Despite stiff export controls on the legitimate sale of AI accelerators to China, stemming the flow of gray market GPUs streaming into the Middle Kingdom remains a point of concern for American lawmakers.
US Senator Tom Cotton (R-Ark) on Friday revealed his bright idea for stopping chip smugglers in their tracks: What if we just built tracking devices into the chips? That way we’d know right away if they ended up somewhere they shouldn’t.
That’s the gist of the Chip Security Act [PDF] Cotton introduced, which require the Secretary of Commerce to mandate that any exported advanced chips or products containing them be equipped with a “location verification mechanism” within six months of the bill passing – which we emphasize has not happened yet.
It would also require licensed exporters to report to the Bureau of Industry and Security if they learn that chips have been diverted, misused, or tampered with, including efforts to disable or spoof the tracking tech.
“We must do better at maintaining and expanding our position in the global market, while safeguarding America’s technological edge. With these enhanced security measures, we can continue to expand access to US technology without compromising our national security,” said Cotton in a canned statement.
The bill doesn’t say exactly how these tracking devices would work. It defines the “chip security mechanism” as “software-, firmware-, or hardware-enabled security mechanism or a physical security mechanism.”
Initially, the bill gives the Secretary of Commerce flexibility in how location tracking requirements are implemented, so long as the selected methods are feasible and appropriate at the time of enactment.
“Not later than 180 days after the date of the enactment of this Act, the Secretary shall require any covered integrated circuit product to be outfitted with chip security mechanisms that implement location verification, using techniques that are feasible and appropriate on such date of enactment,” the bill reads.
Long term, the bill would direct the Secretary of Commerce, in coordination with Defense, to explore potential chip security mechanisms within a year of passing, and periodically establish specific requirements chip designers would have to meet in the years that follow.
As it currently stands, the proposed bill is worded so vaguely that strapping an Apple Air tag to a GPU’s heat sink would theoretically satisfy the requirement. The challenge, of course, is implementing the location-tracking functionality in a way that can’t easily be spoofed.
Depending on how the reporting is done, and whether the rules apply to the chips themselves or the assembly as a whole (An HGX or OAM board for example), it’s possible that existing hardware security tech could be enough to satisfy the requirement.
High-end semiconductors are often equipped with unique identifiers or digital signatures. One can imagine a scenario similar to the end of the Cold War, where auditors would occasionally swing by former Soviet states to check that they’re actually decommissioning the nuclear weapons they’d promised. However, in this case, auditors would go around to datacenters checking that the GPUs’ cryptographic signatures match the ones on file.
The Register reached out to AMD and Intel for comment regarding the proposed rules, but had not heard back at the time of writing. Nvidia declined to comment.
While Cotton’s bill does seek to include tracking technology in GPUs, it stops short of recommending the inclusion of backdoors or kill switches, as some have previously suggested. Such a kill switch would enable the US government not just to punish those caught circumventing export controls, but render any chips they might have smuggled useless.
The proposed bill comes just days after the US Commerce Department said it would rescind a controversial Biden-era rule of AI exports intended to crack down on GPU smuggling to China and other nations of concern. ®
