Cookies, Ice Cream, Menu Items, Children's Books

Approved for Public Release, Distribution Unlimited
Supply Chain Hardware Integrity for Electronics Defense
SHIELD
Proposer’s Day
Arlington, VA
14 March, 2014
1
Kerry Bernstein
Best Friend of TrustOptix Bill Bickford
Program Manager
Microsystems Technology Office
Defense Advanced Research Projects Agency

Approved for Public Release, Distribution Unlimited 2
All conversations during today’s Proposer’s Day should remain at an unclassified level.
• The Government anticipates proposals submitted under this BAA will be unclassified.
• Classified submissions shall be appropriately and conspicuously marked with the proposed classification level and
declassification date. Submissions requiring DARPA to make a final classification determination shall be marked as follows:
CLASSIFICATION DETERMINATION PENDING. Protect as though classified (insert the recommended classification level: (e.g.,
Top Secret, Secret or Confidential)
• Classified submissions shall be in accordance with the following guidance:
Confidential and Secret Collateral Information: Use classification and marking guidance provided by previously issued
security classification guides, the DoD Information Security Manual (DoDM 5200.01, Volumes 1 - 4), and the National
Industrial Security Program Operating Manual (DoD 5220.22-M) when marking and transmitting information previously classified
by another Original Classification Authority. Classified information at the Confidential and Secret level may be submitted via
ONE of the two following methods:
Hand-carried by an appropriately cleared and authorized courier to the DARPA CDR. Prior to traveling, the courier shall contact
the DARPA CDR at 703-526-4052 to coordinate arrival and delivery.
OR
Mailed via appropriate U.S. Postal Service methods (e.g., (USPS) Registered Mail or USPS Express Mail). All classified
information will be enclosed in opaque inner and outer covers and double wrapped. The inner envelope shall be sealed and
plainly marked with the assigned classification and addresses of both sender and addressee.
The inner envelope shall be addressed to: The outer envelope shall be sealed with no
identification as to the classification of its contents and addressed to:
Defense Advanced Research Projects Agency
ATTN: Kerry Bernstein/MTO Defense Advanced Research Projects Agency
Reference: DARPA-BAA-14-16 Security & Intelligence Directorate, Attn: CDR
675 North Randolph Street 675 North Randolph Street
Arlington, VA 22203-2114 Arlington, VA 22203-2114
Classification Guidelines

• 8:35 AM – 9:00 AM Welcome Mr. Kerry Bernstein, DARPA/MTO
• 9:00 AM – 9:30 AM SHIELD Threat Space Mr. Brett Hamilton, NSWC Crane
• 9:30 AM – 10:30 AM SHIELD Program Mr. Kerry Bernstein, DARPA/MTO
• 10:30 AM – 10:45 AM BREAK Please leave questions at the registration table at this time.
• 10:45 AM – 11:15 AM Benchmarks in Metrics Mr. Arnett Brown, BAH
• 11:15 AM – 12:00 AM Contracting with DARPA, Q&A Mr. Michael Blackstone, DARPA/CMO
• 12:00 PM – 1:00 PM Lunch Lunch will not be provided. DARPA has a café onsite.
• 1:00 PM – 2:00 PM Open Forum Q&A
Each attendee will be provided with two index cards to submit questions before the break for
lunch. These questions will then be discussed and answered at this time.
• 2:00 PM – 2:30 PM SHIELD/DARPA Overview Dr. AratiPrabhakar, DARPA/Director
• 2:20 PM – 2:45 PM BREAK
• 2:45 PM – 3:45 PM Proposer Presentations Mr. Saverio Fazzari, BAH
•
• 3:45 PM – 4:00 PM Final Q&A/Close Out `Mr. Kerry Bernstein DARPA/MTO
Proposer’s Day Schedule

• Groups that are interested in composing a comprehensive teaming proposal may
access the DARPA SHIELD Teaming website bulletin board at:
https://sharepoint.extranet.darpa.mil/sites/mto/SHIELD/SitePages/Home.aspx
to explore collaborations with other possible proposing groups.
• To request an account, please email the request to the BAA-14-16 mailbox at
DARPA-BAA-14-16@darpa.mil
Partnering Opportunities

• Proposers who choose to use abstracts are strongly encouraged to submit an abstract
in advance of a full proposal. This procedure is intended to minimize unnecessary
effort in proposal preparation and review.
• The cover sheet should be clearly marked “ABSTRACT” and the total length should
not exceed 12 pages, excluding cover page and official transmittal letter. All pages
shall be printed on 8-1/2 by 11 inch paper with type not smaller than 12 point.
Smaller font may be used for figures, tables and charts. The page limitation for
abstracts includes all figures, tables, and charts. No formal transmittal letter is
required. All abstracts must be written in English.
• DARPA will respond to abstracts with a statement as to whether DARPA is interested
in the idea. DARPA will attempt to reply to abstracts in writing within thirty (30)
calendar days of receipt.
• Abstract Due Date: March 31, 2014
• Additional detailed information on submitting abstract can be found in the SHIELD
solicitation, DARPA-BAA-14-16.
Abstracts Submissions

• Proposal Due Date: May 30, 2014
• The full proposal must be received on or before, May 30, 2014, in order to be considered during the initial round
of selections.
• DARPA will acknowledge receipt of complete submissions via email and assign control numbers that should be
used in all further correspondence regarding proposals.
• DARPA will post a consolidated Question and Answer response after April 1, 2014, before final full proposals are
due. In order to receive a response to your question, submit your question by April 25, 2014 to
DARPA-BAA-14-16 @darpa.mil
• To comply with the submission guidelines listed in the BAA, please include the following:
• Volume I, Technical and Management Proposal
• Section I. Administrative: cover sheet to include and official transmittal letter. (Note: An official
transmittal letter is not required when submitting an abstract.)
• Section II. Summary of Proposal – this section shall not exceed 15 pages
• Section III. Detailed Proposal Information
• Statement of Work (SOW) - In plain English, clearly define the technical tasks/subtasks to be
performed, their durations, and dependencies among them. The page length for the SOW will be
dependent on the amount of the effort.
• Section IV. Additional Information - A brief bibliography of relevant technical papers and research
notes (published and unpublished) which document the technical ideas upon which the proposal is
based. Copies of not more than three (3) relevant papers can be included in the submission.
• Volume II, Cost Proposal – {No Page Limit}
• Additional detailed information on submitting a full proposal can be found in the SHIELD solicitation, DARPA-BAA-
14-16.
Proposal Information

