The chip you bought may not be the chip you think. The threat surface includes the IP vendor, the foundry, the assembly house, the distributor, and the field-replacement spares chain. Each is a potential injection point for malicious modification or counterfeit substitution.
7.1 Hardware Trojans
A hardware Trojan is a malicious modification to the chip's design or fabrication. Categories:
- Time bomb. The Trojan is dormant until a date or event. Defends against functional testing.
- Cheat code. The Trojan activates on a specific input pattern, like a magic 64-bit value on a data bus. Hard to find by random testing.
- Always-on. Subtle leakage Trojans that continuously exfiltrate data through low-bandwidth side channels (e.g., frequency-modulating an unused clock pin with the bit value of an internal register).
Insertion points:
- Design. A rogue HDL author inserts a Trojan into the RTL.
- Foundry. A hostile foundry modifies the GDS-II layout before mask generation.
- Mask. A modified photomask differs from the original GDS-II.
- Assembly. A substitute chip with Trojan replaces the genuine in package or socket.
Detection:
- Side-channel fingerprinting. Compare power/EM/timing signatures of the suspect chip against a known-good "golden" sample. Trojans tend to add gates that show up as anomalous signature deviations. Sensitive enough to detect Trojans of a few hundred extra gates.
- Optical reverse engineering. Decap, image, compare layout to design. Expensive but conclusive.
- X-ray imaging. Compare internal package structure across batches. Catches die-substitution.
- Functional testing with high-coverage vectors. Limited; sophisticated Trojans pass.
- Split-manufacturing. Send only the front-end-of-line layers (transistors and lower metal) to the untrusted foundry, complete the back-end-of-line locally. Each foundry sees only part of the design. Adopted in some defense-grade designs.
The 2018 Bloomberg story alleging Chinese-implanted spy chips on Supermicro server motherboards (the "Big Hack") was disputed by every named party, but it crystallized public attention on supply-chain Trojans. Whether or not that specific story was accurate, the threat model is real and is the subject of multiple government programs (DARPA TRUST, OptiCAL, etc.).
7.2 Counterfeit chips
Recycled chips pulled from scrap boards, sanded and remarked to appear new, are a multi-billion-dollar gray market. Field failures of remarked parts have grounded aircraft, killed industrial equipment, and contributed to the 2023 automotive chip shortage's downstream issues.
Detection:
- Visual inspection under microscope. Mismatched markings, scratches under the laser etch, residual flux from prior soldering.
- X-ray. Internal die structure compared to genuine.
- Decap and die-shot comparison. Conclusive.
- Electrical fingerprinting. Production-line testers checking I/O timing, leakage current, and parametric values against the manufacturer's golden distribution.
The DMEA (Defense MicroElectronics Activity) and SAE AS6171 standards codify counterfeit-detection methodology for defense procurement.
7.3 Anti-tamper for chips and PCBs
- Active mesh. Fine wires snaking over the die's top metal, monitored continuously. Cutting or shorting triggers reset and zeroization.
- Active shield wires. Coarser version of the mesh on PCBs and modules.
- Light sensors. Photodiodes that detect decap (the moment the package is removed, ambient light hits them).
- Voltage/clock/temperature monitors. Trip on out-of-range conditions.
- Conformal coatings. Difficult-to-remove epoxy with embedded tamper-evident markers (UV-fluorescent dyes, embedded mesh).
- Tamper-evident enclosures. Pressure switches, glass-break sensors, accelerometers on HSMs.
A FIPS 140-2 Level 4 module integrates all of these and zeroizes its keys on any detected anomaly. Field experience shows that the cost of tamper-resistance is roughly 30-50% of total product cost for high-end secure elements; for commodity IoT, only a fraction of these are economically viable.