Go Back
By Industry
By Technology
Synopsys Cloud
Synopsys Cloud

Cloud native EDA tools & pre-optimized hardware platforms

Request a Free Trial →
Multi-Die System Solution
Multi-Die System Solution

A comprehensive solution for fast heterogeneous integration

Discover Multi-Die →
View All Solutions →
Explore Silicon Design, Verification & Manufacturing

Synopsys is a leading provider of electronic design automation solutions and services.

Families
Optical Design
Photonic Design
Design
3D Image Processing
Verification
Modeling & Simulation
Manufacturing
Try Synopsys Cloud
Synopsys Cloud

Unlimited access to EDA software licenses on-demand

Request a Free Trial →
Explore Silicon IP

Synopsys is a leading provider of high-quality, silicon-proven semiconductor IP solutions for SoC designs.

Interface IP
Processor IP
Analog IP
Memories & Libraries
SoC Architecture
Security IP
SoC Infrastructure IP
IP Accelerated
IP Markets
Synopsys IP Portfolio Cover
Synopsys IP Portfolio
Download Brochure →
Synopsys IP Technical Bulletin
Read Latest Issue →
Explore Application Security

Synopsys helps you protect your bottom line by building trust in your software—at the speed your business demands.

Integrated AppSec Solutions
Software Risk Analysis
AppSec Program Services
Your guide to securing your open source supply chain
Your guide to securing your open source supply chain
Read the report →
View All Products →
Company Overview
Resources
SNUG 2024 | Synopsys
SNUG 2024

Synopsys User Group Conference

Learn more →
Synopsys Job Search Thumbnail
Pursue Your Passion

Start Your Job Search

Apply Now →

Security for Cloud-Based Chip Design & Verification Tools 

Venkata Ravella, Wagner Nascimento

Mar 08, 2022 / 5 min read

Table of Contents

Synopsys Cloud

Unlimited access to EDA software licenses on-demand

Start Free Trial

While an array of industries began migrating their functions and processes to the cloud years ago, the electronic design community has taken a more guarded approach. It’s no wonder, given the valuable intellectual property at stake. However, it hasn’t taken long for the chip industry to recognize that the benefits of cloud-based design flows, particularly when bolstered by robust security, are too attractive to pass up.

Semiconductor design has long been driven by exacting quality requirements and aggressive time-to-market targets, with burgeoning costs infringing upon the bottom line. What’s more, emerging applications in compute-intensive areas such as artificial intelligence (AI) and high-performance computing (HPC) continue to place enormous pressure on chip designs. And the push continues for reduced cycle times for chip design and verification.

Cloud-optimized electronic design automation (EDA) solutions alleviate these challenges, while providing an avenue for continued innovation even as Moore’s law slows. The key advantages?

  • Faster time to results, as the cloud opens vastly more compute resources to accelerate design and verification processes, compared to running EDA solutions on an on-premises data center. In addition, engineers also benefit from the flexibility to quickly scale up or down their resources based on a project’s needs.
  • Enhanced quality of results, as the virtually unlimited compute resources of the cloud mean that engineers can pursue the massive simulation, timing signoff, and physical verification tasks that would severely strain on-premises compute resources.
  • Better cost of results, as the cloud delivers access to the latest compute and storage resources when they are needed, with flexible pay-as-you-go pricing models.

As attractive as these advantages are, cloud-based chip design and verification cannot thrive without the highest levels of security. In this blog post, we’ll take a closer look at how EDA vendors are building trust in their cloud-optimized solutions via modern cloud security and cloud-native processes and technologies.

System Protected

A Shift Left on Cloud Security

Above all, chip designers want to be sure that their designs and their IP are safe in the environment in which they’re working. It’s imperative that as we transition chip design and verification flows into cloud environments, we also embed security in all aspects of the software development lifecycle, infrastructure, and platforms.

Typically, cloud providers operate under a shared responsibility model. Security of the cloud, such as the data centers, is the provider’s responsibility; as such, it’s in their best interest to build in security from the ground up in their infrastructures and applications.

Cloud service providers are responsible for the security of the underlying cloud infrastructure, such as physical security of the environment, security of the hypervisor for the compute, network security of the multi-tenant software-defined network environment, and security of the provided applications/services used for management of certain operations. Cloud customers are responsible for securing workloads such as infrastructure setup, network security within the environment, ingress/egress control, and application security.

If you’re considering best practices, much of this comes down to a shift left: putting security at the inception phase of a project and integrating security into all aspects of the environment. When building the cloud infrastructure, for instance, the architects should have answers to several key questions:

  • How will we segment the environment?
  • How will we monitor and manage access?
  • How will we ensure compliance to the requirements put into place?
  • How will we protect data when it is in cache, in storage, and in transit?

At the application level, it’s essential to scan the code for security vulnerabilities throughout the software development lifecycle. Access to the applications should be controlled as well as secured via techniques such as multi-factor authentication. Establishing different levels of data classification, along with associated access permissions, may be appropriate. Cloud workload protection should be applied to virtual machines and containers, with monitoring for critical vulnerabilities.