• For any questions regarding today’s Proposer’s Day or to request a copy of
Mr. Bernstein’s presentation, please email DARPA-SN-14-22@DARPA.mil
• Administrative, technical, or contractual questions should be sent via e-mail
to DARPA-BAA-14-16. All requests must include the name, email address,
and phone number of a point of contact.
The technical POC for this effort is Kerry Bernstein
The BAA Coordinator for this effort can be reached at DARPA/MTO
ATTN: DARPA-BAA-14-16
675 North Randolph Street
Arlington, VA 22203-2114
DARPA-BAA-14-16@DARPA.mil
Contact Information

• At this time, DARPA can not provide early feedback on your ideas. Please
submit abstracts/proposals conforming to the guidelines in the BAA.
• Please refer to the BAA for questions on submission format, deadlines,
technical requirements, cost analysis, etc. For specific questions not covered
in the BAA, please email the coordinator at DARPA-BAA-14-16@DARPA.mil
• For all communication purposes regarding this solicitation, please direct your
attention to the BAA Coordinator, using the email address above.
• US Government employees are bound by law to implicit non-disclosure
agreements with external institutions. You may share information in private
conversations without concern over intellectual property loss.
• DARPA Proposer’s day is a public event; any data released in this venue
should be assumed to have been made public. Please treat your proprietary
data accordingly.
Proposer’s Day Ethics

Welcome and Introductory Comments
Kerry Bernstein
SHIELD Industry Day
14 March 2014

Acknowledgments
Simply getting the DARPA SHIELD Program to this point required massive
efforts and valuable inputs by the following US Government employees and
contractors.
Bob Colwell Saverio Fazzari* Michael Blackstone
Dave Shaver Virginia Arzadum* Fred Schipp
Brett Hamilton Arnett Brown* Beverly Barnhart
Jeff K. Jerry Roddy* Sean L.
Chris Bozada Dan Radack
Matt Kay Don Davidson
Matt Sale Paul Kozemchak
Bob K. Shaun McKinley
Joe H. Chrisma Jackson
Jim Felix Eric Herr
Josh Beutler Dan Marrujo
Jim St. Pierre Mitch Komaroff
ArunSeraphin Nick Diamond
* SHIELD SETA TEAM

CNN Report 10 June, 2012
Counterfeit parts compromise the US Supply Chain and present a
growing threat to national security. Current safeguards are
ineffective; they put American lives and DoD missions at risk.

Supply Chain Control is a Critical Problem
Distributor indicted for supplyingcounterfeits
to Grumman Electric Boat, July 2013
SPECTRUM Magazine
October, 2013, pp. 41-45
Dept. of Defense Instruction
NUMBER 4140.67, 26 April 2013

US Electronic Waste is a Contributing Factor
Received in
Developing Country
Removed from
boards and sorted
Refurbished and remarked
Repackaged
Resold
All images courtesy of SMT Corporation
Shipping from/to U.S.

Electronic Waste Processing Effect on
Quality/Reliability
Image courtesy of Basel Action Network
Image courtesy of SMT Corporation
Uncontrolled heating
during part removal can
cause die cracks or
delamination, leading to
immediate or latent
failures.
Mishandling or
sanding of parts can
cause latent
Electrostatic
Discharge (ESD)
failures.

Electronics Supply Chain is Global
Source: IDC Manufacturing Insights & Booz Allen analysis
Semi Design
Semi Manufacturing &
Packaging
Printed Circuit
Board Production
Printed Circuit
Board Distribution
Global nature of supply chain makes chain-of-custody unworkable
Lifecycle shown for a single JSF component
– Component changes hands 15 times before final install

“Counterfeit components are a 1-in-1,000,000 risk.”
Independent Distributors say that from 0.5% to 35% of
their incoming product is suspected counterfeit.
“Only bad distributors sell counterfeit components.”
Most counterfeit parts sold to contractors come from legitimate
independent distributors lacking effective screening techniques
“Only expensive components are counterfeited.”
DoC reports that over 60% of counterfeit
parts have a sale value of $10 or less.
“Counterfeit parts will be detected by electrical tests.”
More than half of all counterfeit components
have the correct (or equivalent) die.
Common Industry Supply Chain Misconceptions 1
1 B. Hamilton, NSWC Crane, Testimony at SASC Briefing, 9 September, 2013
Image courtesy of:
http://www.rkonlinestore.co.uk/556-dual-timer-ic-
16-pin-dip-pack-of-1-391-p.asp

"It will be because of companies like ours that the gap
in technological advantages between made in [Name of
Country] and made abroad will narrow down“
- from website of an off-shore contract
reverse-engineering business
Quote found on the Web

SHIELD Threat Space
Brett Hamilton
NSWC Crane
SHIELD Industry Day
14 March 2014

SHIELD Technical Program Description
Kerry Bernstein
SHIELD Industry Day
14 March 2014

SHIELD Introductory Comments
1. THANK YOU for your interest in participating in DARPA SHIELD.
Its business, but its also our nation.
2. The following exemplary design point and CONOP is a preferred
embodiment; BAA strives not to overspecify. Got something better?
LETS HEAR ABOUT IT !
3. Besides performers with great ideas, we want performers who “get
it”, and who have a passion for doing something important for
national security. Together we’ll deliver game-changing capability.
4. SHIELD is about the Science and the hardware and the technology:
CONOP, servers, networks are limited to what’s needed for the demo.
5. SHIELD is not about developing new encryption schemes. SHIELD
is about NIST, IEEE, and Industry Standards, or new standards

SHIELD Introductory Comments (cont’d)
6. Teaming is strongly encouraged; DARPA will accept individual
Tech Area 1 & 3 submissions, but complete, collaborative proposed
solutions are preferred and strongly recommended.
7. The Supply Chain’s threat space is immense. Any solution, including
DARPA SHIELD, will be fraught with problems. We expect that. But
we need to begin somewhere.
8. Remaining, unaddressed SHIELD vulnerabilities will include:
• Insider threat
• Server attacks
• Dielet side channel exfil modes inserted during foreign fabrication
• Vulnerability to new reverse engineering modes, circumvention.
9. SHIELD is intended to make counterfeiting more difficult,
expensive, and time consuming.

