From the IEEE 1735 working group:
A paper was published in September 2017 that exposes weaknesses in the IEEE 1735-2014 standard. The paper has identified actual vulnerabilities, some of which may exist in certain IP and certain EDA software.
We take these findings seriously and have both short-term recommendations and long-term plans.
For the short term, we present these best practices that can be applied immediately:
For IP publishers:
-
Secure your distribution. By making your IP available only to your customers, it is less likely to fall into the hands of hackers.
-
Attach an end-user license agreement. Your customers are then contractually bound to use the IP as intended.
For IP users:
-
Secure your supply chain. By verifying that your IP comes from its publisher, you can be confident that no malware was inserted by a third-party.
For the long term, we will be reactivating the IEEE 1735 Working Group with the goal of publishing a revision to the standard that addresses the weaknesses identified in the paper along with other technical improvements.