what is traceability?
March 31, 2021

Why Is Traceability Important?

IP Lifecycle Management

Why is traceability important in design and development processes? Many organizations in the semiconductor industry view traceability as essential to meeting regulatory compliance in their industry or minimizing risk.

In this blog, we discuss the importance of traceability by examining four real examples of where a lack of traceability caused issues for organizations, in some cases proving very costly. In addition to identifying why traceability is important, we also share suggestions for prioritizing and improving it. 

Related Reading 📖 What Is Traceability?

Back to top

Why Is Traceability Important?

Traceability is important because it ensures quality, manages the impcat of change, and mitigates security risks. In many industries, traceability is also important because it helps organizations meet compliance laws. 

Back to top

Examples: Why Traceability Matters

Semiconductor Manufacturer

In the first example of why traceability is important, a bug had affected processor cores. This company produces a family of processors, and in a given family, all of the processors have much of the same technology, with adjustments for different functionalities.

The way the bug worked was that there was a vulnerability in the IP itself, deep in the IP design, allowing unauthorized agents to change the values inside of the processor and open it to attack.

After the bug hit one of the processors, the problem was identified and a patch was issued. The fundamental issue, however, is they had no idea where else that IP was used. Sure enough, two weeks later, the same bug hit another processor in the family with the same issue, and another processor two weeks after that.

After finding the bug, the team lacked the traceability to understand what other designs could possibly be vulnerable. This ultimately cost a loss in market cap of nearly $1 billion, as well as C-suite turnover.

In another example illustrating the importance of traceability at this same company, an issue arose from hardware and software configuration — certain versions of software only work with certain versions of hardware.

A bug was found in the embedded software code for one family of products. To remedy this, they re-released the software. The issue was that the underlying IP in the software used a fundamentally different version of the processor than others. This resulted in effectively killing the other processors, as they needed their own software builds.

With greater traceability, there would've been a better understanding of the configuration between hardware and software. The organization would've identified what IP versions were needed for processors to function.

Semiconductor and Computer Software Manufacturer 

A U.S.-based engineer was working on designs that could only be accessed in the United States. Whether working from the office or working from home, there were no issues.

The engineer traveled on business to one of their overseas locations. When they opened their computer on the network, everything they had been working on in the U.S. was leaked overseas.

In this scenario, the employee was just doing their everyday work. But without traceability, there was no way to flag the workspace on their laptop as being populated with that IP while they were abroad, so there was no way to prevent IP leakage.

Learn How to Secure Your IP

iP leaks can cost millions. Our white paper identifies common IP risk factors for organizations, plus how to use Helix IPLM features like geofencing, permissions management, and IP hierarchies to make your files more secure. 

Get White Paper

Telecom Company

The IP at this company is hierarchical, with IPs built on top of other IPs, with lower-level IPs integrated into those above them.

The issue here was one IP that was restricted and could only be used in the United States. During design integration, someone used that IP to build another IP, which later was used in a higher-level IP.  The restricted IP was buried deep in the hierarchy. Unfortunately, its security restrictions were never propagated to the higher-level IP in the design.

Everything else about the design was fine, it could be brought anywhere in the world, but since that one IP was restricted it got lost in the complexity of the larger IP. Through no nefarious purposes, that IP was shared overseas, exposing this IP and creating a security violation.

Without traceability, there was no way of knowing that the IP should have inherited the properties of the IPs below it, which was further muddled by design complexity. 

Back to top

Prioritize Traceability Importance With Helix IPLM

The common thread in all of these scenarios is in each instance they lacked not only the traceability needed for the design IP, but also the metadata — the who, what, when, where, why,  and how of their IP.

You need to understand all aspects of your IP: who is developing it, where it’s being used, what version is being used, etc. Without this knowledge, innocent, common mistakes can open your company up to IP security and business risks that could cost millions.

Helix IPLM (formerly Methodics IPLM) provides traceability of design IP and associated metadata, helping companies avoid costly mistakes.

Get in touch with one of our experts today. We’ll provide you with white papers and other resources and explain how Helix IPLM's comprehensive traceability will help your business.

Talk to an Expert

Related Reading

Explore additional semiconductor topics:

Back to top