Technologies for Ensuring the Security of the Artificial Intelligence Chip Supply Chain: A Working Paper

Key Chapter Title List

1. Executive Summary
2. Introduction
3. Hardware-Enabling Mechanisms
4. Challenges and Opportunities
5. Recommendations for Policymakers
6. Appendix: Hardware Security and Hardware-Enabling Mechanism Proposals
7. About the Authors
8. Introduction to the Technology and National Security Program
9. Acknowledgments

Document Introduction

Advanced artificial intelligence systems, built and deployed using specialized chips, demonstrate immense potential in driving economic growth and scientific progress. However, they have also sparked extensive discussions among U.S. policymakers regarding associated risks, leading to the implementation of comprehensive export controls on AI chips and semiconductor manufacturing equipment to China.

Nevertheless, current AI chip export controls suffer from several deficiencies. On one hand, the controls are difficult to target precisely. Exporters and the U.S. Department of Commerce lack reliable means to track the end-users and purposes of chips after export, often resorting to broad-brush approaches that impose significant burdens on exporters and end-users. On the other hand, enforcement is challenging. Malicious actors can circumvent entity list scrutiny by rapidly establishing shell companies, while investigations and blacklisting processes often take years. Furthermore, the rapid iteration of AI technology necessitates continuous expansion of the export control scope, exacerbating these issues.

Hardware-Enabling Mechanisms (HEMs), as security components embedded within data center AI hardware, offer a new pathway to address the aforementioned problems. Such mechanisms are already widely used across various fields including defense, consumer electronics, and commercial AI—examples include the Secure Enclave in Apple iPhones and chip verification systems in Google data centers. Well-designed Hardware-Enabling Mechanisms can effectively detect and curb the smuggling of AI chips to China, enable more targeted export controls, reduce the risk of de-Americanization in the chip supply chain, and provide reliable governance and security solutions while safeguarding privacy.

The report provides a detailed analysis of specific Hardware-Enabling Mechanism application scenarios—such as location verification, computational cluster size limitations, and offline authorization—and their corresponding policy objectives. It also points out the challenges and opportunities HEMs face in areas like design, security protection, and technical implementation. Based on this analysis, the report offers three core recommendations to U.S. policymakers: accelerate HEM and hardware security R&D through direct funding and public-private partnerships; create industry R&D incentives through conditional export licenses; and further refine AI hardware security standards to harmonize industry security features. These recommendations aim to promote Hardware-Enabling Mechanisms as effective governance tools for balancing national security, economic competitiveness, and privacy protection.