2.5D Root of Trust: Securing the Chiplet Ecosystem

Abstract

The semiconductor industry is rapidly transitioning from monolithic systems-on-chip toward heterogeneous, multi-vendor 2.5D chiplet ecosystems integrated via silicon interposers. While this paradigm shift offers immense benefits in yield, cost, and time-to-market, it radically expands the attack surface. Integrating chiplets from untrusted foundries and design houses introduces vulnerabilities to hardware Trojans, IP piracy, and system-level communication exploits. Critically, chip-level security features and conventional Root of Trust (RoT) proposals are insufficient in this context: any component, including the interconnect fabric itself, may be sourced from an untrusted vendor. This perspective paper surveys state-of-the-art security strategies for interposer-based 2.5D integration, focusing on three threat categories: interconnect attacks (snooping, spoofing, and man-in-the-middle), cache coherence exploits including complex forging attacks, and microarchitectural side-channel threats. We examine design-time defenses via 2.5D split manufacturing and, more crucially, runtime defenses that establish an active interposer as a physically isolated 2.5D RoT. By embedding so-called transaction monitors and coherence message checkers within the trusted interposer fabric, the system enforces memory access permissions by construction and neutralizes coherence-level attacks without need for modifying/securing the commodity chiplets. Finally, we review the EDA flows required to realize these defenses and show they concurrently improve power and signal integrity while reducing overall system footprint.