Programmatics
DARPA SHIELD is about:
• Science
• Hardware Technology
• Security
• Reliability and Trustworthiness
• Functionality
• Manufacturability and Yield
* Except for the minimum necessary to demonstrate SHIELD CONOP
DARPA SHIELD is NOT about:
• Logistics
• Preferred Business Practices
• Acquisition Policy
• Doctrine
• Supplier/distributor business infrastructure
• New encryption schemes
• New checking tools
• Software*
• Back-office structure and networking*
http://www.g33kwatch.com/wp-content/uploads/2011/12/geek-zone.gif

Glossary
Dielet Extremely small computer chip developed during SHIELD
Hardware Root-of-Trust An incorruptible, immutable hardware identity reference
Key
A 256-bit cipher code, stored on dielet and on a secure server, used to
secure the dielet authentication operation
Test Site Limited hardware proof of concept chip without full product functionality
Sensor
Physical hardware structure on SHIELD dielet that passively detects
intrusions compromising security
Probe
A device attached to a communication appliance that powers the SHIELD
dielet
IP Intellectual Property
CONOP Concept of Operations
DFM/DFY Design for Manufacturability/ Design for Yield
PFA Probability of False Alarm
PD Probability of Detection
OEM Original Equipment Manufacturer
GFE Government-Furnished Equipment
IC Integrated Circuit
CDR Critical Design Review
DSS Digital Signature Standard
CMVP Cryptographic Module Verification Program
FITS
Failure rate of a component, measured in Failures-in-Time over the
program
KPOH Lifetime of a component, measured in thousands of power-on-hours
BOM Bill of Material, a list of components comprising a given assembly

Counterfeit:
“Instances in which the identity or pedigree of a product is
knowingly misrepresented by individuals or companies”
- GAO Report to Congress, March 2010
Supply Chain:
“A set of organizations directly linked by one or more
upstream and downstream flows of products, services, finances,
or information from a source to a customer.”
- Cooper, M.C., Lambert, D.M., &Pagh, J. (1997) Supply Chain
Management:MoreThan a New Name for Logistics. The
International Journal of Logistics Management Vol8, Issue
1, pp 1–14
Chain of Custody:
“The chronological sequence of parties, spanning from the
originator of the component to the final intended user, who
directly transfer responsibility for assuring that the identity
or integrity of a component is not compromised while it is in
their possession.”
Definition of Terms

TRUST – Tools for detecting Logic Insertions
• Thorough authentication of design for
requires high tech destructive rev. eng. tools
• Very difficult to validate logic integrity
of individual parts in SC non-destructively.
• What we couldn’t find is as important as what we could find
IRIS – Capabilities for discovering Reliability Compromise
• Only a subset of all possible reliability
compromises can be detected
• Not realistic to assess generic component
lifetime using small sample size; components
will be rendered useless afterwards.
SHIELD Learning from Prior HW Assurance Programs
TRUST
IRIS
DARPA pgms showed certain ways of storing private key will
be difficult to RE, and would destroy part if RE is attempted.

Design Verification Mask Build Chip Build Pkg Test PersDistr Use
TRUST, IRIS Programs Validated Design Preceding Distribution:
- SHIELD Will Take it From There
3rd Party IP
Insider Design
EDA Exploit
IP Theft/Copy
Security Intercept
LEGEND: Design Attack -Hardware Attack-Logistics Attack
Yield Fail Diversion
Overproduction
Process Compromise
Pkg Compromise
Yield Fail Diversion
IP Theft/Copy
False FPGA
Bitstream
Malicious Insertions
Process Compromise
False Validation
Report
DFM Exploits
DARPA TRUST and IRIS Programs developed techniques for
validating the design and process integrity before distribution.
False Expects
SHIELDTRUST
IRIS
False Test Compares
HW Theft
At OEM In Distribution

DoD is Especially Vulnerable to Counterfeits
•Unlicensed overproduction
• Test rejects / sub-std parts
• Repackaged OEM chips
1 NAVSEA Crane internal report
DoD applications present severe demands on components
which make them especially vulnerable to compromise.
• DoD electronic components require high reliability, serviceability.1
• Compromised component failures risk DoD missions, soldier’s lives.
• Long design cycles (10+ years) and product lifetimes (30+ years)
causes components in the bill-of-material to become obsolete.1
• $10-$50 parts become $8000 parts once they are obsolete1 –
providing motivation for recycling, and less-reputable suppliers.
• Whole off-shore industries supply bogus obsolete parts and clone
current parts (with or without malicious changes).
Most common current component supply problems
• Recycled components
• Remarked parts (Mfr date, grade)
• Clones / copies

Attributes of Superior Supply Chain Authentication Tech
1. Extremely low cost, with minimal impact to the component manufacturer,
distributor, or end-user, as well as to the host component itself;
2. Effective at mitigating most supply chain security threats;
3. Be simple, very fast, and executable by untrained operators;
4. Trustworthy, reliable, and prohibitively difficult to spoof;
5. Executable at any place, time along supply chain, providing instant results on-
site;
6. Performed using a inexpensive interrogation equipment;
7. Standardized and widely adopted by government and industry;
8. Manufacturable in high volume using standard foundry processes; and
9. A value-add to the end-product;recognized and requested by the consumer.

SHIELD: The DARPA Supply Chain Solution
SHIELD makes counterfeiting too expensive and too hard to do.
Microscopic
SHIELD dielet
HW Root-of-Trust
Fragile Key Storage
Full Encryption Engine
Unpowered
Passive Sensors
Inductive Powering
and Communication
DARPA SHIELD will develop the ability to provide:
- 100% assurance against certain known threat modes;
- quickly, on demand, at any step of the supply chain; and
- essentially for free.
SHIELD Target Spec
- 100µm x 100µm
(0.01 mm2 Area)
- 100K Devices
- 100 MHz Clock Rate
- 50 µW Total Power
- T ≤ 120C
- <1¢ per dielet
Image courtesy of
http://www.hitachi.com/New/cnews/030902.html

SHIELD Exemplary CONOP
Encrypted Challenge
3. Encrypted Sensors
Dielet Smartphone Server
2. Challenge Download
Serial ID No.
TCPIP Address
1. Serial ID Upload -Database with Dielet Serial ID
Fab Name, Fab Date, Part No.
Random Challenge Generator
4. Authentication Out
Decryption Engine w/Crypto key;
decrypt; compare to original challenge
Encryption
Engine
w/ Crypto Key
(VPN)
Temp Extremes
Xray Exposure
Light Exposure
-Sensors Status -Test Date
-Auditor Identity -Key Requests
3. Appliance Data

Potential Production Test Approaches
Flying Prober
Inspiration from existing Tube, Pick-and-Place, Wire Bond Robotic tech
1. Stock checking of Component 2. Assembly checking in Supply Chain
Pick and Place, Wirebond
Tube handling of components
31
Volume Production technology can be applied to SHIELD approach.
Tooling and control can easily be adapted to authentication.

