Electronics Design and the coming wave of regulation



Electronics Design and the coming wave of regulation


Over the last ten years, we have witnessed the emergence of low cost standoff weapons (aka “drones”) resulting in the reshaping of warfare and the possibility of stronger asymmetric opponents. The electronics of these devices are critical and are the subject of this post.

The model for drone warfare emerged from human operated weapons.  Japanese use of numerous aircraft based suicide aircraft was a costly problem as WW2 drew towards its conclusion in the Pacific in the mid 1940s.  For the loss of a few pilots, thousands of shipboard fighting men were imperiled by the sacrifice of a small number of human lives using inexpensive, “one way” aircraft. It is interesting to conjecture that if the Japanese Air Corps used this strategy early in the war with highly trained pilots (vs last minute teen aged conscripts in the late stage of the conflict), they could have crippled the US Navy at the cost of a few thousand lives.

The use of passenger jets on September 11, 2001 exploited this exact scenario, while exploiting a security “achilles heel” (see below) in concurrent airport screening processes of the day.


The idea of drone (or one way unmanned operated weapons) is to have numerous, inexpensive systems simultaneously attack a powerful enemy using the following assumptions:


1: A high cost, standoff defense system may have certain “achilles heel”  characteristics that were not considered in the original design specification.  


An excellent example of an achilles heel is the October 12, 2000 attack upon the USS Cole in Aden Yemen.  The Cole, designed for conventional standoff defense against distant threats, was quite vulnerable to a small boat attack its its waterline.


2. Low cost of production for offensive weapons can allow for “overwhelming”of a target  through sheer numbers.  The earliest and most obvious use of this tactic is, or course, the machine (or automatic) gun; capable of delivering modestly targeted ordinance in high volume against a fixed target. The abundance of these types of weapons in the US has proven their effectiveness even in the hands on unskilled operators over the last 90 years.

In the Ukraine, the use of inexpensive, slow but lethal drones (“Iranian Made”) highlights the potential of low cost systems being replicated in high numbers and deployed en masse against a target.  Iran has supplied a weapon known as “Shahed” into the Ukrainian conflict which has garnered significant media attention recently.  These devices are relatively slow and easy to intercept, however, air defenses have to be in place and available at all times to respond.  This may be useful in a locality (a city or military installation) but scaling defense across an entire country is daunting and unlikely to be a viable solution.

3: Ease of design and component procurement allow for improvised adaptation of existing technologies gives significant leeway to drone system designers to produce weapons. The explosives are “relatively easy”.  System range, ease of operation and endpoint targeting are the main challenges of such a system.

4: The ubiquitous use of technologies for non lethal purposes allows system designers the potential to adapt those technologies into improvised lethal systems. In the case of the drones used in the Ukraine, the semiconductor components are highly likely to have been sourced from US, European and Chinese fabs; repurposed for their application. A good system engineer can adapt components with great agility.

One notable element of many new commercial products is the use of pattern recognition and AI assisted hardware platform decision making.  

A humorous but highly relevant example is the “anti-targeting” systems advertised by various makers of robotic home vacuum cleaners.  Using pattern recognition, systems can recognize and avoid common household obstacles such as electrical cords and pet waste.  One manufacturer  has issued a youtube video proudly describing the baseline and variant models for pet waste that have been used to inform pattern recognition algorithms to enable a robot vacuum cleaner to “anti-target” such debris, to avoid turning a robot vac into a germ spreader. “Our engineers have created pattern recognition algorithms for thousands of varieties of pet waste…” declares one manufacturer.

It’s interesting to consider - pet waste and its variants are a highly sophisticated shape structure compared to a building, a fixed antenna, an industrial tank farm or a vehicle.  If an ASIC can be designed to anti-target an amorphous shape; it likely is an excellent targeting resource for a weapon system, slightly modified.

The mission profile differs, but the basic toolset is available.

5: What comes next?

