After listening to John Ellis, semiconductor industry veteran and author of the techno-thriller, The Dormant Curse, expound on the threat of Trojan chips in smartphones, I know what’s next on my reading list. While I’ve never really been much for techno-thrillers (although I did read Stieg Larsson’s Girl with the Dragon Tattoo trilogy and found her hacker skills to be beyond disturbing) this one sounds like it could also have some real-life merit.
During his IWLPC Dinner Keynote, Ellis provided an interesting diversion from a day entrenched in technology sessions. Through a mix of fact and fiction, he set the stage for his novel, while at the same time spreading the word about what he perceives as a very real concern for the possibility of Trojan chips, and the potential danger they pose, particularly with the emergence of 2.5D and 3D technologies. He talked about chip designers building in ‘back doors’ to leave an integrated circuit open for later access. This can be an invitation to cyber terrorists, who can use these openings to insert destructive pieces of code and wreak havoc on our wireless networks. He pointed particularly to a next generation Active Interposer mentioned earlier in the day by Nicolas Sillon of Leti, as the perfect example of a device that could be an easy target for such a chip.
In his book, he paints such a scenario in which a fairly “dumb chip” is built into smartphone circuitry and ‘watches’ the data, waiting for a particular piece of unicode to trigger a short circuit in the phone, rendering it useless. It comes by way of an encoded Tweet, and simultaneously shuts down every phone that has been left open to this assault. Personally, I’m not convinced what sort of widespread devastation can be caused by a mass phone short-out. I told John I thought if he had inserted a chip that did something really scary, like accessing password information or social security numbers, it might have more impact. But I’m going to reserve final judgement until I actually read the book.
Ultimately, Ellis’s goal is to raise awareness of this possibility. He encouraged chip designers who already think about designing for manufacturing and designing for test, that they should add designing for security to the list. As Ellis has a background in the SEMI’s Standards division, he says developing solid guidelines and standards can prevent this problem. “Let’s remove it before we have it,” He urged “If we leave it to the government, they’re solution will be a hammer.
Whether this threat is real, or Ellis has just been drinking the Kool-Aid, it doesn’t hurt to err on the side of caution. I offered to help raise awareness by reading the book and reviewing it. To make it more of a semiconductor community activity, I’m inviting 3D InCites members to read it along with me and engage in an online discussion. If you’re game, you can purchase The Dormant Curse from Barnes and Noble here or Amazon here For more information on Ellis’s mission, visit his websites, chipsecurity.org and dormantcurse.com.
The discussion will take place in the comment area on this post, so be sure to bookmark it and return often to participate. If you’re not already registered as a member of 3D InCites, you can do that here. Be sure to login so you can post your comments.