Side-Channel Risks Across Advanced Chiplet Packages (UGA, CNRS)

The Evolution of Semiconductor Packaging: Context and Background

For decades, the semiconductor industry followed Moore’s Law by shrinking transistors on a single, monolithic piece of silicon. However, as the industry approached the physical limits of atomic-scale fabrication, the costs of monolithic scaling began to skyrocket. Yield rates for massive dies—such as those required for modern artificial intelligence (AI) and high-performance computing (HPC)—dropped significantly. To combat this, manufacturers shifted toward "chiplet" architectures.

In a chiplet-based system, a large processor is broken down into smaller, functional blocks (dies) that are manufactured independently and then interconnected using advanced packaging techniques. This allows for heterogeneous integration, where a high-performance CPU core made on a 3nm process can be paired with an I/O controller made on a more cost-effective 14nm process. Technologies such as 2.5D integration (using a silicon interposer) and 3D integration (stacking dies vertically) have become the gold standard for companies like AMD, Intel, and NVIDIA.

While these architectures offer major benefits in terms of modularity, yield, and performance, they also introduce new physical attack surfaces. Traditionally, hardware security relied on the physical isolation of components. In a 2.5D or 3D package, that isolation is reduced to microns, creating an environment where electromagnetic (EM) interference and power fluctuations can easily cross from one chiplet to another.

Chronology of the Research and Technical Milestones

The research conducted by Giorgio Di Natale and his team at Grenoble marks a pivotal moment in the timeline of hardware security. The study, published in May 2026, follows a decade of increasing concern regarding the security of the global semiconductor supply chain.

• 2015–2018: The industry begins a massive shift toward chiplet-based designs for server-class processors to mitigate the "reticle limit" of monolithic manufacturing.
• 2020–2022: Initial theoretical papers suggest that 3D stacking could lead to thermal and power-based side channels, but experimental proof remains limited to lab-controlled monolithic environments.
• 2023–2025: The rise of third-party chiplet marketplaces creates a "mix-and-match" ecosystem. Security experts warn that a malicious or "trojan" chiplet could be introduced into a package.
• May 2026: The Grenoble team releases their findings, providing a formalized adversary model and experimental evidence that a standard communication chiplet can be used to spy on its neighbors within the same package.

This chronology illustrates a move from theoretical concerns to a demonstrated, practical threat that must be addressed by architects of the next generation of integrated circuits.

Mechanics of the Cross-Chiplet Attack

The core innovation of the research lies in the "Internal Observation Platform" (IOP) concept. The researchers identified that many modern systems-in-package (SiP) include chiplets dedicated to communication. These might include RFID-like elements, Near Field Communication (NFC) controllers, or high-frequency antennas designed for contactless data transfer or diagnostic testing.

Under normal operating conditions, these components facilitate data flow between the chip and the outside world. However, the researchers discovered that these interfaces are highly sensitive to the electromagnetic environment inside the package. Because the victim chiplet (which may be performing cryptographic operations) and the spy chiplet (the communication interface) are housed in such close proximity, the spy chiplet’s antenna or coupling structure inadvertently picks up the "noise" generated by the victim’s transistors.

The Side-Channel Vector

Side-channel attacks (SCA) do not target the software code or the mathematical strength of an algorithm. Instead, they target the physical implementation. When a processor performs a calculation, it consumes power and emits electromagnetic radiation. By measuring these fluctuations, an attacker can mathematically reverse-engineer the data being processed—such as an encryption key.

In the Grenoble experiment, the researchers showed that the signals captured through a communication-oriented interface were highly correlated with the activity of a neighboring victim chiplet. This means an attacker does not need to physically probe the chip with expensive lab equipment; they can simply use the existing, built-in communication hardware to "listen" to the internal secrets of the system.

Supporting Data and Experimental Feasibility

The technical paper provides empirical data to support the feasibility of this "spying" mechanism. The researchers utilized a setup mimicking a 2.5D integrated system where a "victim" die executing a standard Advanced Encryption Standard (AES) algorithm was placed adjacent to a "spy" die equipped with a contactless coupling structure.

Key findings from the experimental data included:

1. Signal Correlation: The researchers observed a Signal-to-Noise Ratio (SNR) sufficient to extract cryptographic keys with a relatively low number of traces compared to traditional external EM attacks.
2. Proximity Impact: In 3D stacked environments, the vertical proximity (often less than 50 micrometers) enhanced the signal strength of the leakage by nearly 40% compared to 2.5D horizontal arrangements.
3. Bandwidth Exploitation: The high-bandwidth nature of modern chiplet-to-chiplet interconnects (such as Universal Chiplet Interconnect Express or UCIe) provides a fertile ground for high-resolution side-channel sampling.

The study concludes that the "air gap" traditionally assumed to exist between functional blocks is effectively non-existent in advanced packaging. The physical properties of the materials used in interposers and bonding—while excellent for thermal and electrical conductivity—are also excellent at propagating the leakage signals required for an attack.

Potential Industry Reactions and Official Responses

While formal responses from major semiconductor foundries are typically guarded, the implications of this research are expected to trigger a wave of redesigns in the "secure-by-design" hardware community. Industry analysts suggest that the findings will force a re-evaluation of how third-party chiplets are vetted.

Projected Reactions from Key Stakeholders:

• Foundries and Packaging Houses: Entities like TSMC, Samsung, and Intel may need to develop new types of "EM shielding" layers within the interposer itself to dampen signals between chiplets.
• Standardization Bodies: The UCIe (Universal Chiplet Interconnect Express) Consortium may be pressured to include physical-layer security protocols that account for unintended EM emissions.
• Government and Defense: For high-security applications, the reliance on a global supply chain for non-critical chiplets (like I/O or power management) may be viewed as a significant liability. The research suggests that even a "dumb" I/O chiplet could be a gateway for a sophisticated attack.

Security analysts have noted that this research "democratizes" side-channel attacks. Previously, extracting EM leakage required sophisticated probes and proximity to the chip surface. Now, if the "probe" is already inside the package, the barrier to entry for an attacker is significantly lowered.

Broader Impact and Future Implications

The discovery of cross-chiplet spying has profound implications for the future of computing. As the world becomes increasingly reliant on AI accelerators—which often use HBM (High Bandwidth Memory) stacked directly on top of logic dies—the surface area for these attacks will only grow.

The Trust Model of the Supply Chain

The primary challenge introduced by this research is the erosion of the "Trust Model." In a monolithic chip, the designer has total control over the silicon. In a chiplet ecosystem, a system integrator might buy a CPU from Company A, a GPU from Company B, and a wireless interface from Company C. If Company C’s chiplet is poorly designed (or maliciously designed), it can compromise the security of Company A’s CPU. This creates a "weakest link" problem in hardware security.

Fact-Based Analysis of Mitigation Strategies

To counter these threats, the research team and subsequent analysts have proposed several mitigation strategies:

1. Active Decoupling: Implementing noise-injection circuits that create "EM camouflage," making it difficult for the spy chiplet to distinguish between actual data and background noise.
2. Physical Isolation: Using specialized materials in the 2.5D interposer to act as a Faraday cage for sensitive dies.
3. Internal Monitoring: Developing dedicated security chiplets that monitor the EM profile of the package and alert the system if an internal component is behaving like an observation platform.

Conclusion

The work by Di Natale and his colleagues serves as a stark reminder that as architectures become more complex, the physical laws governing them remain unchanged. The very features that make 2.5D and 3D systems efficient—high-speed communication and dense physical integration—are the same features that enable "Spying Across Chiplets."

As the industry moves toward the "trillion-transistor era," the focus must shift from merely increasing performance and yield to ensuring that the boundaries between components remain secure. The "Spying Across Chiplets" paper is likely to be cited for years to come as the foundational document that forced the semiconductor industry to treat the internal environment of a package not just as a thermal and electrical challenge, but as a critical security frontier. The May 2026 findings indicate that the next generation of hardware security will not be fought on the software level, but in the microscopic spaces between the silicon itself.