becoming staggeringly high for advanced silicon process nodes, these tools can result in shortened development schedules and significant cost savings.

Phase II

Contract Number: W31P4Q-21-C-0004
Start Date: 4/7/2021    Completed: 7/7/2022
Phase II year
2021
Phase II Amount
$5,641,043
Side channel analysis (SCA) and fault injection (FI) are a solid part of the relevant attack space for any chip that can be physically reached by an attacker. These hardware attacks allow key extraction from cryptographic implementations, and fault injection specifically allows complete takeover of devices. Current commercial chip design tools do not offer integrated analysis to verify resistance against these attacks at design time. The effect is that countermeasure design is a manual and error-prone process: multiple tape outs may be required, and even for experts it is nontrivial to pinpoint and mitigate sources of vulnerability. The tools we are creating allow an EDA designer without specific side channel and fault injection knowledge to create a design with countermeasures and validate them pre-tapeout. We enable secure design space exploration by allowing the designer to analyze the security and PPA impact of various countermeasures. This Phase 2 effort extends the results from the Phase 1 data that indicates the feasibility of this approach, with several challenges to still overcome. By bringing this type of analysis and countermeasure insertion into the design flow, security joins power, performance, and area in the ASIC design flow. The goal is to significantly bring down the cost of creating chips with side channel and fault attack resistance, by enabling non-expert designers to create a resistant chip without having to perform multiple tape-outs. At the maximum security setting, the chip will have 10x less leakage and 10x smaller fault probability than without this technology, and we target an iteration time of 24 hours. The result is a design process and commercializable tooling to enable a non-security-expert designer in creating a side channel and fault resistant design. The effect of this tooling is massive cost savings through reduced tape-outs, and significant increase in security.