Try Synopsys Cloud Banner

Cloud Security By Design

Synopsys offers our expansive portfolio of design and verification solutions in the cloud, backed by our commitment toward security. The silicon design solutions are production proven on major public cloud platforms and also endorsed by major semiconductor foundries to work with their libraries and process design kits. The verification solutions can accelerate software bring-up and system validation.

Our cloud security pillars provide an end-to-end approach for our cloud-optimized EDA and IP solutions as well as for customers who are migrating their own software or applications to the cloud. The pillars address these key areas:

  • Identity and access management via multi-factor authentication enforcement and role-based access control and permissions
  • Data, which involves encryption of all sensitive information in transit and at rest, and the use of secrets and certificates
  • Infrastructure, which includes monitoring cloud environments for security threats and misconfigurations; protecting virtual machines and containers in the public cloud and throughout the software lifecycle; providing vulnerability scanning on virtual machines and containers; and reducing the attack surface through restrictions on network traffic and other access controls
  • Applications, which includes secure continuous integration (CI)/continuous delivery (CD) DevSecOps to develop and implement security controls into the cloud service delivery pipeline, application code scanning for vulnerabilities using static application security testing (SAST) and dynamic application security testing (DAST), open-source vulnerability scanning, and penetration testing
  • Threat and vulnerability management, which involves the scanning of the assets and insights into a vulnerability management and patching program.
  • Incident response, which provides secure logging and monitoring, threat intelligence services, documented and tested runbooks, and resources for escalations, logging, and monitoring, which involves cloud activity logging, sign-in and audit logging, and correlation with log sources for improved situational awareness
  • Compliance and governance, which involves assurance on industry certification and validation, as well as attestation to the effectiveness of controls

Synopsys as Security Differentiator

Our innovative tools offer advanced protection against vulnerabilities. And we're uniquely positioned to provide these products built with security in mind from the start because we use the entire suite of Synopsys security tools and services.

Given Synopsys investments in security solutions, including offerings like our Black Duck® and Coverity® technologies, we have the expertise in house to understand where data breaches occur, to assess source code and application weaknesses and vulnerabilities, and to mitigate security issues. We also work closely with cloud providers to ensure that our mutual customers feel confident running their designs on our cloud-based tools.

A New Avenue for Semiconductor Innovation

How Cloud Network Security Works | Synopsys

When it comes to cloud adoption, the finance industry offers some parallels to the electronic design industry. Given the sensitivity of financial data, it's no wonder that this sector also was slow to migrate to the cloud. But once big banks began doing so, others in the industry followed. The semiconductor design industry looks to follow a similar trajectory as more and more designers experience the benefits of designing and verifying chips in the cloud.

Cloud-based chip design and verification bring the flexibility in compute resources for better results and faster turnaround time. With chips growing in complexity and size, particularly for demanding applications like AI and HPC, the cloud provides a welcome and secure avenue for greater productivity and innovation.

Continue Reading

Cisco Accelerates Project Schedule by 66% Using Synopsys Cloud

Cisco Accelerates Project Schedule by 66% Using Synopsys Cloud

Anuj Pant
By Anuj Pant

Apr 18, 2024 / 2 min read

Tags: Customer Spotlight, Cloud, Chip Design Insights, Design, Physical Implementation, Signoff
Achronix Achieves 5X Faster Physical Verification for Full SoC Within Budget with Synopsys Cloud

Achronix Achieves 5X Faster Physical Verification for Full SoC Within Budget with Synopsys Cloud

Anuj Pant
By Anuj Pant

Apr 11, 2024 / 2 min read

Tags: Customer Spotlight, Cloud, Chip Design Insights, Verification
Mentium Accelerates Tape-out of AI Accelerator Chip for Space Applications on Synopsys Cloud

Mentium Accelerates Tape-out of AI Accelerator Chip for Space Applications on Synopsys Cloud

Anuj Pant
By Anuj Pant

Apr 04, 2024 / 3 min read

Tags: Customer Spotlight, Cloud, Chip Design Insights, Optical
TetraMem Delivers RISC-V AI Accelerator Tape-Out in Record Time on Synopsys Cloud

TetraMem Delivers RISC-V AI Accelerator Tape-Out in Record Time on Synopsys Cloud

Anuj Pant
By Anuj Pant

Mar 27, 2024 / 3 min read

Tags: Customer Spotlight, Cloud, Chip Design Insights, Design
A Fast and Seamless Way to Burst to the Cloud for Peak EDA Workloads

A Fast and Seamless Way to Burst to the Cloud for Peak EDA Workloads

Vikram Bhatia
By Vikram Bhatia

Mar 20, 2024 / 3 min read

Tags: Cloud, Product Spotlight, Chip Design Insights, Design, Verification
NeuReality Accelerates 7nm AI Chip Tape-Out with Cloud-Based Emulation

NeuReality Accelerates 7nm AI Chip Tape-Out with Cloud-Based Emulation

Idan Berko
By Idan Berko

Mar 18, 2024 / 4 min read

Tags: Customer Spotlight, Cloud, AI & Machine Learning, Chip Design Insights, Verification