India's semiconductor industry, while quickly evolving, remains fabless, designs are created in India, but real production takes place elsewhere. This reliance on foreign foundries raises serious security concerns, particularly as India's technology sector grows and becomes more integrated into global supply chains. While Taiwan Semiconductor Manufacturing Company (TSMC) is a reliable partner, the dependency shows flaws in the semiconductor supply chain.
Shashwath TR, CEO and founder of Mindgrove Technologies, a Chennai-based business that designs and manufactures Systems on Chips (SoCs), sheds light on these concerns in a conversation with AIM. "When I send our design to a foundry, I am trusting them with our intellectual property," Shashwath told AIM, emphasising the importance of trust in the manufacturing process.
Mindgrove Technologies, founded in 2021, has quickly emerged as a leader in India's semiconductor design market. Sequoia Capital India (formerly Peak XV Partners) and other investors contributed USD 2.32 million to the company's early round. Mindgrove revealed India's first commercial high-performance SoC, Secure IoT, in May, with production slated to begin next year. The chip is manufactured using Multi-Project Wafer (MPW) technology, which allows for low-volume prototype and production.
However, outsourcing chip fabrication to overseas foundries such as TSMC has inherent risks. There are two main concerns- design theft and intentional manipulation. While design theft necessitates extensive state-level skills, tampering may involve minor changes, such as adding backdoors or weaknesses into the semiconductor design.
"As far as stealing the design is concerned, it's really hard to do—it takes a state actor," Shashwath said, emphasising the high degree of skill necessary to extract a chip design after manufacturing. Despite foundries' claims, the possibility of tampering exists, which is why stringent verification techniques, such as non-functional verification, silicon validation and thorough testing, are required.
Even after manufacture, dangers remain. The One-Time Programmable (OTP) memory, which holds crucial cryptographic keys, is not programmed until the packaging step. This introduces additional vulnerability, if compromised, the entire chip might be deemed vulnerable. "An insecure root key can be provisioned on that chip, which makes the entire chip insecure," according to Shashwath.
Addressing these issues requires strong government rules and industry standards. Agencies such as India's Ministry of Defence and Ministry of External Affairs frequently require additional security measures for chips used in sensitive applications. Shashwath emphasised the importance of industry-wide consensus, pointing out that start-ups such as Netrasemi and Sima, as well as global heavyweights such as AMD, Intel and Qualcomm, share similar concerns.
In the future, PSMC and Tata Electronics' plans to develop indigenous fabs by 2026 represent a substantial step towards reducing reliance on foreign foundries. "When it comes, it will be fantastic. We want to be able to use a completely local supply chain," Shashwath added, expressing confidence in India's potential for a more secure and self-sufficient semiconductor sector.
However, he is realistic about India's current capabilities. "We have to learn to walk before we can run, before we can fly," Shashwath said, recommending that India prioritise consumer electronics and smart gadgets above more sophisticated fields such as supercomputing. As the industry grows, safeguarding the supply chain will be critical to India's success on the global arena.