Some folks I work with are interested in chiplets for secure/defense purposes. If you don't trust the fab but you do trust the integrator, the fab can make multiple little modules with well-defined interfaces, and your integrator can instrument the interfaces more easily than an entire chip.
Yes, here have been a fair number of public DoD studies around the virtues of disaggregation when it comes to security. Minimize the people/things you have to trust (eg. RoT).
I’m sure they are smart, and are applying bigtime brainpower to the project. But my basically layman gut take is, it seems surprising that inside-the-package is a reasonable place to have an attack surface.
And is it really impossible to sneak an antenna into chiplet?
The threat model I'm thinking of is the untrusted 3rd party fab.
For example, you want to use the fancy new process node that's only available from SketchySemi in some other country. They're happy to do business with you, but you're worried about hardware trojans.
Chiplets help isolate the untrusted component so you can focus your scrutiny on its i/o.
SketchySemi could put antennas inside the chiplet they sell to you, but you have freedom to orient the chiplet however you want, wrap it in shielding, throttle its power, etc.
> SketchySemi could put antennas inside the chiplet they sell to you, but you have freedom to orient the chiplet however you want, wrap it in shielding, throttle its power, etc.
That makes total sense. The paranoid approach to software involves writing N separate pieces using teams that can't talk to each other to minimise how many people know what the overall system can do. Applying the same reasoning to hardware seems to end up with this conclusion (and probably some enthusiasm for FPGAs).
I'm curious to what extent software built in this isolated silos scheme actually works, best guess is it's OK but slow and expensive to build. Same idea might apply here, i.e. it's a way to make hardware take longer to put together.
