|
|
|
|
|
|
by impdmnt2Prgrss
3683 days ago
|
|
|
It would be very complex to fill the entire chip with cells---whose functionality mattered, otherwise we the attacker could replace them without the defender noticing---and get them wired in to the rest of the chip. There is a tradeoff between area utilization and routability of the design: it gets exponentially more difficult to route a design as its area utilization increases. This is why most commercial chips have 20% to 30% of free space in the layout. Even worse, in many commercial chips, there are spare cells to allow for cheap low-level patching. The attacker can just swap out one of these cells with their own and have an attack that only modifies a single cell. |
|
|