Zero-Trust Communication between Chips

Outsourcing chip production is common among semiconductor vendors to cope with the increasing demand for integrated circuits. This has resulted in several security issues in the chip supply chain, including hardware trojans, intellectual property theft, and overproduction. Zero-trust presents a promising solution for ensuring the authenticity of Integrated Circuits (ICs), particularly in critical systems where adversary attacks can cause significant losses or damage. The Security Protocol and Data Model (SPDM) is a reliable protocol that uses certificates to ensure the authenticity of ICs. Based on this protocol, the presented paper proposes a chip-to-chip zero-trust security architecture that aims to verify the authenticity of any connected peripheral before its use. The contributions include an overview of the proposed architecture, implementation and formal verification of the SPDM protocol, and analysis of the challenges encountered during the implementation and execution.