Title: IRIS: Non-Destructive Inspection of Silicon - media.ccc.de Description: IRIS (Infra-Red, *in situ*) is a technique for non-destructively inspecting the construction of a select but common type of chip. It can ... Keywords: 38c3, 39, 2024, Hardware & Making, Saal GLITCH, Chaos Computer Club, Video, Media, Streaming, TV, Hacker Text content: IRIS: Non-Destructive Inspection of Silicon - media.ccc.de News RSS, last 100 Podcast feed of the last two years SD quality Podcast audio feed of the last year Podcast archive feed, everything older than two years SD quality Podcast feeds for 38c3 webm SD quality mp4 SD quality opus mp3 vtt News RSS, last 100 Podcast feed of the last two years SD quality Podcast audio feed of the last year Podcast archive feed, everything older than two years SD quality Podcast feeds for 38c3 webm SD quality mp4 SD quality opus mp3 vtt browse congress 2024 event IRIS: Non-Destructive Inspection of Silicon Andrew 'bunnie' Huang Saal GLITCH Hardware & Making Playlists: '38c3' videos starting here / audio 57 min 2024-12-27 2024-12-30 518 Fahrplan We are aware of audio issues, especially during talks of day 1 (2024-12-27). Some talks have been released in a preview-version, but are still being worked on behind the scenes. IRIS (Infra-Red, *in situ*) is a technique for non-destructively inspecting the construction of a select but common type of chip. It can improve visibility into our hardware and provide supporting evidence of its correct construction, without desoldering chips or expensive analytical gear. This talk covers the theory behind IRIS, as well as some embodiments of the technique. I will also frame the relevance of IRIS in the face of various threat scenarios. Time permitting, I’ll also show how you can do it at home by peeking around a few chips as a demo. Do we really know what chips are inside our devices? To a first order, the answer is “no”. We can read the label printed on the chip's package, but most of us have no way to determine if the silicon actually matches what’s on the label. This lack of transparency has lead to much hand-wringing about the safety of our global supply chains, as chips zig-zag the globe on their way to our doorstep: each stop is an opportunity for bad actors to inject malicious hardware, and those of us without access to million-dollar analytical gear have no way of detecting this. IRIS (Infra-Red, *in situ*) is a technique I have been developing that aims to democratize the inspection of silicon. It turns out that for a select but fairly common type of chip - those in chip-scale packages - a simple modification to an off the shelf microscope camera can enable the visualization of micron-scale features within – without requiring any nasty chemicals or desoldering chips. I will also show how the basic everyday technique can be combined with a Jubilee 3D motion platform to create detailed, full-chip images. This talk will cover the basic theory behind the technique, and frame it in the context of several hypothetical threat scenarios that highlight its strengths and limitations. It is important to understand that IRIS is not a panacea for chip verification, but it is a significant step forward in improving transparency. I will also discuss its potential as a new tool for system designers who are serious about enabling user-level hardware verification. Finally, time permitting and equipment cooperating, I would like to share the simple pleasure of being able to take a peek inside the chips of some common mobile phone motherboards with a live demo. Licensed to the public under http://creativecommons.org/licenses/by/4.0 Download Video MP4 WebM Download 1080p eng-deu 757 MB Download 576p eng-deu 177 MB Download 1080p eng-deu 401 MB Download 576p eng-deu 205 MB These files contain multiple languages. This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player. Audio Download mp3 eng 53 MB Download mp3 deu 53 MB Download opus eng 45 MB Embed Share: Tags 38c3 39 2024 Hardware & Making Saal GLITCH by Chaos Computer Club e.V –– About –– Apps –– Imprint –– Privacy –– c3voc