Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Cambridge researchers uncover backdoor in military chip

Discovery raises questions about hardware assurance in the semiconductor industry

Article comments

Researchers at the University of Cambridge have found evidence that Chinese manufacturers are putting backdoors in FPGA (field-programmable gate array) chips used by the US military.

The research was conducted in response to claims by intelligence agencies around the world that the silicon chips that run their defence systems are vulnerable to Trojans. Considerable investment has been made in software computer networks and system defences to detect and eradicate such threats, but similar technology for hardware is not currently available.

To test the theory, the researchers carried out advanced code breaking on highly secure Actel/Microsemi ProASIC3 chips with sophisticated encryption, manufactured in China. While scanning the chip with their specially-developed Pipeline Emission Analysis (PEA) technology, the researchers discovered a previously unknown backdoor inserted by the manufacturer.

“This backdoor has a key, which we were able to extract. If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key,” said security researcher Sergei Skorobogatov in a blog post.

“This particular chip is prevalent in many systems from weapons, nuclear power plants to public transport. In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems. The scale and range of possible attacks has huge implications for national security and public infrastructure.”

The research paper also states that it is not possible to patch the backdoor in chips that have already been deployed, so those using this family of chips could be easily compromised, or will have to be physically replaced after a redesign of the silicon itself.

The discovery has inevitably led to concerns over whether Microsemi/Actel included the backdoor to give the Chinese control of US military information infrastructure. The report states that the discovery of a backdoor in a military-grade chip raises serious questions about hardware assurance in the semiconductor industry.

However, Robert David Graham writing on the Errata Security blog, said that there is no evidence the Chinese put the backdoor there deliberately, or even that it was intentionally malicious.

“Backdoors are a common problem in software. About 20% of home routers have a backdoor in them, and 50% of industrial control computers have a backdoor. The cause of these backdoors isn't malicious, but a byproduct of software complexity,” said Graham.

He added that it is remotely possible that the Chinese manufacturer added the functionality, but highly improbable, as it is prohibitively difficult to change a chip design to add functionality of this complexity. He suggested that the functionality could have been part of the design, but that Actel intended to disable it.

“The Chinese might subvert FPGAs so that they could later steal intellectual-property written to the chips, but the idea they went through all this to attack the US military is pretty fanciful,” he concluded.

For further analysis, see Alec Muffett's blog on our sister site, Computerworld UK.


More from Techworld

More relevant IT news


NiteOwl_OvO said: From what Ive read elsewhere this was never intended to be a backdoor It is instead a build-in set of keys intended to provide secure access by the manufacturer for programming and reprogramming of the chips They didnt realize that someone would discover the keys and go public with it It seems like whoever leaked the story is at fault here

Disgusted said: Just becausethe authorthinks it fanciful that the Chinese or any manufacturer for that matter would think to put a backdoor into a chip doesnt make that line of thought any lessnaive Using an enemys own preconceived notions against them is a time proven strategy for success in war or even peace can you say Soviet Union Iraq to name two obvious examples That weutilizecomponents manufactured in foreign countries in sensitive applicationsis absolutely moronic and just shows how ineptcorrupt our own government is Meanwhileour governmentcontinues to molest travelers looks the other way when bankers steal trillions not to mention homes by forging legal documents and the taxpayers are paying their fines is still pestering Roger Clemens for lying to Congress Jon Corzine is unindicted helps to bea democrat fundraiser for stealing over 1000000000 dollars of customer money Things that make you go hmmmm Chips with back doors built in is the least fanciful thing going on lately

Dufus said: Seems to me that the first question to ask is why the US is having gate array chips for the military mfrd in China in the 1st place

SardonicVeritas said: It is hard not to conclude that there is whole lot of inflammatory finger pointing against China without a whole lot of fact checking Here are quotes from the author of the original research paper and Robert Graham who is also quoted in this article The claims about the Chinese being involved was made up by someone who originally made the post at Reddit Skorobogatov told ZDNet AustraliaIt is the US manufacturer Actel who inserted the backdoor Skorobogatov wroteErrata Security researcher Robert Graham also called initial reports bogus saying there was no evidence to suggest that it was the Chinese that were responsible or even that the backdoor was malicious

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *