Tech Industry security highlighted by the iPhone access controversy
Cédric Mayor, Chief Technical Officer, Presto Engineering, Inc., Caen, France firstname.lastname@example.org
The confrontation between Apple and the FBI over the FBI’s request for assistance in hacking a known terrorist’s iPhone brought the topic of security to the top of the agenda for the tech industry. Recent developments, including the FBI’s withdrawal of its request and Apple’s subsequent demand that the FBI now share information the security vulnerability that permitted a third party to hack the iPhone, have only emphasized the “moving target” nature of security. Whether manufacturing a car, a smartphone, or a smartcard, security is an important aspect to consider and plan into the supply chain. And concerns about security will only increase if the IoT grows as explosively as many industry pundits are now predicting.
One of the defining characteristics of “things” for the IoT is their autonomous connectivity. With the likelihood that there will soon be tens or hundreds of millions of these things connected to networks everywhere, it is imperative to establish a certain level of trust that such objects will not provide a backdoor or counterfeit identity that could jeopardize an entire network and the costly infrastructure of service providers.
Fortunately, the industry has already encountered this problem and developed a workable solution for smartcards with the concept of secured product manufacturing test flows. Admittedly, it has an impact on the requirement for test infrastructure and complexity, but it is a well proven solution. Essentially, it addresses the security and confidentiality requirements of IoT devices for encrypted certificates of authentication or secret token keys by isolating the injection of these secrets at the die or SiP (system in package) level within a secured final test and assembly environment.
The specific concerns that must be addressed in this secure environment include:
-How to ensure that each die in an IoT SiP/McM (multichip module) device can be tested along a route of trust.
-How to provide a seamless test manufacturing flow that efficiently and effectively detects manufacturing quality issues while injecting secrets from customers, without storing the secret information, needing to decrypt it, or leaving it open to reverse engineering.
-How the injection of secrets/certificates impacts DFT and diagnosis of the chip.
These sensitive operations require the insertion of secret keys, tokens, certificates and boot loaders into the device during wafer probe or at final test on the package level. The secret vectors must be dynamically allocated and are often reshuffled by the end-customers to disaggregate the supply chain. The test floor must include an encrypted server gateway, and the ability to selectively push the encrypted information into the right device on wafer, which is usually locked at the end of the wafer test and completely isolated when the wafer is sawn. Test and assembly is really the only opportunity to address confidentiality since the heterogeneous nature an IoT devices necessarily involves the sourcing of die from different vendors and requires validation of trust for each component. Test providers that can deliver a secure workflow will be critical contributors to the security of the IoT.