The Fraunhofer institute AISEC has authored the study Security Evaluation of Hardware Design Synthesis" on behalf of the BSI, which describes in several case studies how the process of synthesis can weaken countermeasures against hardware attacks or even render them useless.

Automated Optimizations Compromise Security

The design of digital chips consists of several steps. It usually starts with high-level concepts and block designs. Afterwards, the chip’s functionality is specified in high-level hardware description languages such as VHDL (Very High Speed Integrated Circuit Hardware Description Language). During the following process, called "Synthesis", designers use special design tools to compile this description to a technology specific netlist. At this point, the designers may define certain constraints, like the frequency at which the chip must operate or area limitations. To ensure that these criteria are met, the design tools apply several optimization measures, which might have a negative impact on certain functional elements of the chip.

Embedded systems for instance can contain countermeasures against so-called "hardware attacks". These attacks do not target weak spots in the software, but use inherent properties of the hardware itself. Such hardware attacks include Side Channel and Fault Injection Attacks. The implemented countermeasures can react very sensitive to changes of the design by the synthesis process up to a point where they might fulfill their intended functionality only partly or yet not at all.

Optimization settings must be chosen carefully

The study contains examplary analyses of subsystems of the Google Open Titan. This is an open hardware design that may be freely synthesized and manufactured. This open source design contains several security measures which are continuously verified by the community. Nevertheless, when the optimization settings are not carefully chosen, security issues can occur.

To avert this risk the system designers should be familiar with the constraints of their tools and choose or deactivate optimizations accordingly. Furthermore the BSI advises to intensify the research on analysis tools. This study is a first step in this direction. Moreover also independent security certifications, especially of the readily synthesized chip, can help to detect the flaws discovered in the study.