As available commercial technologies “pile up” and provide ever varied options for ad-hoc military system designers to create lethal products, the possibility of better armed and more lethal asymmetric opponents waging a surprise attack anywhere in the world is increased.  Improvised drones, today, have limited payload capability so these systems present a “terror profile” unlikely to decisively win in a long term conflict.

The more relevant  issue is the “next 9/11” which, from an improvised drone perspective, is likely a matter of time.  Fifty or sixty drones each carrying a kg-level of explosives into a crowded venue is imaginable, and eminently executable, by the similar actors supplying into the Ukraine conflict.  

When and if this happens, the backlash will likely fall squarely on our industry.


6: Implications for the electronics industry

Chips used in the attack drones were manufactured at (Fill in your choice)”  …blazes the headlines of  the New York Times the week after some future tragedy.  “US Regulators eye new electronics industry controls on chip design and production…” appears a few weeks later.  

One of the greatest weaknesses of the semiconductor industry is its concentration upon a relatively small number of photomask manufacturers, as well as a very limited number of engineering design automation (EDA) tool suppliers positioned to support chip designers worldwide.  Masks, of course, “fan out” to hundreds of semiconductor fabs around the world.It can be argued that, if you control the masks, you can effectively control the supply.  (Emergent masking technologies such as electron beam writing are inaccessible to most designers and likely require state-sponsored investment). These weaknesses are also a security strength; they act as “waypoints” in the supply chain that are limited and manageable.

Regulation has a high probability of being implemented along the following lines:

a: Chip design chain of custody. 

Who designed a chip, when, where and why?  Documentation of this chain required as a security record for all fabs producing products for anyone.

b: Chip design/architecture “declaration of design intention”.  

This could be a signed off document stating exactly the functions enabled by a chip and submitted to regulation authorities, subject to audit.  This would be akin to a license to produce and would require the design entity, the mask manufacturer and the chip fabrication firm to “sign off” on known design intent.

c: Declaration of functional architectural elements.  

This would be a statement, by the chip designer, stating what functional elements are expected to be found in a given chip design.  This would include communications interface types, AI/pattern recognition functions, memory type, presence of RF communications interfaces, GPS capability, crypto encoding/decoding, remote firmware update capability and so forth.


d: Mitigation against alternate use of designs.  

This would be submitted by the chip designer, outlining what, if any, mitigations are built into the design to prevent “off the books” adaptation of the finished chip for another purpose.  An example (going back to the robot vacuum cleaner example) would be to render pattern recognition data and algorithms onboard the system to not be updatable after delivery.

e: Signoff

Development of software tools to check for design intention during the “EDA Signoff Processes” that systematically looks for hardware signatures commonly used for weapons applications.  This would be a ‘signoff scan” as a final step prior to mask making.  EDA manufacturers developing such tools would have an “open line” to the US DoD and similar agencies worldwide to allow for modified and updated scanning as new threats emerge.


7: Compliance

Compliance could include a certification chain from the chip designer all the way to the end chip manufacturer ans system user.  Any “break in the chain” allows for multiple  opportunities to intercept a risky design, be it intentional or not.  Failure to comply could have economic and legal consequences for manufacturers expecting to export products into the US and Europe.  

Risk: In Summary:

Simple knowledge of such a design chain will inform chip architects, up front , to design against unintended or “off the books” use.  Multiple “gates” between the designer and the end product. The goal: “certified safe design” designation.

Holding manufacturers responsible for ultimately “knowing what they make” provides for powerful new allies in the quest to prevent the development of lethal “off the books” applications of otherwise useful technologies.

This is a problem that will inevitably arrive at the doorstep of the electronics industry.  Now is a good time to consider its implications and to be prepared.  Doing so will not only provide an edge on managing future supply chain integrity, it will serve a nobler purpose of allowing for the safer use of technologies enabled by the semiconductor industry.



John P. Kent

Garnet Peak Associate, LLC

December, 2022

Expect more regulation, and verification, of design content and design intent.

Architects, designers and fabricators will he held to higher standards of accountability for design intent in the future. Be prepared.