A Hacker-Ready Chip; August 2012; Scientific American Magazine; by John Villasenor; 1 Page(s)

A pair of security researchers in England recently released a draft of a paper that documents what they describe as the first real-world detection of a backdoor in a microchipan opening that could allow a malicious actor to monitor or change the information on the chip. The researchers, Sergei Skorobogatov of the University of Cambridge and Christopher Woods of Quo Vadis Labs in London, conclude that the vulnerability made it possible to reprogram the contents of supposedly secure memory and obtain information about the internal logic of the chip. The chip's manufacturer, California-based Microsemi, issued a statement saying it had not been able to confirm or deny the researchers' claims.

The reported security breach is a particular concern because of the type of chip involved. The affected chip, ProASIC3 A3P250, is a field-programmable gate array (FPGA). FPGAs are used in an enormous variety of applications, including communications and networking systems, the financial markets, industrial-control systems and a long list of military systems. Each customer configures an FPGA to implement a uniqueand often highly proprietaryset of logical operations. Any mechanism that could allow unauthorized access to the internal configuration of an FPGA creates the risk of intellectual-property theft. In addition, the computations and data in the chip could be maliciously altered.