Semiconductor IP News and Trends Blog
Can Semi IP Be Designed for Resiliency?
Security and cyber-attack recovery are driving renewed interest in the design of resilient systems.
By John Blyler, Editorial Director
A new word is gaining attention in the world of systems engineering. That word is “resilience.” In the past, resilience has shared a certain level of vagueness with other marketing preferred terms like robustness, seamless and revolutionary. Today, engineers have refined the definition of resilience to reference systems with have the capacity to survive, adapt and grow in the face of change and uncertainty.
Practitioners in the systems-of-systems (SOS), data and cloud center IT, embedded hardware-software and even semiconductor chip IP industries are treating resilience as an evolving, richer function of reliability and safety. There is a need for greater emphasis on recoverable instead of just optimal states in the engineering of systems, which is another reason to consider augmenting reliability with resilient design.
In the semiconductor IP world, resilience has become the catch-phrase for security systems that can withstand and quickly recover from cyber-attacks. Back in 2014, the National Science Foundation (NSF) and the Semiconductor Research Corporation (SRC) helped support the Secure, Trustworthy, Assured, and Resilient Semiconductors and Systems (STARSS) program. This plan provided nine universities with $4 million over three years to make chips less hackable via backdoors that are intentionally or unintentionally inserted into chips by IP. The goal was also to make it easier to find counterfeit chips, used chips being passed off as new and other tampering’s along the semiconductor supply chain.
How can the concept of resilience help in dealing with cyber-attacks? Resilient design encourages thinking beyond merely preventing an attack to creating a system that can withstand and recover (to some degree) from an attack. To achieve this big-picture view, resilient designs include multiple domains and disciplines. The part played by the semiconductor community is important and will form the base for a systematic security design. But a successful resilient architecture encompasses the entire context of the system including implementation, infrastructure and operational environments.
No solution can provide complete, 100% prevention from cyber-attacks. But focusing on surviving and quickly recovering from such damaging occurrences is the next best think. Even the DOD Cyber Strategy acknowledges this approach: “Because the Defense Department’s capabilities cannot necessarily guarantee that every cyber-attack will be denied successfully, the Defense Department must invest in resilient and redundant systems so that it may continue its operations in the face of disruptive or destructive cyber-attacks on DoD networks.”
Some engineers may dismiss resilience as merely the application of redundancies. Several case studies – mainly in the networking space – show that resilient solutions can be non-redundant, which have the added benefit of reducing (or at least shifting) the often higher costs associated with redundant systems. Sensitivity to cost is one reason why many architectural trade-off studies compare resilience to redundant systems. (see, “A Framework for System Resiliency Discussions“)
How exactly will engineers design resilient systems? There are many design rules and heuristics available in the networking and larger system-of-systems space. Consider the case study outlined in this article: “Resiliency Needed for Smart Recovery Systems”)
Are there examples in chip and IP design where resilient designs replace mere redundancy? I can think of a few – typically in the area of Networks-on-Chips (NoC) and error detection/correction. If you, the reader, have any examples or thoughts, please send them my way.