Proceedings of a Workshop—in Brief

Enabling a Resilient U.S. Microelectronics Ecosystem

Proceedings of a Workshop—in Brief

On April 17, 2024, the National Academies of Sciences, Engineering, and Medicine’s Forum on Cyber Resilience held a workshop to explore key considerations for a secure, resilient, and sustainable microelectronics ecosystem in the United States. The workshop aimed to serve as a forum for conversation between government and private stakeholders on issues such as incentives for security and information sharing between public and private sectors. The workshop was organized as a series of panel discussions followed by questions from a moderator and the audience. Panel discussion topics included requirements for high-assurance microelectronics (e.g., used in national security), the importance of public–private partnerships, supply chain security, and secure fabrication. The workshop was motivated by discussions during meetings of the National Academies’ Forum on Cyber Resilience. John L. Manferdelli, Forum Chair, opened the workshop.

PANEL 1: SECURITY AND ASSURANCES REQUIREMENTS FOR NATIONAL SECURITY APPLICATIONS

The first panel, moderated by Jay Lewis, National Institute of Standards and Technology (NIST) National Semiconductor Technology Center, focused on the security and assurance requirements for national security applications within the broader microelectronics ecosystem. Lewis set the stage by emphasizing that the greatest advantage for the United States lies in its economic engine and its ability to innovate.

Meredith Dyck, National Security Agency (NSA), outlined the U.S. government’s approach to protecting and promoting access to advanced semiconductor technologies. This strategy involves legislation such as the CHIPS and Science Act of 2022 and various technology control policies. Dyck stressed the importance of close collaboration between the government and industry to achieve these goals.

Molly Just, Department of Defense (DoD), described her role in representing national security equities to the Department of Commerce. Just is currently developing a comprehensive microelectronics acquisition strategy for DoD, which aims to quantify the current and future demand signal. Just highlighted the challenges of engaging early in commercial design cycles to ensure that national security needs are met.

Chris Irvine, Qualcomm, provided insights into Qualcomm’s efforts to prioritize security, driven largely by the demands of major customers such as cloud providers. Irvine explained that the monetization of security in the commercial sector often comes through liability avoidance. Irvine detailed Qualcomm’s significant investments in verification processes, which led to the development of

an assurance framework capable of predicting vulnerabilities before the silicon stage.

Murugiah Souppaya, NIST, discussed the agency’s ongoing work to develop a cybersecurity framework profile specifically tailored for the microelectronics industry. NIST is actively collaborating with industry partners to identify standards and best practices that can help mitigate threats throughout the life cycle of microelectronics products. Souppaya emphasized the goal of establishing a consistent way to communicate assurance to customers.

During the question and answer (Q&A) session, the panel addressed several key topics. Irvine discussed the need to better utilize existing security features in products. The panel also explored economic incentives for security, such as insurance premiums, with insights from Just, Dyck, and Irvine. Manferdelli, a workshop participant, raised a series of questions regarding open-source software, state-of-the-art design, and access to data, which prompted responses from all panelists. Last, Dyck emphasized talent development as the top priority for the future of the microelectronics industry.

PANEL 2: DESIGN AND FABRICATION ECOSYSTEM RESILIENCY

Bob Wisnieff, IBM, moderated the second panel, which delved into the resiliency of the design and fabrication ecosystem. Wisnieff framed the discussion around the distinction between threats to an ecosystem and threats that emerge through an ecosystem.

Mike Lyden, Draper Laboratory, argued that cyber attacks aimed at disrupting operations pose a more probable threat than sophisticated hardware trojans. Lyden advocated for the establishment of an Information Sharing and Analysis Center specifically for the microelectronics industry to facilitate the sharing of threat intelligence between public and private sectors. Lyden also drew attention to a novel attack vector through venture capital funding, “adversarial partnership,” to leverage funder relationship with start-ups to access intellectual property (IP) and other privileged information. Lyden also discussed vulnerabilities posed by downstream obsolescence.

Catherine Crawford, IBM, shared insights from her work on applying artificial intelligence (AI) to cyber threat monitoring in manufacturing settings. Crawford suggested that these techniques could help identify anomalous behavior in fabrication facilities before attacks have a chance to escalate. Crawford proposed a “system of systems” approach and emphasized the potential of using AI and machine learning to analyze the vast amounts of operational data generated in these environments.