Critical Hardware Assurance On-Dielet Features
1. A hardware root-of-trust cryptographic key storage which is prohibitively
expensive and time-consuming to reverse-engineer;
2. A complete, compact, on-board key encryption engine, capable of encrypting
an external challenge using its on-board cryptographic key; the cryptographic
key never leaves the SHIELD dielet. The message will be decrypted using the
cryptographic key stored in a secure server database;
3. A physically-fragile but electrically-robust dielet which can be embedded in the
host component's electronic packaging. The dielet self-destructs upon any
attempts to physically open, remove, or transfer it from its host component
withstandard reverse-engineering de-processing techniques;
4. Unpowered, passive sensors that record attempted compromises to the
authenticator dielet and potentially other operations on the overall packaged
assembly such as soldering or de-soldering;
5. Inductive or RF communication and powering to allow contactless operation;
and
6. Built-in dielet resiliency against power-based component exploits or attacks.

Additional Required Design Properties
1.Hardware attacks often leverage re-writable data storage; Any rewritable
storage on dieletmust be carefully assessed for its security.
2.SHIELD dielet proposal must be completely stand-alone, and should not
interact with the host chip in any way. Reliability impacts include:
a. package alterations needed to carry the dielet,
b. unintended inductive or RF coupling impacts on the host device
3.To maintain operational security, the inductive /RF probe and dielet must
be in the immediate vicinity of each other to be able to link.
4. Personalized crypto keys on dieletand server should never be sent.
5. Entire proposed CONOP, including the SHIELD dielet, needs to be
extremely inexpensive to acquire, implement, and execute.
6. To minimize size, power, and cost of the SHIELD dielet, CONOP
complexity should be pushed up to the secure server wherever possible.

Current Untrusted Logistical Supply Chain
Trusted
Zone *
Trusted
Zone *
Shipping
Original
EquipmtMfr
Approved
Reseller
Merchandise
Returns
Independent
Distributor
EBAY
DoD
Application
? ? ? ?
PC Board
Assembly
Subsystem
Assembly
Vulnerability Zone
For all but simplest exploits, DoD has little
system component assurance of authenticity
*Assume parts have OEM integrity before leaving first Trusted Zone
Shipping
Shipping
Shipping
System
Mfg
Stock
34
1
5
432
6
7
8

SHIELD’ed Supply Chain Exemplar
Trusted
Zone *
Trusted
Zone *
ShippingOriginal
EquipmtMfr
Approved
Reseller
Merchandise
Returns
Independent
Distributor
EBAY
Shipping
Shipping
DoD
Application
Shipping
Shipping
Shipping
Shipping
Subsystem
Assembly
PC Board
Assembly
System
Mfr
SHIELD Authentication outside Trusted Zone
Component compromises are now visible
at any point along the supply chain
* Assume parts have OEM integrity before leaving first Trusted Zone
Stock
35
REFRESHER
35
1
5
432
6
7
8

SHIELD Program Structure

Deliverables by Tech Area and Phase
37
Phase 1 Phase 2 Phase 3
TA1
Tech
Dev
On-chip HW tech devlpmt
Key Store, Sensors, Comm,
Pwr, Mfg Processes
- Models
- Test Sites
- SHIELD layouts
TA2
Design
&
Integr
Dielet Logic Design
Standards Conformation
SHIELD Dielet Design
SHIELD Dielet Fabrication
SHIELD Dielet
Characterization
TA3
Deploy-
ment
Packaging Development
Reliability Analysis
Dummy Dielet Fabrication
Network Architecture Design
Inductive Appliance Design
Tooling and Techniques for
handling, insertion
Network Structure Build-out
Inductive Device Fabrication
Demonstration Proof-of-
Concept Supply Chain
Exercise across sites
Red Teaming
Evaluations

Technical Area 1/Phase 1: Technology Months 1-18
TA1/Phase 1 developsfundamental devices, materials, structures
realizingspecific on-board capabilities. Prospective solutions
shouldprovide the SHIELD target specifications.Test Sites will serve as
prototypesfor specific solutionspracticed in Phase 2.
• Fully-described hardware-based solutions
• Hardware models (i.e. COMSOL, SPICE, finite element modeling, etc.)
• Design, build, characterizationof hardware proof-of-concept test sites
• Verification of technology compatibility to conventional IC
manufacturing process.
• Layouts of specific technology reductions-to-practice for Phase 2
• Description of specific test conditions and test pattern files
• Development of a fully defined interface specification for the
technologyfor product integration.
Technical Area 1 / Phase 1: Technology

A. Secure Cryptographic Key Storage Technology.
Secure cryptographic key storage is required on the dielet to sustain
cryptographic-level authentication of the product.
1. Exceedingly difficult to reverse-engineer;
2. Effectively incorruptible;
3. Self-destructive upon reverse-engineering or tamper attempts -
exquisitely fragile, while still extremely reliable under normal
use conditions;
4. Economically personalized with unique serial ID and
cryptographic key information in volume production.
5. Compatible with, and ideally available in, the chip process
technology selected by performers for the dielet’s fabrication.
Technical Area 1 / Phase 1 (Cont’d)

Encryption Details
1. DARPA SHIELD is committed to using only open standard encryption:
Universal trust in the SHIELD concept is critical to its wide acceptance.
2. Performers may implement their choice of encryption
Provide as secure a solution as device count/area/power/perf allows.
3. SHIELD must accommodate drop-in alternative encryption engines.
Program derives technology for new hardware platform.
4. Performers will not be creating new encryption algorithms.
Use only NIST IEEE standards, and CMVP approved code.
5. Performers may use third party IP for encryption engine.
Be sure to document source and accreditation.
6. Dielet should be able to store up to 256 bits of secret key.
Key store should be Suite B compliant.

