<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Mon, Aug 29, 2016 at 7:14 AM, Allen <span dir="ltr"><<a href="mailto:allenpmd@gmail.com" target="_blank">allenpmd@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><span class=""><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
1) Where are the open fabs where I can get a trusted processor design<br>
fabricated, and at reasonable cost?<br>
2) Given the effectiveness of incredibly simple malicious hardware<br>
additions, some of which are difficult to notice even with a careful<br>
destructive analysis of the fabricated part, how can I verify that the<br>
fabricated design is indeed what I expected and consistently so?<br></blockquote><div><br></div></span><div>I wonder if one could build a low-performance, high-cost but secure processor from an FPGA? It would seem on the surface to be more difficult to embed an exploit in an un-programmed FPGA, especially if it had a very regular structure.</div></div></div></div></blockquote><div><br></div><div>Much depends on what you need but start with "Magic-1".<br><a href="http://www.homebrewcpu.com/">http://www.homebrewcpu.com/</a><br></div><div><br></div><div>One advantage is the compiler is also a near clean white page design.<br>The instruction set is minimum and only what the compiler needed (yes C</div><div>compiler).<br><br>Some FPGA versions out there might run faster.<br><br>The risk with the marvelous billion+ transistor processors is</div><div>the internals are secret and that is not likely to change.<br><br>The billion gate parts are here and fast. <br>Surrounding these parts are very large gate cont I/O and memory systems.<br>This landscape of hardware is not going to change if you want to go fast.<br><br>It seem like firewalls and old school programmable I/O channel tech</div><div>might be the current best turf for mortals. Eight bit parts are less likely</div><div>to be abused today and the little guys could load FPGAs <br><br>Emulators are fast and worthy and make it easy to run the old PDP</div><div>operating systems and tools. It is a unique target for hacking so some</div><div>levels of safety exists.<br><br>Virtual machines could be hacked but a bytecode VM could have the</div><div>code randomized and all the interesting stuff rebuilt for exactly one</div><div>instance making the python or java VM at a CGI interface harder to hack. <br><br>Stack machines running FORTH are near simple to grock.<br><br>Lets not forget the Lilith. </div><div><a href="https://en.wikipedia.org/wiki/Lilith_(computer)">https://en.wikipedia.org/wiki/Lilith_(computer)</a><br><a href="https://en.wikipedia.org/wiki/AMD" class="" title="AMD" style="text-decoration:none;color:rgb(11,0,128);font-family:sans-serif;font-size:14px;line-height:22.4px;background-image:none;background-repeat:initial">AMD</a><span style="color:rgb(37,37,37);font-family:sans-serif;font-size:14px;line-height:22.4px"> </span><a href="https://en.wikipedia.org/wiki/AMD_Am2900" title="AMD Am2900" style="text-decoration:none;color:rgb(11,0,128);font-family:sans-serif;font-size:14px;line-height:22.4px;background-image:none;background-repeat:initial">2901</a><span style="color:rgb(37,37,37);font-family:sans-serif;font-size:14px;line-height:22.4px"> </span><a href="https://en.wikipedia.org/wiki/Bit-slice" class="" title="Bit-slice" style="text-decoration:none;color:rgb(11,0,128);font-family:sans-serif;font-size:14px;line-height:22.4px;background-image:none;background-repeat:initial">bit-slice</a> parts are hard to find but FPGA libraries</div><div>could be built. <br><br>Emulators are inexpensive to start... </div><div><a href="http://pascal.hansotten.com/?page=emulith">http://pascal.hansotten.com/?page=emulith</a><br><br><br></div><div><br></div><div><br></div></div><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"> T o m M i t c h e l l</div></div>
</div></div>