Lightweight Authenticated Integration and In-Field Secure Operation of System-in-Package

System in Package (SiP) relies on integrating different chiplets potentially involving many third-party devices and chiplet foundries. This type of advanced packaging technology opens up numerous threat scenarios, especially: (a) the inauthentic and untraceable integration of chiplets into a SiP, (b) the insecure integration of malicious chiplets, which leads to a severe impact on the SiP security in the field. The current solutions require many hardware cryptographic primitives, making them costly and power-hungry. Therefore, a new lightweight solution is needed to ensure secure chiplet integration and secure SiP operation. In this article, we deal with these problems and introduce iTrustlet, as a combination of a physical unclonable function and an authenticated encryption scheme to ensure an authenticated and traceable chiplet integration. We propose a chiplet integration protocol based on iTrustlet and a classical root-of-trust (RoT) to ensure the integrated chiplets are unaltered and unreplaced. To guarantee SiP in-field security, iTrustlet with a hardware firewall (HWF) is proposed. Their interaction leads to two security features: (i) HWF provides a SiP protection mechanism, and (ii) iTrustlet secures the update of HWF rules. In particular, we provide a multilevel solution centralized around iTrustlet, focusing on lightweightness. The implementation results show that area and power overheads are 1.24% and 1.84% in the case of FPGA and 0.49% and 1.2% for ASIC implementation.