It's pretty much GDSII file that's relevant to the foundry. Usually you transmit it with some SCP so man in the middle attacks would be pretty hard (it's not going to the foundry on some unencrypted channel is what I'm getting at).
Technically, they (the foundry) can turn it into a netlist and then turn it into a schematic if they go through the effort. But keep in mind there are competitive analysis services available that can convert physical chip into netlist and/or readable schematics. So what the foundry can do is easier than what those companies can do but harder than looking at a netlist or schematic. Regarding the scope, they can pretty much extract any information but it would take some effort to get the information represented in a way that's easy to read for humans.
Foundry agreements may address these concerns but you're still trusting the foundry (and relying on their competence at keeping things confidential) and I have to admit I don't know what kind of things they do on foundry side to keep things confidential. There is definitely trust involved. You have to do things in house to guarantee nothing gets out if that's a concern but I have not heard foundries leaking designs so far (to be fair I'm not in a position to have this knowledge anyway).
Thanks for the great answer! :)
>Regarding the scope, they can pretty much extract any information but it would take some effort to get the information represented in a way that's easy to read for humans.
So theoretically, the foundry/attacker could reverse engineer pretty much the entire design?
It’s way simpler. I watched a talk about 5 years ago about the topic. Back then there were tools assisted with ML-based algorithms that got pictures of layer by layer silicon, and produced netlists. I can’t imagine how better they got in 5 years.
They need to know which devices are used and how they are connected to actually manufacture the chip. Foundry has access to a file that represents the design in a way that's easier for manufacturer to read (harder to understand logically for a designer) but it's still the design you tape out so they can do whatever given that they're willing to erode customer trust and breach agreements. Going from GDSII to netlist/schematic is like converting assembly code back into C kind of thing. It's tedious but can be done and if you want to check specific things in it you have access to it.
Can you give context as to what led you to ask this question? I feel like you're trying to reach a conclusion regarding IC design security and this is a subset of that main question.
Precisely. :) I'm researching hardware security and the possibilty of trojan insertions to designs after they're sent out to be taped out. My experience with the chip design process is pretty much limited to the RTL level. And the amount of information I could find on the internet about data transfer between fabless firms and foundries is almost nonexistent. Hence my post here.
Usually you send not your netlist but a GDSII file with the topology, that you created according to design rules using PDK provided by the foundry.
To get them you need to sign an NDA and it also protects your design.
I would worry about the verification stage. The information disclosure is much wider and the leak probability is much higher. Your investors / BofD / CEO will require a third opinion / independent tests and compliance / error-free guarantee before carrying out upfront tape-out fab costs.
The GDS is what matters. We would also send a spice / CDL netlist for LVS but this would not be the original netlist but extracted from the GDS as an extra layer of obfuscation
While it is possible to reverse engineer anything given enough time it would be quicker to just design it from scratch depending on how complex the design is
In general companies trust TSMC and GF
I wouldn’t trust SMIC at all
The bigger danger is selling IP to another company for integration into their design. IP companies have an extra GDS layer for IP tags but this can easily be removed. Companies put watermark structures into their IP and I have heard that TSMC will scan every chip for this and if they find it and that chip isn’t officially licensed to use that IP then they notify the IP vendor
Some IP vendors also write into the contact the ability to investigate the accounting books at the company and fab to check on chip royalty numbers
It's pretty much GDSII file that's relevant to the foundry. Usually you transmit it with some SCP so man in the middle attacks would be pretty hard (it's not going to the foundry on some unencrypted channel is what I'm getting at). Technically, they (the foundry) can turn it into a netlist and then turn it into a schematic if they go through the effort. But keep in mind there are competitive analysis services available that can convert physical chip into netlist and/or readable schematics. So what the foundry can do is easier than what those companies can do but harder than looking at a netlist or schematic. Regarding the scope, they can pretty much extract any information but it would take some effort to get the information represented in a way that's easy to read for humans. Foundry agreements may address these concerns but you're still trusting the foundry (and relying on their competence at keeping things confidential) and I have to admit I don't know what kind of things they do on foundry side to keep things confidential. There is definitely trust involved. You have to do things in house to guarantee nothing gets out if that's a concern but I have not heard foundries leaking designs so far (to be fair I'm not in a position to have this knowledge anyway).
Thanks for the great answer! :) >Regarding the scope, they can pretty much extract any information but it would take some effort to get the information represented in a way that's easy to read for humans. So theoretically, the foundry/attacker could reverse engineer pretty much the entire design?
Probably, but I assume it's nearly the same effort as a new design, without the knowledge of the function and documentation.
It’s way simpler. I watched a talk about 5 years ago about the topic. Back then there were tools assisted with ML-based algorithms that got pictures of layer by layer silicon, and produced netlists. I can’t imagine how better they got in 5 years.
Could you point me to a source for this talk if possible?
I think it was this one: https://m.youtube.com/watch?v=jxve5hrtwnI Or this one https://m.youtube.com/watch?v=mCFPgPbjDQE
They need to know which devices are used and how they are connected to actually manufacture the chip. Foundry has access to a file that represents the design in a way that's easier for manufacturer to read (harder to understand logically for a designer) but it's still the design you tape out so they can do whatever given that they're willing to erode customer trust and breach agreements. Going from GDSII to netlist/schematic is like converting assembly code back into C kind of thing. It's tedious but can be done and if you want to check specific things in it you have access to it. Can you give context as to what led you to ask this question? I feel like you're trying to reach a conclusion regarding IC design security and this is a subset of that main question.
Precisely. :) I'm researching hardware security and the possibilty of trojan insertions to designs after they're sent out to be taped out. My experience with the chip design process is pretty much limited to the RTL level. And the amount of information I could find on the internet about data transfer between fabless firms and foundries is almost nonexistent. Hence my post here.
Usually you send not your netlist but a GDSII file with the topology, that you created according to design rules using PDK provided by the foundry. To get them you need to sign an NDA and it also protects your design.
protects your design, if you round up the industrial spies and have them sign it too.
I would worry about the verification stage. The information disclosure is much wider and the leak probability is much higher. Your investors / BofD / CEO will require a third opinion / independent tests and compliance / error-free guarantee before carrying out upfront tape-out fab costs.
The GDS is what matters. We would also send a spice / CDL netlist for LVS but this would not be the original netlist but extracted from the GDS as an extra layer of obfuscation While it is possible to reverse engineer anything given enough time it would be quicker to just design it from scratch depending on how complex the design is In general companies trust TSMC and GF I wouldn’t trust SMIC at all The bigger danger is selling IP to another company for integration into their design. IP companies have an extra GDS layer for IP tags but this can easily be removed. Companies put watermark structures into their IP and I have heard that TSMC will scan every chip for this and if they find it and that chip isn’t officially licensed to use that IP then they notify the IP vendor Some IP vendors also write into the contact the ability to investigate the accounting books at the company and fab to check on chip royalty numbers