On Tue, Aug 30, 2016 at 12:49 AM, Randy Bush wrote:

there are a fair number of scary papers about fpga trojans. it is very hard to verify fabbed silicon, driving folk to desperate techniques such as multi-fab comparison etc.

Meaningfully / reliably / repeatably decapping small micron process, paying for multi-fab runs, or attempting to exhaustively pattern test billions of gates via i/o pins let alone the hidden supervisor you can't test, seems a bit pointless. Which is why you openfab and infuse your open audit, verification, public access, "no secrets" policies, throughout the entire process... design, supply, tooling, manufacture, n-man staffing, packaging, etc. All fabs and product today are effectively secret. That's beyond stupid. Especially for things you "rely on". Fix that.