B. Passive Sensors
Sensors monitor the integrity of the authentication dielet itself, and
watch for component compromise. Sensors must:
1. Passively sense while unpowered; be read only when powered;
2. Be readable only and permanently altered by the exposure;
non-resettable in any way;
3. Be inexpensively integrated into a conventional CMOS process
without impacting the host process;
4. Be small enough to fit in the SHIELD dielet form-factor and
specification;
5. Have an appropriately-tuned sensing threshold, to prevent false
positives caused by safe, existing exposures encountered
throughout the current supply chain.

Chemical
Nitric Acid / Sulfuric Acid Sensing for chemical de-packaging attempts
Mechanical
Pressure or acoustic sensing for polish de-packaging attempts
Laser
Laser wavelength detection for laser de-layering attempts
Light
Daylight sensing for identifying exposed dielet
X-Ray
X-ray detection for attempted secret key imaging
Heat
Temperature sensors to detect de-soldering, component PCB removal.
Passive Sensor Examples

C. Communication/Power Transmission Technology
Inductive/RF coupling will enable small form-factor devices to power
and communicate with the dielet.
1. Dielet should be powered; receive a challenge message; and receive the
encrypted reply within approximately 2 seconds.
2. Performers will determine the bandwidth necessary to support this latency
while passing up to 256 bit key words, a 64 bit serial ID, random
encryption challenges, and much shorter sensor output words.
3. Proposers should develop technologies providing ultra-high efficiency
coupling between on-dieletinductive coil / RF antenna, and the appliance.
4. Dielet must couple to the appliance only when the appliance’s probe is in
its immediate vicinity. The probe otherwise should not emanate
significantly beyond the dielet, nor link to other external devices.
5. Communication with the SHIELD dielet should not be via conventional
RFID technology; but rather only by inductive or RF coupling to another
device within a few millimeters of the host component’s package.
Technical Area 1 / Phase 1

D. Manufacturing/Process Technology
Multiple CMOS process and manufacturing changes needed
to produce SHIELD dielets, with new capabilities, and at target
of less than a penny per dielet. Challenges include:
1. Wafer thinning technologies for SHIELD wafers that are
potentially 10µm or less in thickness, for 100µm x 100µm dies;
2. Integrating sensor, key store technologies into common process;
3. High volume crypto key and ID personalization of each dielet;
4. Contactless test technologies for dielets, test coverage protocol,
application-specific test patterns;
5. Economic production solution for dicing/picking microscopic
dielets that are ~100μm x 100μm;
6. Reliability, lifetime of SHIELD dielet matchinghost component.
Assume host components require100 KPOH lifetimes.

SHIELD Technical Area 2 integrates Technical Area 1 technologies onto
a microscopic dielet equipped to provide comprehensive supply chain
authentication. The extremely small chip will integrate:
• The Technology:
A self-contained encryption engine, secure key storage, passive
intrusion sensors, inductive/RF communication and power, and
• The Logic:
All necessary logic and intellectual property necessary for the dielet
to function as a true authenticator, realize the interface to the secure
server.
Technical Area 2: Design and Integration

Technical Area 2/Phase 1: DesignMonths 1-18
Performers will, by the end of TA2/Phase 1, complete the high level
design of the SHIELD dielet:
1. Define a SHIELD Design Environment, Methodology:
a. Define EDA design environment, using industry conventions
b. Accommodate SHIELD-specific Logic design, synthesis, modeling,
simulation, layout, power estimation, test pattern generation needs.
c. Define conventions for performer interfaces
2. Develop a SHIELD logic design/description, expressed in an
appropriate high-level design language. Design should be:
a. Design should accommodate SHIELD CONOP sequence
b. Design must have logical control of passive sensors
3. Select and identify effective encryption design:
a. Proposals leverage certified 3rd party crypto IP or pre-existing designs
b. Only open standards may be used.

4. Design to Boundary Conditions
a. Sufficient performance to complete interrogation in ~2 secs including
network latencies, ~1 sec without latencies
b. Designs may be asynchronous or synchronous, free choice of clock rate
c. Modeled power consumption and confidence that design will remain
under inductively/RF-powered limitations. Anticipate power-conditioning.
5. Anticipate concurrent technologies being developed
a. Sockets for key store, sensors
b. add new technology as IP blocks; include voltage level shifting, timing
changes, signal buffering.
6. Create and model SHIELD physical design
a. verify robust design functionality across process, voltage, and
temperature.
b. Accommodate +/- 3σ composite process distribution window,
c. BC/WC/Twist Timing Corner functionality verified
d. Functionality from 0-35deg C. Survive -55 degC to 125 degC.
e. Functionality inside +/- 3σ conditioned voltage window
Technical Area 2 / Phase 1 (cont’d)

7. Fabrication Implementation Plan
a. Identify technology and node to be used, preferred vendor
b. Define checkpoints and approximate dates for design and build
c. Explain how new technologies will be accommodated by fabricator
d. A clear path to manufacturing is needed
8. Anticipate concurrent technologies being developed
a. Provide sockets for concurrently-developed key store, sensors
9. Create and model SHIELD physical design
a. verify robust design functionality across process, voltage, and temp.
b. Accommodate +/- 3σ composite process distribution window,
c. BC/WC/Twist Timing Corner functionality verified
d. Functionality from 0-35deg C. Survive -55 degC to 125 degC.
e. Functionality inside +/- 3σ conditioned voltage window
10. Provide a Critical Design Review

Technical Area 2/Phase 2: Integration & Fab Months 19-36
Performers will, by the end of TA2/Phase 2, incorporate TA1’s specific
technology instantiations into their Phase 1 dielet chip design. After final
design checks, process audits, designs will be fabricated.
1. Complete SHIELD dielet design:
a. Incorporate final TA1 outputs
b. Complete checking, generate specific test patterns.
c. Define conventions for performer interfaces
2. Fabricate SHIELD dielets:
a. Release design to MFG, monitor fabrication, intercept for process exits
and re-entries for adjunct technology introductions
b. track process metrology and in-line monitors for SHIELD parts to assure
dielet functionality for Phase 3 technology reduction.
c. dieletmay be fabbed at US or foreign fabrication facilities; transition
partners may later impose restrictions.
d. Test, characterize, and assess reliability of manufactured dielets.
Provide qualification strategy for demonstrating design fulfills spec.

