Hardware Trust: How IR Imaging Exposes ‘Hidden’ Memory in Silicon
Table of Contents
The Invisible Threat of Hidden Silicon
In the world of high-assurance computing, the phrase ‘trust but verify’ takes on a literal, physical meaning. While software audits and secure boot sequences are the standard for ensuring a system hasn’t been compromised, there is a persistent architectural nightmare for security researchers: the ‘hidden’ memory macro.
The threat is simple but potent. A malicious actor or a compromised foundry could insert a few kilobytes of Static Random-Access Memory (SRAM) into a chip—such as the Baochip-1x—without altering the overall die size. Because the power draw of such a small addition would be indistinguishable from standard manufacturing tolerances, these hidden bits could serve as a perfect staging ground for malicious code, invisible to any software-level inspection. If this memory is gated behind a ‘secret knock’ register—requiring a specific sequence of words to activate—it becomes virtually impossible to find via a standard brute-force address space scan.
However, recent demonstrations in non-destructive infrared (IR) imaging are proving that silicon cannot hide its physical footprint, even at the 22nm node.
Mapping the Macro: How IR Sees Memory
While IR imaging cannot resolve an individual bit cell—which are far too small for this level of optics—it can absolutely resolve the SRAM macro. In semiconductor design, memory isn’t just a cloud of bits; it’s a structured architectural block with distinct visual characteristics when viewed through an IR lens.
Analysis of the Baochip-1x reveals a clear correlation between the source code’s RTL (Register Transfer Level) and the physical silicon. For instance, the rdram1kx32 macro, which serves the data cache for the RV32 core, exhibits a classic ‘central spine’ motif. This design choice reduces maximum wire length by splitting the circuit in half, creating a mirror-image symmetry that is glaringly obvious under IR inspection.
By examining the dark, transistor-heavy regions and the lighter, metal-heavy areas, researchers can count the physical structures of the chip. In the case of the rdram1kx32, the column sense amplifiers and drivers along the bottom edge are wide enough to be counted. With 16 visible on each side, the 32-bit width of the macro is confirmed physically, leaving no room for ‘bonus’ columns added by a third party.
Performance vs. Density: The Visual Tells
The IR imaging also reveals the engineering trade-offs made during the chip’s design. In the rdram1kx32 macro, stippled metal-heavy regions appear between black rows. These are repeaters, essential for maintaining signal integrity across resistive minimum-width wires. Without these, the RAM would be too slow for the RV32’s needs.
Contrast this with the bioram1kx32 macro. Because this is a single-port RAM, the timing requirements are less stringent, allowing the designers to omit those repeaters. This results in a denser, smaller block—a clear indication that the priority for this specific component was area efficiency over raw instructions per clock (IPC). Finally, the aoram1kx36 macro showcases a completely different, density-optimized structure, further proving that different memory purposes leave different ‘fingerprints’ on the silicon.
Establishing the Bounds of Trust
The implication of this research is a significant win for the open-hardware movement. When a system is based on open-RTL, the community can compare the official blueprints against the actual fabricated silicon. If the number of claimed memory blocks in the code strictly aligns with the number of macros visible via IR scan, the ‘hidden memory’ attack vector is effectively closed.
While an attacker might still attempt to add a few individual bytes of RAM in a subtle way, the sheer scale of SRAM macros means that any meaningful amount of added storage would be observable even with entry-level home IRIS setups. By establishing these physical bounds, engineers can finally move toward a model of hardware trust that doesn’t rely on the word of the foundry, but on the verifiable laws of physics.
