A research paper by PhD candidate Sergei Skorobogatov at the University of Cambridge has been circulating in the media that highlights a backdoor in Microsemi/Actel ProASIC3 chips allegedly used by the US military. Many outlets have been reporting that China is likely behind the potential threat as the chips were manufactured there but as it turns out, those reports aren’t entirely accurate.
The findings were first reported in a Reddit post where it’s likely that someone there started the initial finger-pointing at China, perhaps as part of an agenda-based attack. From there the story spread like wildfire over the potential security threat that the backdoor poses.
"This backdoor has a key, which we were able to extract. If you use this key, you can disable the chip or reprogram it at will, even if locked by the user with their own key. This particular chip is prevalent in many systems, from weapons [and] nuclear power plants to public transport. In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems," Skorobogatov said in the research paper.
While it’s true that the chips were manufactured in China, they weren’t responsible for the backdoor. Reports are now claiming that California-based Actel inserted the backdoor, not as a malicious activity but rather as a built-in debugging interface. Errata Security researcher Robert Graham says that the interface is called JTAG (named after the Joint Test Action Group that was created to test circuit boards) and is a common debugging practice. He notes that someone would need to have physical access to a chip to “exploit” it.
"Whether you call this a security feature to prevent others from hacking the chip through JTAG or a secret backdoor available only to the manufacturer, is open to interpretation," Graham said.
A question that still remains is how widespread the use of Microsemi/Actel ProASIC3 chips actually is. Contrary to Skorobogatov’s research paper, Graham says that this is not a top-secret “military” chip like most are being led to believe. He says that none of Actel’s chips are certified by the government to “hold secrets.”
Based on these recent findings, it seems that the whole thing could have been blown way out of proportion.