1. Home
  2. Field-Programmable Gate Arrays
  3. OT: Design security

OT: Design security

Lately I've been wondering about what companies might do for design security. The question/concern has to do with team-based design work within the context of today's world where the Internet, wired and wireless networks, recordable DVD/CDR, portable hard-drives and even keychain memory sticks make it possible to move and/or have access to huge amounts of information with significant ease.

The issue doesn't even have to assume maliciousness. A typical scenario might include an engineer wanting to bring work home to put in a few more hours into a difficult problem. This is not malicious, but it does move company IP out of a "secure" environment.

Of course, if you assume ill intent, the scenarios abound.

In general, are there simple approaches that are effective in controlling the potential exodous/migration of valuable project sources and data? This, of course, does not apply to FPGA's alone, but rather a wide range of documents and files in a development group's systems. What do companies that outsource to far-and-away places do about this?

Thanks,

-Martin

Reply to
Martin
Loading thread data ...

My approach to this problem where I do carry my current projects around on a usb flash memory stick is to encrypt all the files with pgp which basically means that if I do loose the thing or have it stolen at anytime no data falls into the wrong hands and I simply use my back-up data and carry on from before.

Reply to
Jezwold

I think Nick Weaver recently suggested the best method. Sue anyone who steals your stuff. It's illegal. Cheers, Syms.

Reply to
Symon

The original poster asked a different question. The question is maintaining confidentiality/security of the design process, not of the resulting (sold) product. This is often very annoying and very difficult.

--
Nicholas C. Weaver.  to reply email to "nweaver" at the domain
icsi.berkeley.edu
Reply to
Nicholas Weaver

Reply to
Symon

Actually, tehy often have VASTLY different answers.

Physical/corporate security is a PITA, depending on one's level of paranoia.

for the properly paranoid, working at home is definatly NOT allowed.

--
Nicholas C. Weaver.  to reply email to "nweaver" at the domain
icsi.berkeley.edu
Reply to
Nicholas Weaver

I'm not sure that paranoia is involved here, but rather, reality. Yes, paranoia might be an element, but not an overwhelming one, at least in my opinion. The question I posed might be considered a mental excercise rather than a quest for a full solution. I know that the real solution would be horribly complex and constraining from just about every angle. We are talking government-grade security with threat of prison...and even that doesn't work 100% of the time.

An example of reality might be hiring an offshore team for some design work. How can you even approach securing that design? I don't think that it is possible.

As a small company, I must admit, from time to time there exists a concern about having valuable design data that should be private become exposed to "the elements". Not necessarily maliciously, but rather, accidentally.

Example: You travel to a conference for a few days and take your laptop along to continue working on the project. You forget that you have some shares enabled. Upon plugging into the hotel's network your files are exposed to other industry folk staying at the same hotel.

The ONLY experience we've had with "data migration" did not involve design files but rather a $10K CAD system software that was stolen (CD duplication) by an engineer on his way out. For a small company this is quite painful. Taking someone to court over this is both expensive and futile. What are you going to do, make the guy erase all of his copies? Impossible.

Anyhow, it would be interesting to find a simple methodology to enhance design security rather than to lock down all avenues of escape. One such idea is to use a encrypted file system.

formatting link
has a bit of information on Windope's EFS. It seems to me that this might (and a big "might") serve to prevent simple copies of files onto various media (or transmission --hotel scenario--) from being of any use. Of course, we have to remember that we are dealing with engineers here...

-Martin

Reply to
Martin

Dont fall into the trap of thinking that just because you are working with engineers they will be able to circumvent any security system,certainly there is no easy way of stopping data walking out of an office.or being e-mailed out of an office ,so you have to minimise the cost of the loss of that data or the cost of that data being known to a competitor.You could not allow your engineers to go home or use the phone or use the internat and your design would remain secure.

Reply to
Jezwold

Reply to
Symon

The only shackles and chains I had around were already chaining me to my desk, so that couldn't be it! :-)

I gather from the responses that design work security either isn't a significant issue (BTW, it has NOT been for me) or that no sensible approach exists. By "sensible" I mean anything that does not adversely affect work and creativity.

-Martin

Reply to
Martin

The only 'sensible' approach is to get people into the habit of using strong encryption of sensitive data when travelling,using something like pgp,anything else just shows a lack of trust.

Reply to
Jezwold

It is an issue. However you have to define first who you want to deter. There are chips with a security bit. I'd assume it to be crackable with sufficient effort, say

1 man month and gear for 10k$.

This means you're back at square one.

Rene

--
Ing.Buero R.Tschaggelar - http://www.ibrtses.com
& commercial newsgroups - http://www.talkto.net
Reply to
Rene Tschaggelar

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.