[paulgerhardt]

Yes and no. Sending a chip to one foundry to do the first few layers and taking the chip to a second or third foundry has been done at Stanford as a proof of concept to mitigate against this attack. Other attacks are still possible but likelihood of success starts dropping off a cliff.

Foundries will generally use different “standard cells” (ratio of dopant in silicon to make the basic building blocks of your “P’s” and your “N’s”) so this is actually a big ask and not trivially supported out of the gate.

This in turn can be worked around by double welling ones designs but it becomes a yak shave real fast.

With OpenTitan compiling on open synthesis tools we’re about 3 of 5 steps towards an open silicon root of trust.

[sanxiyn]

I think the parent is asking about the different problem: how to verify when you are not the one sending it to the fab. (Just like how to verify binaries when you are not the one doing the build.) In both cases fab and compiler are trusted.