On Fri, Sep 18, 2015 at 07:32:14PM +0200, Paul Hänsch wrote:
Or maybe you can image them in some kind of MRI...? Then you could at least match your chip against the image of a prototype. Can a microprocessor survive the MRI process? Are MRI resolutions high enough to make the structures visible, at least for past generation chips? Are the materials in the processor suitable to produce a clear image?
I don't know, but I think people take X-ray images of chips or something similar, to investigate security, manipulations or QA in factories or something.
In any case I don't think it would be practical.
When everything is software you can try repeatable builds (or more traditionally you can just do your own build and discard the binary you suspect). But that is because you can produce the object from the source. In hardware you can't produce the circuit from the design if you don't have a factory, and even if you had some form of repeteable builds for hardware, you'd still need advanced machinery to check a sample is similar enough to your repeteable build. I don't know whether the infrastructure for manufacturing would be more expensive or less that the infrastructure for verification, but I believe any of them would be too expensive and so complex that the "reflections on trusting trust"[1] by Ken Thompson would likely apply mutatis mutandis.
In fact we would need both open hardware and affordable hardware factories. But, hey, open hadware is a great start and a necessity even if you can't build a fab in your garage.
[1] http://www.win.tue.nl/~aeb/linux/hh/thompson/trust.html https://www.schneier.com/blog/archives/2006/01/countering_trus.html etc.