Hardware/Software Implementation of a Chip-to-Chip Communication Protocol Based on SPDM

Zero-Trust security has received significant attention because of its focus on the need to constantly verify rather than trust, especially as attackers use increasingly sophisticated methods. It is now critical to ensure the security and authenticity of Integrated Circuits (ICs), particularly in important systems like drones or Internet of Things devices. Since most ICs are manufactured in third-party foundries to cut costs and improve production efficiency, there are concerns about the theft of IC design intellectual property and the potential deployment of hardware-level trojans. To tackle these issues, this study suggests a zero-trust chip-to-chip (ZTC2C) security architecture that verifies the authenticity of any connected peripheral before its use, ensuring secure, trusted interactions and enabling robust chip-to-chip communication, even between components from different manufacturers. The proposed architecture consists of four key modules: a Zero-Trust Processor (ZTP) with an RV64 core, a Zero-Trust Management (ZTM) unit with an RV32 core featuring Certificate and Secret Storage (CSS) and a Certificate Management Unit (CMU). The ZTP interfaces with the connected peripherals, allowing the execution of the Security Protocol and Data Model (SPDM). SPDM is a reliable option for achieving zero-trust security on the hardware level. The proposed architecture is prototyped on an embedded platform based on the Genesys 2 board and then integrated into a drone flight controller based on the VCU118 board to protect it from unauthenticated plugged devices. It achieved a peak computational performance of 4 GFLOP/s (8 GFLOP/s) on the Genesys 2 (VCU118) platform, using only 32% (22%) of the available resources and consuming 80 mW (195 mW).