“Bare Metal Security” adds hardware system tripwire to SoCs

December 01, 2015 // By Graham Prophet
UltraSoC, which until now has focussed on advanced debug for systems-on-chip, has exploited the characteristics of its technology to enable a security feature that will operate at hardware level, detect any abnormalities in SoC operation – either internal failure or hacking – and alert supervisory systems.

UltraSoC's core technology is IP (intellectual property); designers of complex, multi-core SoCs can add silicon embedded instrumentation to their designs so that when the system is being verified and debugged, any anomalous behaviour can be trapped, tracked, analysed and documented.

CEO Rupert Baines describes how, for a typeical overhead (in silicon area/gatecount) of 1 – 2%, the company's IP can add a “virtual, native-speed logic analyser” - and oscilloscope functions – that can expose the root causes of system failures and performance shortfalls, when a complex chip is in bring-up and debug. The company provides tools that monitor, for example the traffic on inter-block buses, and allow the user to define the parameters of what is expected, and what is 'normal' = and to flag any excursion of the system outside those parameters. The technology finds, inn particular, inter-block and hardware/software interaction issues that are beyond the reach of the tool sets associated with any specific core.

Now, UltraSoC is extending that capability to make an in-service definition of what constitutes normal or legal behaviour. If the system departs from that, or operates outside the “box” so-defined, an alert can be generated that can (for example) set the system into a safe mode, or shutdown, or whatever the designer requires. The event that trips the monitor could be internal (a crash, or failure of either hardware or software: or an intrusion, such as hacking. UltraSoC's IP is operating at hardware level, and can spot either case equally well; Baines says, “Never say 'never': but it would be very, very hard to hack.” He sees the offering as of great interest to anyone building a safety-critical system, for example ECUs for automotive uses, “It is not a replacement for existing security features, but is complementary.”

The company is therefore extending its on-chip analytics to deliver value-add functionality for SoCs; Baines adds, “It is not really a separate product line or offering;