The old way of delivering a product to market was to reuse as much IP as possible and verify that the correct functionality has been achieved. Todays secure systems such as smart cards and embedded systems can no longer rely on this design method.
Throughout the supply chain, it is vulnerable to deliberate attacks and design faults. When manufacturers moved to a re-use model of IC design, this plug and play concept reduced design times, risk and time to market. IP could be used that was already proven in silicon. However, this model of production, especially when the IP is delivered from outside of the organisation, can be vulnerable to trojan attacks. When IP is delivered from an external source, it should be verified for not only its functionality but also its security features. This is especially true of secure IP which may, for example, form part of a cryptographic engine. There may also be vulnerabilities from internal IP. Malicious insiders (who could range from disgruntled employees to state actors) could insert small amounts of circuitry that either change the functionality of the device, destroy it or leak valuable information such as encryption keys. Security breaches can also be caused through non-malicious actions. Assumptions made about circuitry interfaced to secure IP blocks can also cause an issue if its assumed that certain secure functionality is provided by interconnected blocks and this functionality is not available. A special design flow is needed to ensure that private information does not move from a secure environment to a less secure environment without being encrypted and that less secure environments do not have direct access to highly sensitive information. During the early part of the year 2000, many semiconductor companies either outsourced their manufacturing or joined forces to share fabs. This model worked before trojans were found in military products destined for the States and caused the US government and others to re-think what happens to designs when they are sent for fabrication. Now, the supply chain was seen to be vulnerable. Many fabs have instigated procedures to prove they are secure such as RFID labeling of devices and people working within the fab and also forensic tracing of devices and people.