According to the Economist, “The world’s most valuable resource is no longer oil, but data”. Is this the case?Data is the by-product ofmany aspects of recent technology dynamics and is becoming the currency of today’s digital economy. All categories in Gartner’s Top10 Strategic Technology Trends for 2018 (Figure 1) imply the generation, handling and processing of massive amount of data.
On May 25, 2018, the European Union (EU) plans to enact GDPR (General Data Protection Rules) aiming to streamline data privacy laws across Europe and to reshape the way organizations across the region approach data privacy/protection. The regulation biggest change is related to extending the jurisdiction of the GDPR (territorial scope applicability), as it will apply to all companies processing the personal data of data subjects residing in the EU, regardless of the company’s location.
Should we care about data security and protection? Does it have anything todo with design or EDA communities? There are several major reasons we should. Let’s take a look on three aspects:
First, the financial consequence to the business operation for failing to protect or properly handling sensitive data could be detrimental.Breaching GDPR can result in fines ranging from 2% for minor violations (e.g.disorderly recordkeeping) and up to4% of company worldwide revenue or €20 Million (whichever is greater). Such a hefty fine can be imposed for the most serious infringement, e.g. for not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. Hence, many cloud providers such as Amazon (AWS) and Microsoft (Azure) were the first group to embrace steps to prepare for this rule enforcement and have established guidelines to tackle customer data and complying with GDPR. Similar data privacy enforcement is also done in the US by the Federal Trade Commission (FTC), although by means of varying list of imposed rules such as The 1974 Privacy Act, the Fair Credit Reporting Act (for financial domain), the Electronic Communications Privacy Act (consumer proprietary network info).
Second,data has gained increased importance due to the advent of Artificial Intelligence. Machine learning has facilitated more efficient engineering optimization and enhanced business analytics of traditional big data. Today’s cloud computing, network and machine learning have enabled the use of real time data, to augment historical data during active learning to produce optimal results. The entire solution supply-chain will take part in handling the data and share the burden of its safeguarding during and after each access. Within the context of the cloud providers, hardware companies will work with both upstream and downstream vendors to deliver a safe and complete solution. Table-1 highlights approaches used by key hardware companies to protect data.
What about the EDA world? Currently only a few EDA vendors have fully addressed ML implementation.ANSYS integrated ML, cloud access, data mapping and visualization facilities for its array of analysis products such that users could plug-in any further customization on topof its SeaScape stack platform (Figure 2). Solido (now part of Siemen) embedded ML into its characterization product but designated Solido Lab as facility to further collaborate with users. Both examples show approaches that accommodate users data proprietary nature. On the other hand, Cadence and Synopsys designplatforms have many underlying point tools such as synthesis,placement, routing, timing. Some of them had been augmented with ML flavors. However, boundaries introduced by these tools prompt unnecessary needs of frequent correlations, design margining and at times view-format transformations. While both vendors have made headways in aligning the delay computation engines (Cadence Gigaplace engine, Synopsys In-Design approach) non-unified database formats still limit data-flow and hence, optimal optimization with ML. It also has not addressed how to collaborate with users when badly needed data are also proprietary.
Third, sprouting digital ecosystems has blurred the boundary of private,corporate versus public domain data. For example, therapeutic medicine involves the potential use of private data (patient, doctor), public domain (Central Disease Control, county health) or corporate (hospital, insurance).Personal data gathered over time carry enormous value. EU estimates the value of European citizens’ personal data could grow to nearly €1 trillion annually by 2020. Some IT security techniques can be applied to protect the privacy of the data itself (i.e., anonymization– to remove personally identifiable infowhere it is not needed; pseudonymization– to replace personally identifiable material with artificial id; encryption– to encode messages so only those authorized can read it), but may not be sufficient.
In summary, the current digital revolution has produced massive data, crossing many evolving digital ecosystems and requiring all data shareholders to take a role in properly and safely handling them. This vary from revamping a more unified, seamless database platform to the need of collaborations in establishing a more solid data segregation (such as data IP) or standard access protocols.
2 Replies to “Data Security – Why It Might Matter to Design and EDA”
You must register or log in to view/post comments.