What Would Joe Do?
Peggy Aycinena is a freelance journalist and Editor of EDA Confidential at www.aycinena.com. She can be reached at peggy at aycinena dot com.
SmartFlow’s Ted Miracco: Hacking Issues Weigh on Minds of EDA Execs
February 16th, 2017 by Peggy Aycinena
I like spending time with executives from the EDA industry, in part because I used to be an executive in that industry. Last fall at the SmartFlow Anti-Piracy Summit, I had conversations with a dozen or so executives and heard a new urgency in their voices for help solving the challenge of unauthorized use of software and semiconductor IP.
While this has been a problem for decades, according to these executives the challenge is morphing and changing. I’ll share some things I heard in these conversations.
First of all, software cracking is an ongoing problem. Certainly, industry statistics from the BSA | The Software Alliance point to a consistency in software piracy, but the EDA industry is particularly hard hit. This software is very high value, making it a target for hackers. The executives that I spoke with said this hacking is impacting their growth rates significantly.
Anti-Piracy Summit keynote speaker David Locke Hall, author of CRACK99: The Takedown of a $100M Chinese Software Pirate, described his discovery, during his tenure as a U.S. attorney investigating software piracy, that the Chinese government – including the People’s Liberation Army – systematically steals data not only from the U.S. government, but from players in the commercial sector in the U.S. as well.
He warned his audience that if the U.S. loses its technology, it will lose its military and commercial edge. However, the government is doing very little to investigate or stop piracy, Hall said, and companies cannot rely on the government to come to the rescue.
Software piracy victims must instead become self-sufficient in adopting a good compliance program to collect the intelligence data required to prove the theft of IP. And then, they must go after the pirates instead of simply ignoring the problem.
A second major topic of discussion at the summit was the concern that cracked EDA software goes hand-in-hand with the unreported use of semiconductor IP. Cracked EDA software is often used by the same companies that use misappropriated, or under reported, semiconductor cores and other hard IP.
EDA executives are feeling the pressure to help their legitimate customers protect the IP cores that they license for use in SoCs. If the royalties from these cores dry up, so will the sales of EDA tools to the fabless semiconductor firms that rely on IP sales.
Owners of IP cores, or even a complete chip design, have traditionally found it difficult and expensive to prove that their IP is being used illegally in a product. Therefore, they are very interested in learning more today about how anti-piracy technology can help detect misuse and gather solid data on IP core piracy, the kind of data that can be used to prove misuse.
New hacking methods was a third, very hot topic of conversation at the Anti-Piracy Summit.
Defeating the license manager has been the traditional way to crack software, but now hackers are attacking from new angles: in one case, hacking the underlying operating system on a computer, so that the license manager is bypassed just by running the application on that compromised OS.
Fourth and finally, EDA executives at the summit wanted to know more about how cutting-edge technology and ongoing security developments can help them protect their software as typical tamper detection methods fail. Clearly, new methods must constantly be developed to stay ahead of the pirates.
At SmartFlow, consideration of all of these issues provides important motivation for our work. The technologies around anti-piracy aree becoming more sophisticated every day, helping to foster optimism that the software and IP associated with semiconductor design will enjoy better protections going forward.
The Ceo of SmartFlow Compliance Solutions has 25+ years of experience in sales, marketing, and business development for high-tech software companies. He launched SCS in 2014 and as CEO oversees the development and marketing of its anti-piracy and compliance technology.
Previously, Miracco was co-founder and EVP of AWR (now National Instruments), where he developed the company’s methodology for identifying, reporting, and tracking unauthorized use of AWR software and established methods and procedures for combating software piracy domestically and internationally. Ted holds a B.S.E.E. from Carnegie Mellon University.
You can learn more about Ted Miracco and SmartFlow Compliance Solutions through an interview I posted with Miracco in November 2015.