Remoticon Video: From Zero To ASIC; How To Design In Silicon

Designing your own integrated circuits as a one-person operation from your home workshop sounds like science fiction. But 20 years ago, so did rolling your own circuit boards to host a 600 MHz microcontroller with firmware you wrote yourself. Turns out silicon design isn’t nearly as out of reach as it used to be and Matt Venn shows us the ropes in his Zero to ASIC workshop.

Held during the 2020 Hackaday Remoticon, this is a guided tour of the tools used in the Skywater PDK — the Process Design Kit that is an open-source ASIC toolkit produced in a partnership between Google and SkyWater Technology. We covered the news when first announced back in June, but this the most comprehensive look we’ve seen into the actual design process.

Drawing N-channel MOSFET in silicon

Matt builds up the demo starting from the very simple design of an N-channel MOSFET with click-and-drag tools similar to graphics editing software. The good news it that although you can draw your own structures like this, for digital designs you won’t have to. A wide variety of IP has been contributed to the open source project allowing basic building blocks to be pulled in using HDL. However, the power of drawing structures will certainly be the playground for those needing analog design as part of their projects.

As with EDA software used for circuit boards, the PDK includes design rule checks to ensure you aren’t violating the limits of the 130 nm chip fab. There’s some other black magic in there too, as Matt specifically mentions an antenna rules check to safeguard your design from being fried by induced current on “large” (microscopically so) metalized runs during the fabrication process.

Part of a massive logic flow chart for an IC counter design

The current workflow involves grinding through a large number of configuration files, something Matt admits took him a long time to wrap his head around. However, what’s available for proofing your design is very impressing. He demonstrates SPICE simulation to calculate timings, and shows numerous examples of verification drawings generated by the compilation process, either in the form of seeing the structures as they will be laid out, or as logical flow charts. This is crucial as a single run will take 2-3 months to come back from fab — you want to get things right before buttoning up the project. Incidentally, that’s know as “tapeout”, a term you’ve likely heard before and he says it comes from reels of magnetic tape containing the design being removed from the computer and sent to production. Who knew? (This tidbit in strikethrough appears to be incorrect).

But wait, there’s more to this than just designing the things. Part of the intrigue of the Skywater-PDK project is that Google bought into covering a group run about once per quarter so that open-source designs can be ganged onto a multi-project wafer free of charge to the people submitting them. That’s pretty awesome and we’re giddy to hear news of people getting their wafer-level chip scale devices — also known as flip chips — back for testing. Matt is planning a more in-depth paid course on the topic. For now, get a taste of what’s involved from this excellent workshop found after the break.

Continue reading “Remoticon Video: From Zero To ASIC; How To Design In Silicon”

The Golden Age Of Ever-Changing Computer Architecture

Given the accuracy of Moore’s Law to the development of integrated circuits over the years, one would think that our present day period is no different from the past decades in terms of computer architecture design. However, during the 2017 ACM Turing Award acceptance speech, John L. Hennessy and David A. Patterson described the present as the “golden age of computer architecture”.

Compared to the early days of MS-DOS, when designing user- and kernel-space interactions was still an experiment in the works, it certainly feels like we’re no longer in the infancy of the field. Yet, as the pressure mounts for companies to acquire more computational resources for running expensive machine learning algorithms on massive swaths of data, smart computer architecture design may be just what the industry needs.

Moore’s law predicts the doubling of transistors in an IC, it doesn’t predict the path that IC design will take. When that observation was made in 1965 it was difficult or even impossible to envision where we are today, with tools and processes so closely linked and widely available that the way we conceive processor design is itself multiplying.

Continue reading “The Golden Age Of Ever-Changing Computer Architecture”

RISC-V Will Stop Hackers Dead From Getting Into Your Computer

The greatest hardware hacks of all time were simply the result of finding software keys in memory. The AACS encryption debacle — the¬†09 F9 key that allowed us to decrypt HD DVDs — was the result of encryption keys just sitting in main memory, where it could be read by any other program. DeCSS, the hack that gave us all access to DVDs was again the result of encryption keys sitting out in the open.

Because encryption doesn’t work if your keys are just sitting out in the open, system designers have come up with ingenious solutions to prevent evil hackers form accessing these keys. One of the best solutions is the hardware enclave, a tiny bit of silicon that protects keys and other bits of information. Apple has an entire line of chips, Intel has hardware extensions, and all of these are black box solutions. They do work, but we have no idea if there are any vulnerabilities. If you can’t study it, it’s just an article of faith that these hardware enclaves will keep working.