Performers in Technical Area 3 will develop the infrastructure necessary
to demonstrate the SHIELD concept. Work completed in TA3 includes:
• Developing the ability to place SHIELD dielets in component
packaging.
• Creating appliances and probes to remotely test components
• Pulling together a simplified SHIELD network / server environment
• Demonstrating an exemplary CONOP employing the SHIELD device
in an actual DoD product acquisition program.
Performers may team on TA3-only proposals.
Technical Area 3: SHIELD Deployment

Technical Area 3/Phase 1: Pkg Tech, Networks Months 01-18
Fundamental dielet package insertion, attachment, or lamination
techniques are developed in TA3/Phase 1. Network communications and
server backbone design is initiated. This environment will serve only as
a demonstration of the SHIELD proof of concept.
1. Develop package placement target parametrics:
a. Determine required specs, tolerances for dielet placement in the host
b. Develop coupling required for sufficient inductive / RF power, comms
c. Find size of antennae, maximum submersion below package surface
d. Develop positioning conventions to accommodate various package
types.
2. Create SHIELD dummy dieletsurrogate (1 performer):
a. Create with TA2 performers consultation to resemble final form-factor
b. Place electrical structures to assess specific issues of concern

3. Assure reliability of host component containing SHIELD dielet:
Performer will assess reliability, serviceability impacts to host chip
caused by dielet presence and operation. Concerns include:
a. Package strain caused by insertion or presence
b. Hermetic seal fails caused by insertion or presence
c. High electromagnetic field impacts to host component during
interrogate
4. Assure reliability of SHIELD dielet in host component:
Performers will assure the integrity, reliability of the placed SHIELD
dielet in the host package, considering potential damage caused by:
a. Chemical / mechanical / temperature, or electrical materials interactions
with the host packaging materials or process occurring during normal
processing, packaging, dielet insertion or due to aging in normal use.
b. Failures which should intentionally occur if the product is compromised;
must also be demonstrated to occur reliably.
c. Mechanical strain, compressive or tensile effects induced on the SHIELD
dielet by the package or host component
d. Dielet exposure to radiation, high X-ray or RF fields when not in use.

5. Create a SHIELD Inductive/RF Authentication Appliance and Probe:
Performer will design an inexpensive inductive/RF appliance for use
in exercsingthe SHIELD concept. The appliance may be the retrofit
or repurposing of an existing appliance such as a smartphone, with
the addition of an inductive/RF probe connected to the device
Responsibilities include:
a. Design of handheld appliance concept, including documention,
b. Design of an inductive/RF probe, anticipating potential electromagnetic
interference which may obscure coupled signal.
c. Development of necessary microcode, firmware, software needed
The entire SHIELD demonstration will be executed solely using this
hand-held interrogation appliance.

6. Design Network/Server Architecture for the Demonstration Exercise:
SHIELD network and server capability will be created by performers
and will conform to hardware developed in Technical Areas 1 and 2.
Deliverables include:
a. communications between the dielet and the server through the
inductive/RF appliance and network using TLS standards;,
b. All required server transaction and decryption software;
c. A simple graphical user interface that allows users to observe actual
SHIELD transaction demonstrations as they are executed; and
d. A key management plan describing how all cryptographic keys in their
proposed architectures are derived, protected at rest, and protected in
transit.
Network and system architecture should support a geographically
distributed proof of concept using multiple external vendors.
Note that sufficient network and server architecture should be
probided to support demonstration of the SHIELD concept, but is
not the prime focus of the program.

Technical Area 3/Phase 2: Implementation Months 19-36
Development of specific techniques, tooling for placement of dielet into
the host package is created. Mechanical alignment aids for inductive/RF
appliance to SHIELD dielet within the package will also be developed.
Actual networks and servers will be configured. At the close of
TA3/Phase 2, performers should be prepared to execute the SHIELD
CONOP in an actual federal acquisition program.
1. Develop the SHIELD Insertion technology:
Instrumentation, tooling, and logistics for going from wafer final test
into an actual component placement are developed. Steps include:
a. Developing handling technique for taking SHIELD from diced wafers into
a dispensing tool that feeds dielets to a package injector.
b. Creating tooling which dispenses diced and separated dielets into the
injector, and inserts them into the packages.
c. Associating the placed SHIELD dielet serial ID and crypto key with the
host component P/N, date/location of manufacture, reliability grade,
and cryptographic key.
55

2. Develop the SHIELD Network Structure :
Networks and protocols developed in TA3/Phase 1, and in the
design are implemented during TA3/Phase 2. At the end of TA3/
Phase 2, performers will provide the following deliverables:
a. Detailed network schematics indicating protocols and standards;
b. A specific Bill-of-Material indicating commercially available devices that
the transactions will be executed upon;
c. Estimates of transaction times and network latencies;
d. Simulation of actual transactions demonstrating successful execution of
true and false authentication requests, with and without flagged
compromises appearing on the SHIELD sensors; and
e. Build-out of the actual prototypical hardware network for use in SHIELD
TA3/Phase 3.
56

3. Develop the SHIELD inductive/RF appliance:
Technical Area 3/Phase 1 performers who designed the inductive/RF
appliance and its code will, in Phase 2, fabricate the appliance’s
inductive/RF probes and repurpose the appliance itself to the
SHIELD function with required firmware, or software additions or
changes installed. Specific deliverables associated with this task
include:
a. Inductive/RF probe fabrication
b. Repurposed Appliance microcode, firmware, software installation
c. Stand-alone testing of communication between the SHIELD dielet and
appliance.
57

Technical Area 3/Phase 3: Demo Months 37-
48DARPA SHIELD concludes with a demonstration, one year in duration,
of the CONOP practiced in the supply chain of an actual DOD component
listed in a federal acquisition program’s BOM. Actual components will be
shipped between work sites developing the specific assembly the
component is a part of, and performers will exercise SHIELD at those
sites. Performer tasks will include:
1. Demonstrate robust SHIELD placement into real product:
a. Performers will mate SHIELD dielets to product at pkg encapsulation.
b. Performer will identify, correct SHIELD failure modes in practice,
performing defect characterization to identify needed changes to
installation process. Failure data will be collected and compiled by
performers as components are encapsulated and tested, including:
• Fails due to faulty package insertions
• Fails due to non-functional SHIELD chips
• Screening of components, for failure rate uplift at module final test
which had previous passed wafer final test, above the fallout baseline
before SHIELD introduction.

