[Libre-silicon-devel] Device security - Help wanted
pg at futureware.at
Mon Apr 15 12:49:44 CEST 2019
I think that we cannot do much about the security of the delivery process.
One thing we can work on that should help security though is what the
software world is calling "reproduceble builds".
>From my point of view, the process from RTL to GDS2 should be fully
reproducable, so given a specified version of the Verilog design-files and
a specified version of the LibreSilicon-PDK and a specified version of the
toolchain, a deterministic GDS2 file should pop out of the process.
So 2 different people should be able to take the same source-files,
compile them, send them to 2 different fabs, get many chips produced, then
take a few samples apart, and then those chips should look similar.
I think reproducable builds from RTL to GDS2 should be achievable,
although it might take some rethinking the usual processes like e.g. DRC.
Several months ago, I thought about reproducable builds for qflow,
specifically Graywolf, and I came to problem that Graywolf had poor
single-threaded performance for huge projects, so parallelisation was the
obvious solution for that, but I did not had a good idea how simulated
annealing could be done in a reproducable way in parallel.
So my conclusion back then was that if we cannot find a way to do it
reproducable in parallel, that we would need at least a reproduceable way
that is single-threaded, so that the user could choose between fast and
non-reproducable or slow and reproduceable.
I think that a libre PDK and reproducable builds are the best we can
deliver for auditable and trustworthy chips.
More information about the Libre-silicon-devel