Open Fabs

[grarpamp]

On Wed, Jul 29, 2015 at 9:47 PM, Steve Kinney <admin at pilobilus.net> wrote:
> That's exactly what I'm talking about:  Essentially taking over
> the production process and working alongside facility staff, with
> particular attention to choke points where validation is both
> possible and productive.  ISO quality programs include provision
> for onsite participation by clients

I submit the above is moot... you're taking your chip design in on your
USB, happy as a clam to be the one to insert it into their computer,
pull it up on their screen, and watch the whole thing play out before
your eyes... on down the line till out pops a chip in your hand, yay!
But you failed to realize their computer and software probably wasn't
made by them, nor has any open to you audit crosscheck been wrapped
around it or it's operators and maintainers... on down the line.
You can carve a stick with a knife but you can't really build a trusted
cpu with an untrusted cpu.

If the goal is to build an open trusted fab, you must build an open
trusted fab, by and with the hard and different philosophical mofos
who refuse to concur unless each step of design, build and operation
is plainly validated. Otherwise you're just selling tourist tickets to
the theme park.

This is old school TCSEC / CC applied to manufacturing.

You have cost efficiency in that the knowledge of tool and chip making
already exists. You use that savings to offset cost of rebuilding with TCSEC.
As opposed to trying to impart trust upon existing systems which
is prohibitive.

> Somewhere, the rising curve
> of security costs will cross a falling curve of security risks,
> and that's as good a place as any to draw a line.

Trust is not defined by a point on a cost curve.