2. Exercise the CONOP:
Performers will exercise the entire SHIELD CONOP.
a. Performers will choose the packaged host they exercise their SHIELD
technology upon from options offered by DARPA.
b. Performers will placing SHIELD solution in those packages in a
production-like environment which DARPA will provide access to.
c. Resulting actual components, equipped with SHIELD, will be passed
through real supply chain channel settings, from supplier
acquisition, through normally-used shipping channels, to subsequent
board and system subassembly vendors.
d. Government Red Team members will compromise the supply chain.
e. Performers will execute the SHIELD operation at various work sites in the
component’s supply chain throughout the US, looking for compromises.
f. Government team members will monitor performer detection results.

Performers will be measured to a set of quantitative benchmarks.
Metrics on SHIELD performer solution effectiveness will include:
1. “Probability of Detection” of compromises (PD), broken out by
a. Component Package (i.e. small passive/discrete, quad plastic flat pack)
b. Failure mode (i.e. missing , inappropriate, or failing SHIELD dielet.)
c. Location type (i.e. at distributor, at subassembly vendor, in shipping),
d. Setting of host component (i.e. supplied in a component tube, mounted
on a printed circuit board, installed in a system)
2. Probability of False Alarm (PFA), broken out by:
a. Component Package (i.e. small passive/discrete, quad plastic flat pack)
b. Setting of host component (i.e. supplied in a component tube, mounted
on a printed circuit board, installed in a system)
3. Average completed authentication delay per SHIELD component.
SHIELD Quantitative Benchmarks

SHIELD Summary of Suggested Specifications
Area A ≈100um x 100um (0.01 mm2)
Device thickness Thinned substrate, likely 10 um or less.
Interrogation Latency
≈ 1 second dielet delay; ≈2 second full transaction delay including
network latencies
Network Communication
Protocol
TLS Standard
Minimum Delay between
interrogations
> 1 Second
Positioning of
inductive/RF probe
T ≈ 1 mm below top surface of component package;
Encryption Standard Up to 256 bit
Serial ID Length 64 bit
Power Consumption Approximately 50µW
Voltage; tolerance
(default)
VDD at discretion of proposer; +/- 10% (default)
Host Temperatures -55deg C - 125deg C
Interrogation
Temperatures
0-35 deg C
Reliability
Sufficient to match 100KPOH host component operation. SHIELD total
operational time is under 1 hour.
Cost C < 1.0¢ per dielet

Program Calendar
14 March, 2014 Proposer’s Day, Arlington, VA
31 March, 2014 Abstracts Due into DARPA by EOB
30 April, 2014 Encourage / Discourage Full Submission Letters to Proposers
30 May, 2014 Full Abstracts Due into DARPA by EOB
3Q 2014 Source Selection, Notification, Contracts
4Q 2014 SHIELD Phase 1 begins

SHIELD Government Support
Saverio Fazzari
SHIELD SETA
SHIELD Industry Day
14 March 2014

Government SHIELD Funding
• DoD recognizes the urgency of addressing supply chain security.
• DARPA MTO is making a significant investment in SHIELD, consistent
with threat supply chain loss-of-control poses to lives and missions
• SHIELD Funding levels and number of performers per technical area
and phase will remain undisclosed, but are substantial, in plan, and
committed
• Submitters should submit proposals that get the job done, rather than
be tailoring them to a specified funding level. Amounts will be
calibrated to resources during contract negotiation.
64

Government Team Responsibilities in SHIELD
Tech Area 1:
1. Red-teaming the secure key storage
2. Evaluating the sensor’s capability versus state-of-the-art features
Tech Area 2:
3. Red-teaming dielet designs for reverse-engineering
4. Red-teaming dielet performance and reliability
5. Identify a trusted manufacturing source for dielet
6. Fabrication of dielet, delivery to performers
Tech Area 3:
7. Identify host components for test, and test environment
8. Develop prototype software for security database
9. Develop appliances and fixtures for checking devices
10. Red-team integrated solution
11. Run test environment for final demonstration
12. Support transition opportunities
General:
Acting as virtual lab with NSA, Navy, Air Force involvement to provide evaluation capability for
the program. It will provide early access to transition opportunities.
65

Government Obligations
66
Tech Area Government-Furnished Equipment and Intellectual
Property
TA1
Tech
Dev
None
TA2
Design
&
Integr
None
TA3
Deploy-
ment
Components for SHIELD insertion
Vendor Locations for SHIELD exercise sites

Manufacturing Options
Solutions must demonstrate a path allowing it to be built in a standard
semiconductor process, and at the target cost.
• Proposers should be able to build prototypes and document a plan
for transitioning their approach to meet the above goal
• Non-production university labs may be used
Many organization offer services for a small number of parts to be built:
• Shuttle runs
• Multi Project Wafer (MPW) runs
Foreign fabrications are allowed in SHIELD
Useful Sources for Information include:
• https://www.tapoffice.org/
• http://www.dmea.osd.mil/trustedic.html
• http://www.mosis.edu
• http://cmp.imag.fr/
• http://www.europractice-ic.com/
67

SHIELD Metrics
Arnett Brown
SHIELD SETA
SHIELD Industry Day
14 March 2014

• Purpose of this discussion
• Detail the attributes of SHIELD design elements that will be measured.
• Outline the methods by which those attributes will be measured.
• Why metrics?
• Tracking and reporting program results and accomplishments.
• Used for objective evaluation of performers.
• Wherever possible, quantitative metrics will be used with industry accepted
figures of merit.
• Qualitative metrics will typically be used to evaluate performer processes in
the absence of a quantitative metric.
• Metrics will not always have a “pass” or “fail” level, especially when
innovative technologies are involved.
• Depending on what is proposed, certain metrics may not apply perfectly.
• Do not allow a metric (alone) to discourage proposing a good idea.
Metrics Overview

Metrics Technical Area 1:
SHIELD On-board Technology
Phase Design Element Characteristics Metric
1 Secure secret key storage -
reverse engineering protection
Harden dielet against
attempts to reverse engineer
Cost1 to reverse
engineer using typical
methods2
1 Secure secret key storage -
hardware corruption protection
Harden dielet against
attempts to defeat security
Cost to defeat using
typical methods3
1 Secure secret key storage - self
destruct on tamper attempt
Discriminate between
apparent tamper and normal
operation
Percent success in
triggering against
typical intrusions;
percent success in not
triggering against non-
intrusions
1 Secure secret key storage - serial
ID personalization
Determine economic method
for serializing dielet in
volume production
Cost per dielet to
implement
1. Cost = time (hours) * number of personnel required * cost of tools ($)
2. Procedures that are known to have been used to reverse engineer integrated circuits.
3. Procedures that are known to have been used to attempt to defeat security features through
hardware corruption.

