Foundational security is one of the important matters when designing systems. In this article, we explained why it is important.
As cyberattacks continue to evolve, pure software security is no longer sufficient. In fact, according to a 2020 Microsoft report, more than 80% of organizations have experienced at least one firmware attack in the last two years. As computing continues to change, such as decentralization from the cloud to geographically dispersed edge computing, it’s important that today’s security is built into hardware as well. From software to silicon, all components play a role in protecting data and maintaining device integrity.
However, the industry faces many challenges, including a lack of physical security. For example, cloud service providers want to provide security from malicious administrators in their data centers. Also, at the edge, the device can be unattended and physically vulnerable. Moreover, distributed workloads are no longer monolithic. Data is processed by a variety of devices and microservices. To protect the weakest links, you need to protect your data at every step. Finally, the devices that generate and process data are becoming more diverse. Consistent protection should be applied to the entire code running on all processors such as CPUs, GPUs, sensors, and FPGAs.
Understanding How Hardware Vendors Creating Secure Systems for a Foundational Security
The Security Development Life Cycle (SDL) was the first initiative introduced by Microsoft to improve the security of software, but it is now widely applied to all types of products. Hardware vendors use SDL practices to identify threats, take action, and specify security requirements.
In addition to SDL, it is important to have a framework that guides the architectural and design decisions of new security technologies. This often includes elements and pillars such as basic security, workload protection, and software reliability. In this article, I would like to focus on basic security.
Mandatory security technology develops an important foundation of protection with a focus on identity and integrity. Customers face the challenge of building trust in systems made up of various silicon components and vendors.
Consistent basic protection is useful across different processing devices. These include, for example, secure boot, update, run-time protection, and encryption features that help you check the authenticity of your device and data.
The basic security idea is to design a system that allows components to have known secure configurations and has all the hooks needed to keep them that way. Regardless of the underlying architecture, Trustworthy Computing Systems are expected to provide continuous protection throughout their lifecycle and across all data states and transitions.
Whether your data is in the cloud, on the edge, or on your personal device, basic security ensures that your processor and platform components protect your data and calculate transactions.
Root of Trust
Trust is a chain and it starts from the root. This is a secret, usually an encryption key or a set of encryption keys, which is burned onto the chip and has access only to the components that are part of the chain of trust. There can be multiple trusted routes in the system. The hardware trust root is responsible for establishing trust before booting and at system runtime.
It provides a foundational security for the device (or trusted computing base) and a known secure starting point. But it does much more depending on your implementation. ID to rely on the party to store and manage encryption keys and establish trust through authentication, reporting, validation, and integrity measurements, as well as keeping the device or the entire system in good known condition. And prove the measured value.
Currently, hardware vendors rely on security modules such as the Trusted Platform Module (TPM) with silicon capabilities, either built into the main processor or providing an additional layer of security as a dedicated security coprocessor. We provide roots technology.
Separation of security features supports segregation of duties and helps to apply the ZeroTrust concept within the silicon. New hardware security technologies such as Physically Unclonable Functions (PUF) extract hardware fingerprints and provide unique identifiers to the system.
This is very similar to a private key that can be used as the basis of trust to determine if the software is running on the correct platform.
Updating and Recovering for a Foundational Security
The roots of trust keep booting the system safely, but how are changes managed after the system boots and runs? Secure change management and system changes are unavoidable for most hardware components.
Mechanisms for secure run-time updates, code signing, and signature verification should be in place. This includes supporting and implementing secure software and firmware updates that are critical to maintaining system integrity.
Allowing a system to perform insecure or unauthorized updates without enforcing signing requirements can compromise the intended safe running state of the system. It focuses heavily on rollback protection or firmware updates that are only allowed if the firmware is verifiable newer than the existing version or approved by a trusted authority.
It also means that you need to anticipate and manage failures in a way that keeps your system safe (that is, recovery). When designing a system, you need to consider the type and impact of the failure. In addition to standard boot and update mode operations, recovery mode (activated by the user or automatically applied by the system) helps identify problems and unexpected behavior.
Data Safety for a Foundational Security
Dedicated acceleration circuits are truly unique when it comes to data encryption and protection. Hardware implementation is faster. And there is constant competition to improve cryptographic performance. The community wants (and needs) to encrypt data.
This is one of the most valuable resources your organization manages. Confidentiality is primarily protected by data encryption and strong access control. In addition to trusted roots and system security (secure boot chain, updates, recovery, etc.), additional encryption helps ensure that only trusted code and apps are running on the device.
However, encryption is applied to different parts of the system and can impact performance. When designing a system, it is important to understand where these performance impacts intersect with new technologies. However, advances in cryptographic performance have helped create more secure and high-performance designs.
These include functions such as new instructions such as full key (cost savings cost) and the complete encryption of connection encryption and encryption. In addition to additional future technological innovations, this helps to prepare for the resilience of Postquantum and homogeneous encryption.
Basic security application from the safety point of view. All these components act as part of the system to manage code that allows data streams. Reliability is a system manufacturer. As the workload moves between platforms, it extends to all types of processing devices.
All devices, systems, and workloads must demonstrate integrity and identity throughout their lifecycle and migration. The goal is to ensure that every piece of silicon is always certified for its true identity and security status. Whether the data is in the cloud, on the edge, or on a personal device, customers want to trust silicon to protect their data and play a role in computing transactions.
You may also be interested: