Hidden hardware threatsThe brief

We are accustomed to worry about software-based Trojan horses, but now we have to worry about hardware-based ones as well. This especially troubling because of two converging trends, both of which combine to make the United States less secure: First, advanced weapon systems rely on a very large number of chips (DoD’s next generation F-35 Joint Strike Fighter, for example, contains thousands of chips); second, the dwindling of domestic chip and electronics manufacturing in the United States, combined with the phenomenal growth of suppliers in countries like China, has only deepened the U.S. military’s concern.

IEEE Spectrum notes that vetting a chip with a hidden agenda is not easy. Commercial chip makers routinely and exhaustively test chips with hundreds of millions of logic gates, but they cannot afford to inspect everything. So instead they focus on how well the chip performs specific functions. For a microprocessor destined for use in a cellphone, for instance, the chip maker will check to see whether all the phone’s various functions work. Any extraneous circuitry that does not interfere with the chip’s normal functions will not show up in these tests. “You don’t check for the infinite possible things that are not specified,” says electrical engineering professor Ruby Lee, a cryptography expert at Princeton. “You could check the obvious possibilities, but can you test for every unspecified function?”

What is more, chip makers cannot afford to test every chip. From a batch of thousands, technicians select a single chip for physical inspection, assuming that the manufacturing process has yielded essentially identical devices. They then laboriously grind away a thin layer of the chip, put the chip into a scanning electron microscope, and then take a picture of it, repeating the process until every layer of the chip has been imaged. Even here, though, spotting a tiny discrepancy amid a chip’s many layers and millions or billions of transistors is a fantastically difficult task, and the chip is destroyed in the process.

Today only Intel and a few other companies still design and manufacture all their own chips in their own fabrication plants. Other chip designers — including LSI Corp. and, most recently, Sony — have gone “fabless,” outsourcing their manufacturing to off-shore facilities known as foundries. In doing so, they avoid the huge expense of building a state-of-the-art fab, which in 2007 cost as much as $2 billion to $4 billion.

There is this, too, IEEE Spectrum notes. Well into the 1970s, the U.S. military’s status as one of the largest consumers of integrated circuits gave it some control over the industry’s production and manufacturing, so the off-shoring trend did not pose a big problem. The Pentagon could always find a domestic fab and pay a little more to make highly classified and mission-critical chips. The DoD also maintained its own chip-making plant at Fort Meade, near Washington, D.C., until the early 1980s, when costs became prohibitive. These days, however, the U.S. military consumes only about 1 percent of the world’s integrated circuits. “Now,” says Samsung’s Victoria Coleman, who helped create the Cyber Trust initiative to secure congressional support for cybersecurity, “all they can do is buy stuff.”

Related stories

FBI probes counterfeit Chinese network gear (5/12/08)

Malicious hardware may be next hacker tool (5/2/08)

China may have back door into U.S. military computer networks (4/23/08)

Security concerns over U.S. decision to outsource e-passport production (3/28/08)