Andrew Huang's Blog, page 21

The Ware for May 2019 is shown below.

It’s always tough to calibrate how much of a chip to show to make it identifiable, but not too easy to guess at the same time. Let’s see how this one goes…

The Ware for April 2019 is a roto-molding machine. I’ve seen these machines in various sizes, but this is by far the biggest one I’ve seen to date. It’s used to mold furniture-sized objects. One thing that you don’t get from just watching an animated GIF is feeling the sheer amount of heat coming from the machine. The whole assembly is shoved into a gas furnace and heated so that the plastic is molten, and then taken out to cool over a period of 30-45 minutes, so it can get quite hot around the molds as they cool. Adi guessed this one right away, congrats and email me for your prize!

I’ve gotten a few people asking me where I get my flex PCBs fabricated, so I figured I’d make a note here. I get my flex PCBs (and actually most of my PCBs, except laser-drilled microvia) done at a medium-sized shop in China called King Credie. Previously it was a bit hard to talk about them because they only took orders via e-mail and in Chinese, but they recently opened an English-friendly online website for quotation and order placement. There’s still a few wrinkles in the website, but for a company whose specialty is decidedly not “web services” and with English as a second language, it’s usable.

Knowing your PCB vendor is advantageous for a boutique hardware system integrators like me. It’s a bit like the whole farm-to-table movement — you get better results when you know where your materials are coming from. I’ve probably been working with King Credie for almost a decade now, and I try to visit their facility and have drinks with the owner on a regular basis. I really like their CEO, he’s been a circuit board fabrication nerd since college, and he’s living his dream of building his own factory and learning all he can about interesting and boutique PCB processes.

I like to say the shop is “just the right size” for someone like me — not so big I get lost in the system, not so small that it lacks capability. Their process offering is pretty diverse for a shop their size. In addition to flex PCB, they can do multi-layer flex, rigi-flex, metal cores (for applications that require built-in heatsinking like high power LEDs), RF laminates, and laminated EMI shielding films. They can also do a variety of post-processing, such as edge plating, depth-routing, press-fit holes, screen-printed carbon and custom soldermask and silkscreen colors.

If you’re new to flexible PCBs, check out their FPC stackup page for how to set up your design tool. Flexible and rigi-flex PCBs literally open a new dimension over traditional flat PCB designs — it’s a lot of fun to design in flex!

P.S. I was not paid to write this blog. It’s just that now that King Credie has an English website, I can finally answer the question of “where do you get your PCBs fabricated” with a better answer than “there’s this factory in China … but it’s all in Chinese, so never mind”.

The ware for April 2019 is shown below:

May came up on me quick this year! Happy labour day to most of the world.

The ware for March 2019 is the photoflash unit from a Canon IXY10S camera. I’ll go with Roger Gammans as the winner, for being the first to correctly note the manufacturer. Congrats, email me for your prize! I do find it interesting that different manufacturers can have recognizable styles; every designer leaves a thumbprint in the subtle choices that must be made to navigate a huge decision tree of trade-offs.

Also, I love that the IGBT in that device is rated for 150 amps. :) Of course, the rating is just for a very short pulse, but still, it’s in a TSSOP-8 package!

Good sources of entropy (noise) are an essential part of modern cryptographic systems. I designed a mobile-friendly avalanche noise generator as part of the background work I’ve been doing for the betrusted project (more on that project later). I had to do a new design because the existing open-source ones I could find were too large and power hungry to integrate into a mobile device. I also found it hard to find solid theory pieces on avalanche noise generators, so in the process of researching this I wrote up all my notes in case someone needs to do a ground-up redesign of the system again in the future.

Here’s an excerpt from the notes:

Avalanche breakdown is essentially a miniature particle accelerator, where electrons that enter a PN junction’s depletion region (through mechanisms that include thermal noise) are accelerated across an electrical field, to the point where new electron-hole pairs are generated when these high-energy electrons collide with atoms in the depletion region, creating an amplification cascade with low reproducibility.