Steve Carlson, Cadence, highlighted the economic disadvantages faced by the United States in the semiconductor supply chain, primarily due to higher costs compared to other countries. While acknowledging the importance of the CHIPS Act in leveling the playing field, Carlson stressed that ongoing investment will be necessary to maintain competitiveness. Carlson also cautioned that export controls risk shutting the United States out of certain markets in the long term.

Shawn Fetterolf, Intel, acknowledged that while Intel places a high value on security, decisions ultimately come down to an economic cost–benefit analysis. Fetterolf pointed out the misalignment of incentives between government and commercial markets when it comes to prioritizing security. Fetterolf suggested making use of all available policy levers, improving communication around the value proposition of security, and allowing sufficient time for industry to adapt to new requirements.

During the Q&A session, the speakers engaged in a spirited debate on several topics. Crawford, Fetterolf, and Carlson discussed whether increasing design complexity improves or degrades security. Fetterolf explored the challenge of rewarding good security practices when the benefits of these practices are not always immediately apparent. Lyden raised concerns about the potential consequences of AI-based design tools becoming push-button easy, which could lower the barrier to entry for less experienced or malicious actors. Crawford and Fetterolf emphasized the need to make electrical engineering an attractive career choice again to ensure a robust talent pipeline. Last, Fetterolf discussed strategies for communicating to policy makers the importance of sustaining investment in microelectronics security.

PANEL 3: ENGINEERING SECURITY INTO THE SUPPLY CHAIN

Tim Booher, Boeing, moderated the third panel and shared his perspective on the challenges of certifying the

security of complex multicore systems-on-a-chip (SoCs) used in safety-critical applications.

Brett Hamilton, Applied Research Institute, described his company’s work on the Microelectronics Commons program, which aims to develop secure interface standards for chiplets. Hamilton highlighted the increased use of third-party IP as a significant risk factor in the design and manufacturing process.

Noah Evans, Sandia National Laboratories, provided insight into Sandia’s unique requirements for guaranteed security, even in low-complexity systems. Evans explained that Sandia designs its own hardware and firmware and conducts testing in-house. However, Sandia is interested in exploring the use of commercial parts if they can be adequately assured. Evans identified opportunities in areas such as compositional verification and the ability to lift behavior from chip layouts.

Wayne Austad, Idaho National Laboratory, advocated for a “cyber-informed engineering” approach that takes into account cyber threats from the earliest stages of design. Austad outlined a framework that encompasses protected design files, the secure transfer of data across boundaries, and formal verification of physical properties. Austad mentioned that his team is currently piloting this approach in Department of Energy projects.

Jeff Krieg, NSA, provided a historical perspective on the agency’s Trusted Access Program Office, which evolved into the Defense Advanced Research Project Agency’s TRUST program. Krieg emphasized that assurance is an ongoing process rather than a one-time event. He noted that NSA is often asked to assess a wide variety of parts without advance notice, highlighting the need for a flexible and responsive assurance infrastructure.

During the Q&A session, the panelists addressed several important topics. Booher, Hamilton, and Evans discussed the challenges of certifying complex multicore SoCs. A workshop participant raised the question of whether new technologies such as chiplets make assurance easier or harder, prompting responses from Austad and Evans. The panelists also explored the possibility of extending verification to the hardware/firmware boundary, with insights from Austad, Krieg, and Evans. Last, Hamilton and Booher underscored the importance of recruiting more hardware engineers to meet the growing demand for expertise in this field.

PANEL 4: SECURE FABRICATION—REQUIREMENTS AND ACCESS

Manferdelli moderated the fourth panel, which focused on the critical issue of secure fabrication.

Louise Sengupta, Northrop Grumman, provided an overview of ongoing efforts to map the microelectronics supply chain and identify standards and metrics for assurance. Sengupta discussed NIST’s initiative to establish a National Semiconductor Test Center, which will pilot secure assembly methods and serve as a resource for the industry.

Saverio Fazzari, Booz Allen Hamilton, presented a compelling case for the creation of a “national secure fabrication facility” to ensure assured access to leading-edge semiconductors for national security needs. Fazzari argued that such a facility would need to be government owned and operated to maintain the highest levels of security and control.

During the Q&A session, several important topics were raised. One workshop attendee inquired about the challenges of ensuring secure fabrication plants as the industry moves toward new business models, such as “fab-for-hire” arrangements. Sengupta and Fazzari discussed the role of the CHIPS Act in providing access to secure onshore fabrication capabilities. Manferdelli addressed a question about how advances in AI and automation may impact fabrication facility operations and security in the future.

