There are many conferences devoted to security related issues and we have all read about Meltdown and Spectre, I suspect. There are some security risks which may not have gotten extensive global attention like A2 which is an analog attack exploiting an almost hidden capacitor. The Electronic Design Automation industry has even had exploits documented in conference papers that show how encrypted design and verification IP can be made visible, for which the standards team is now hard at work to address.
And for embedded systems we have accepted a certain level of risk when it comes to integrating third-party IP into our SoC devices. Modern SoC designs gain productivity leverage when they can be designed with silicon IP that comes from multiple sources, from sources that have expertise in those particular blocks. Who do you use and trust for your memory controllers, protocol interface handlers and the like? In order to build the best SoC, we seek out the highest quality silicon IP to be part of our SoC’s.