Phase Design Element Characteristic Metric
1 Passive sensors – examples
include chemical, mechanical,
light, X-rays, heat, etc.
Performer-defined As appropriate
Technical Area 1:
• Specific metrics will be determined based on the nature and function of the sensors proposed.
• General metrics to consider include sensing threshold, cost.

Phase Design element Characteristics Metric
1 Dielet power Inductive power coupling
mechanism
Q factor
1 Dielet communications RF communications mechanism Baud rate
1 Manufacturing process
modifications – form factor
Modifications to meet form factor
requirements1
Cost2
modifications – integration
Modifications for sensor and key
storage integration
Cost
modifications – testing
Modifications to enable dielet
testing
Cost
modifications – special
needs
Production solutions for dielet
dicing, picking, handling
Cost
modifications - reliability
Physical design for reliability3 Cost
1. SHIELD wafer thickness may be 10 microns or less. Dielet size: 100µm x 100µm.
2. Cost is referenced against the target CMOS process with no modifications.
3. Assume 100 KPOH lifetime for host component, no more than 3 Failures In Time (FIT). Assume SHIELD dielet usage
less than 1 KPOH over its lifetime.

SHIELD Dielet Design and Integration
1 Dielet design – encryption engine Logic design for encryption
engine
Performance to specifications1
1 Dielet design – key management Logic design for key
management protocol
Performance to specifications
1 Dielet design – power supply interface Interface logic for power
supply
1 Dielet design – communications Interface logic for
communications
1 Dielet design – sensor interface Interface logic for sensors Performance to specifications
1. Design specifications will be established during Phase 1 development; to verify performance, performers are
responsible for providing results of simulations and/or hardware testbenches as appropriate.

Phase Design Element Characteristic Metric
2 Dielet integration – sensors,
encryption engine, power,
communications and support logic
Mask layout design,
including logical and
physical verification;
functional test pattern
generation
Functional testing;
adherence to dielet power
budget; compliance with
manufacturer ground
rules; percent test pattern
coverage; reliability
analysis
2 Dielet fabrication Release to manufacturing;
process tracking as
required
Pass/Fail1
2 Dielet functional testing Test fixture should be
capable of exercising all
dielet functionality
Pass/Fail
2 Dielet characterization Characterize across
process, voltage and
temperature range
Pass/Fail
1. Pass/Fail: deliverable is required to meet design specifications and pass any/all tests.

Metrics Technical Area 3: SHIELD Deployment
1 Dielet-host integration - packaging Develop solutions for insertion of
dielet into host package
Insertion depth tolerance
of host package1; tools and
skills required to insert
dielet
1 Dielet-host integration - reliability Analysis of dielet insertion
reliability and impact to host
Projected lifetime analysis
of host chip; package strain
analysis; electromagnetic
analysis2; Environmental
testing (temperature, shock
and vibration)3
1 Dielet-host integration – dummy dielet Fabrication of a dielet mock-up for
experimentation
Pass/fail
1 Network architecture design Realization of server-side hardware
and software for dielet-server
communication
Pass/fail
1 Inductive appliance design Realization of hardware and
software for inductive appliance
Pass/fail
1. The SHIELD dielet will be placed approximately 1mm below the outer surface of the host chip.
2. Identify impact of inductive and RF probing in the host chip.
3. The performance of the host chip without a SHIELD solution will be used as a basis for comparison.

• Technical Area 3, Phase 3 Metrics measure the performance of the total
SHIELD solution (dielet in host chip package, interrogated by inductive
appliance).
• PD, PFA, authentication delay
• Probability of Detection of compromises (PD), broken out by:
• Type of host component (e.g. small passive/discrete, quad plastic flat pack)
• Failure mode (e.g.missing , inappropriate, or failing SHIELD dielet)
• Failure location (e.g. at distributor, at subassembly vendor, duringshipping)
• Setting of host component (e.g. supplied in a component tube, mounted on a printed
circuit board, installed in a system)
• Probability of False Alarm (PFA), broken out by:
• Type of host component (e.g. small passive/discrete, quad plastic flat pack)
• Setting of host component (e.g. supplied in a component tube, mounted on a printed
circuit board, installed in a system)
• Average completed authentication delay per SHIELD component

Phase Design Element Characteristics Metric
2 Tools and procedures for dielet handling and
insertion
Develop tools for physical
insertion into host device
Dielet insertion failure rate1
2 Network architecture development and build-
out
Implementation and testing Pass/fail (functionality)
transmission error rate2
2 Inductive appliance development and
fabrication
Implementation and testing Pass/fail
3 Proof-of-concept demonstration Testing of complete
SHIELD solution
Probability of detection
(PD); Probability of false
alarm (PFA); Average
completed authentication
delay per SHIELD
component
3 Government “Red Team” evaluation Penetration testing
1. Likelihood of the dielet to be damaged during the insertion process (# of failures per 100 insertions).
2. Transmission errors between dielet and server due to operational anomalies such as improper positioning of
inductive appliance, insufficient application time, low battery condition, etc.

• Technical Area 2, Phase 2 is essentially a CMOS IC physical design and
manufacturing effort
• Performers will be expected to perform design, validation and verification
tasks consistent with a CMOS IC physical design process including:
• compliance with design ground rules of the manufacturer;
• logical to behavioral design verification;
• logical to physical design verification;
• functional test pattern generation with a goal of 100% test coverage;
• EM and power analysis
• additional checks as required to validate any “special case” technologies
• Performers will be responsible for functional testing and characterization of
the finished dielet.
• Characterization results will be compared against expected (simulated)
results as a metric for the physical design effort, and against Phase 1
specifications as a metric for the logical design effort.

Image courtesy of DARPA

Cookies, Ice Cream, Menu Items, Children's Books

Recommandé

Recommandé

Contenu connexe

Similaire à Cookies, Ice Cream, Menu Items, Children's Books

Similaire à Cookies, Ice Cream, Menu Items, Children's Books (20)

Plus de www.SMARTvt.org

Plus de www.SMARTvt.org (20)

Dernier

Dernier (20)

Cookies, Ice Cream, Menu Items, Children's Books

Notes de l'éditeur