PANEL 5: SUMMARY DISCUSSION

In the final panel, moderators from the previous sessions came together to summarize the key themes that emerged throughout the day’s discussions.

Lewis and Krieg reemphasized the need for better information sharing between public and private sectors, in terms of both threat intelligence and best practices. They highlighted the importance of establishing trusted channels for communication and collaboration within the microelectronics community.

Austad advocated for a shift in focus toward building resilience against untrusted components, rather than attempting to secure every element of the supply chain. He argued that this approach would be more practical and effective in the long run.

Crawford stressed the importance of improving economic incentives and providing clear justifications for the return on investment in security measures. She noted that this would help drive adoption and prioritization of security best practices across the industry.

Manferdelli and Evans addressed the critical issue of the talent pipeline, emphasizing the need to develop skilled professionals at all levels, from hands-on fabrication technicians to security architects. They called for increased investment in education and training programs to meet the growing demand for expertise in microelectronics security.

Booher and Sengupta discussed the importance of agreeing on shared metrics for security and driving these into procurement requirements. They argued that a common framework for assessing and communicating security assurance would facilitate better decision making and help align priorities across the supply chain.

Wisnieff and Hamilton highlighted the need to plan for paradigm shifts in design and manufacturing, such as the adoption of chiplets and three-dimensional packaging technologies. They emphasized the importance of proactively addressing the security implications of these emerging approaches.

Fetterolf advocated for moving beyond a compliance mindset and toward a more dynamic, risk-based approach to security. He argued that this would enable organizations to better adapt to the rapidly evolving threat landscape and prioritize their efforts based on the most significant risks.

Fazzari and Souppaya called for expanded precompetitive collaboration and the establishment of industry-wide standards for security. They emphasized the value of pooling resources and knowledge to address shared challenges and drive meaningful progress.

The panelists expressed a shared sense of optimism about the opportunities presented by the CHIPS Act to address the complex challenges facing the microelectronics industry. They acknowledged that there is no single “silver bullet” solution, but rather a need for a multifaceted approach that combines smart policy, sustained investment, and robust public–private partnerships. The panelists agreed that continued engagement and collaboration from all stakeholders will be essential to realizing the vision of a secure and resilient domestic microelectronics ecosystem.

DISCLAIMER This Proceedings of a Workshop—in Brief was prepared by Nneka Udeagbala as a factual summary of what occurred at the workshop. Claude AI was used in the initial draft for this document. All material generated by the AI platform used in this document was fact-checked to ensure accuracy of the presented information. The statements made are those of the rapporteur or individual workshop participants and do not necessarily represent the views of all workshop participants; the workshop planning committee; or the National Academies of Sciences, Engineering, and Medicine.

WORKSHOP PLANNING COMMITTEE MEMBERS John L. Manferdelli (Chair), VMware; Fred Schneider (NAE) (Chair Emeritus), Cornell University; Yair Amir, Johns Hopkins University; Maritza Johnson, University of San Diego; and Brian LaMacchia, FARCASTER Consulting Group.

STAFF Tho Nguyen, Senior Program Officer, Computer Science and Telecommunications Board (CSTB); Nneka Udeagbala, Associate Program Officer, CSTB; Jon Eisenberg, Senior Board Director, CSTB; Shenae Bradley, Administrative Coordinator, CSTB; and Sudhir Shenoy, Associate Program Officer, National Academy of Engineering.

REVIEWERS To ensure that it meets institutional standards for quality and objectivity, this Proceedings of a Workshop—in Brief was reviewed by Constanza Vidal Bustamante, American Security; Brian Korn, Intel; and Jeyavijayan Rajendran, Texas A&M University, Katiria Ortiz, National Academies of Sciences, Engineering, and Medicine, served as the review coordinator.

SPONSORS This workshop was sponsored by the Department of Defense, the National Institute of Standards and Technology (under the financial assistance award 60NANB22D156), and the National Science Foundation.

SUGGESTED CITATION National Academies of Sciences, Engineering, and Medicine. 2024. Enabling a Resilient U.S. Microelectronics Ecosystem: Proceedings of a Workshop—in Brief. Washington, DC: The National Academies Press. https://doi.org/10.17226/28840.

For additional information regarding the workshop, visit https://www.nationalacademies.org/event/42476_04-2024_workshop-on-enabling-a-resilient-us-microelectronics-ecosystem. Division on Engineering and Physical Sciences Copyright 2024 by the National Academy of Sciences. All rights reserved.