Now, there might be another option. RISC-V researchers are busy creating an Open Source hardware enclave. This is an Open Source project to build secure hardware enclaves to store cryptographic keys and other secret information, and they’re doing it in a way that can be accessed and studied. Trust but verify, yes, and that’s why this is the most innovative hardware development in the last decade.

Continue reading “RISC-V Will Stop Hackers Dead From Getting Into Your Computer”

Let’s Talk Intel, Meltdown, And Spectre

This week we’ve seen a tsunami of news stories about a vulnerability in Intel processors. We’re certain that by now you’ve heard of (and are maybe tired of hearing about) Meltdown and Spectre. However, as a Hackaday reader, you are likely the person who others turn to when they need to get the gist of news like this. Since this has bubbled up in watered-down versions to the highest levels of mass media, let’s take a look at what Meltdown and Spectre are, and also see what’s happening in the other two rings of this three-ring circus.

Meltdown and Spectre in a Nutshell

These two attacks are similar. Meltdown is specific to Intel processors and kernel fixes (basically workarounds implemented by operating systems) will result in a 5%-30% speed penalty depending on how the CPU is being used. Spectre is not limited to Intel, but also affects AMD and ARM processors and kernel fixes are not expected to come with a speed penalty.

Friend of Hackaday and security researcher extraordinaire Joe Fitz has written a superb layman’s explanation of these types of attacks. His use of the term “layman” may be a little more high level than normal — this is something you need to read.

The attack exploits something called branch prediction. To boost speed, these processors keep a cache of past branch behavior in memory and use that to predict future branching operations.¬†Branch predictors load data into memory before checking to see if you have permissions to access that data. Obviously you don’t, so that memory will not be made available for you to read. The exploit uses a clever guessing game to look at other files also returned by the predictor to which you do have access. If you’re clever enough, you can reconstruct the restricted data by iterating on this trick many many times.

For the most comprehensive info, you can read the PDF whitepapers on Meltdown and Spectre.

Update: Check Alan Hightower’s explanation of the Meltdown exploit left as a comment below. Quite good for helping deliver better understanding of how this works.

Frustration from Kernel Developers

These vulnerabilities are in silicon — they can’t be easily fixed with a microcode update which is how CPU manufacturers usually workaround silicon errata (although this appears to be an architectural flaw and not errata per se). An Intel “fix” would amount to a product recall. They’ve already said they won’t be doing a recall, but how would that work anyway? What’s the lead time on spinning up the fabs to replace all the Intel chips in use — yikes!

So the fixes fall on the operating systems at the kernel level. Intel should be (and probably is behind the scenes) bowing down to the kernel developers who are saving their bacon. It is understandably frustrating to have to spend time and resources patching these vulnerabilities, which displaces planned feature updates and improvements. Linus Torvalds has been throwing shade at Intel — anecdotal evidence of this frustration:

“I think somebody inside of Intel needs to really take a long hard look at their CPU’s, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed.”

That’s the tamest part of his message posted on the Linux Kernel Mailing List.

Stock Sales Kerfuffle is Just a Distraction

The first thing I did on hearing about these vulnerabilities on Tuesday was to check Intel’s stock price and I was surprised it hadn’t fallen much. In fact, peak to peak it’s only seen about an 8% drop this week and has recovered some from that low.

Of course, it came out that back in November Intel’s CEO Bryan Krzanich sold off his Intel stock to the tune of $24 Million, bringing him down to his contractual minimum of shares. He likely knew about Meltdown when arranging that sale. Resist the urge to flame on this decision. Whether it’s legal or not, hating on this guy is just a distraction.

What’s more interesting to me is this: Intel is too big to fail. What are we all going to do, stop using Intel and start using something else? You can’t just pull the chip and put a new one in, in the case of desktop computers you need a new motherboard plus all the supporting stuff like memory. For servers, laptops, and mobile devices you need to replace the entire piece of equipment. Intel has a huge market share, and silicon has a long production cycle. Branch prediction has been commonplace in consumer CPUs going back to 1995 when the Pentium Pro brought it to the x86 architecture. This is a piece of the foundation that will be yanked out and replaced with new designs that provide the same speed benefits without the same risks — but that will take time to make it into the real world.

CPUs are infrastructure and this is the loudest bell to date tolling to signal how important their design is to society. It’s time to take a hard look at what open silicon design would bring to the table. You can’t say this would have been prevented with Open design. You can say that the path to new processors without these issues would be a shorter one if there were more than two companies producing all of the world’s processors — both of which have been affected by these vulnerabilities.