An approximate analogy is an inflatable pool filled with water. The height of the pool is the potential barrier of the reverse-biased PN junction. A hose feeding water into the pool represents a constant current of electrons. The volume of the pool can be thought of as the depletion capacitance, that is, the capacitor created by the region of the junction that is void of carriers due to natural drift and diffusion effects. As water trickles into the pool, the water level rises and eventually forms a meniscus. Random disturbances, such as ripples on the surface due to wind, eventually cause the meniscus to crest over the edge of the pool. The water flowing over the edge pushes down on the inflatable pool’s side, causing more water to flow, until the level has reduced to a point where the inflatable pool’s side can snap back into its original shape, thus restarting the cycle of filling, cresting, and breakdown. The unpredictability of when and where the breakdown might happen, and how much water flows out during the event, is analogous to the entropy generated by the avalanche effect in a PN junction.

The electrical characteristic of avalanche noise biased by a constant current source is a “sawtooth” waveform: a linear ramp up in voltage as the capacitance of the depletion region charges to the point where the electric field becomes large enough to initiate the cascade, and then a sharp drop off in voltage as the cascade rapidly discharges the junction capacitance. The cascade then abruptly halts once the field is no longer strong enough to sustain the cascade effect, leading to a subsequent cycle of charging and breakdown.

The site also includes detailed schematics and measurement results, such as this one.

The final optimized design takes this one).

The Ware for March 2019 is shown below.

Thanks to Akiba for donating this ware from his bin o’ busted gadgets!

The Ware for February 2019 is the old circuit breaker on my flat. It’s a classic, perhaps from the 70’s or earlier; the outer case is so weather-beaten, none of the markings are legible except for the rated capacity (40A). The breaker had been getting progressively more fussy, tripping at random times of the day, so it was time for it to go and get replaced with a new one. It’s definitely annoying to have your power go out at random intervals once every couple weeks. Since it was going into the bin, I figured I’d take it apart and see what I could learn from it. Gratz to phantom deadline for guessing it very quickly (again), email me if you’d like to collect another prize!

I recently gave an invited talk about supply chain security at BlueHat IL 2019. I was a bit surprised at the level of interest it received, so I thought I’d share it here for people who might have missed it.

In the talk, I relay some of my personal trials authenticating my supply chains, then I go into the why of the supply chain attacks to establish some scenarios for evaluating different approaches. The talk attempts to broadly categorize the space of possible attacks, ranging from attacks that cost a penny and a few seconds to pull off to hundreds of thousands of dollars and months. Finally, I try to outline the depth of the supply chain attack surface, highlighting the overall TOCTOU (time of check, time of use) problem that is the supply chain.

The main insight is that transparency or openness of design by itself does little to secure a supply chain, because the entire situation is one huge TOCTOU problem. Checking hardware design files, locking down the assembly line, and Fedexing the product to your office is like hashing and signing your source code, running it through a trusted compiler, and then sending the binary unencrypted over the Internet and trusting it because it was “thoroughly checked”.

The inverse analysis is equally daunting: in software, one may copy each binary into RAM, hash and check its cryptographic signature, and run it only if it checks out. For hardware, there is no equivalent of “hash this instance of hardware and check its cryptographic signature” before use: “hashing” hardware involves taking it apart and inspecting every transistor and wire, which is both impractical and likely to render the hardware non-functional.

Thus while open source hardware does engender some benefits for security (such as disclosing μ-state for Spectre side-channel analysis and ensuring no backdoors due to design oversight), it addresses a separate problem domain from supply chain attacks. While an open source hardware phone is arguably more trustable than a closed source one, open source is necessary but not sufficient for it to be trusted.

I do have some ideas on the practical mitigation of supply chain attacks, but they are still a bit too green to blog about. Stay tuned…

The ware for this month is shown below:

One of the ideas of name that ware is to learn by taking apart everyday objects. This one came across my desk under unfortunate circumstances, which lead to me dissecting it and snapping a couple photos to share!

Also, in the pantheon of wires I have known, the wire below holds a special place: it was literally part of me for several months. In fact, if you look very closely, you can still see bits of me attached to the wire.

Most interesting is how my body built a custom cable chase for the wire as the bones healed:

Now if I can only get my robots to learn this trick, it’d save me a lot on zip ties…