New Approaches To Security

Different approaches are emerging to identify suspicious behavior and shut down potential breaches before they have a chance to do serious damage. This is becoming particularly important in markets where safety is an issue, and in AI and edge devices where the rapid movement of data is essential.

These methods are a significant departure from the traditional way of securing devices through limiting access, which has been the accepted method for securing everything from a bank vault to a server or a chip. But as more devices are connected to the Internet, and as more electronics are added into those devices, limiting access can be counterproductive and/or ineffective. The whole idea behind improving performance in chips designed for such applications as image processing and AI is to increase data throughput into and out of a chip or package. Performance improvements at the edge, as well as in the cloud, are largely due to architectural changes to improve data throughput.

As a result, vendors are beginning to rethink security, from the macro level down all the way to the chip or component level.

“Security has gotten very little attention until recently because none of our customers worried about security at the semiconductor level,” said Wally Rhines, CEO emeritus at Mentor, a Siemens Business. “All of a sudden, edge security is a very big deal. We always felt that eventually the market would come around, now there is enough interest. There is a lot of activity in this space.”

What’s changed is how companies are approaching security. In many cases, the key is a better understanding of the movement of data and an increasing emphasis on what is considered acceptable versus potential harmful. Those definitions and decisions may vary greatly by region.

“You’re going to see a lot of countries building firewalls to limit which other countries have access to that data,” said Michael Schuldenfrei, corporate technology fellow at OptimalPlus. “GDPR (EU’s General Data Protection Regulation) and other regulations are going to become much more important in controlling the movement of data between different bodies as time goes on. You already see that with countries restricting use of components from certain companies for 5G infrastructure. Everyone really wants to understand the extent of the threat.”

China is the clear leader in leveraging security to all data within its borders. The Great Firewall Of China was created to limit access to data from foreign sources, including social media and mobile applications. That technology is expected to become much more granular as AI is applied to data to identify patterns down to the individual device level, according to numerous industry sources.

Likewise on a macro level, data is being leveraged to add security into the global semiconductor supply chain to prevent suspicious parts and potential back doors from being built into devices and systems.

“What’s missing is traceability in the semiconductor supply chain,” said Dave Huntley, who is in charge of business development at PDF Solutions. “This is important in medical and automotive and anything that is a high-reliability product, where if you put stuff on the gray market that is egregiously defective it can cause serious problems. There is a lot of money from government going into solving this problem. If you receive chips for multi-chip modules or circuit boards and add value to those, you want to make sure those parts can be traced.”

PDF and Multibeam have proposed a consortium to track parts using blockchain ledgers. The idea is that parts can be identified when they arrive at a location and updated before they are shipped to the next phase of production or manufacturing.

“This is a consortium model blockchain,” said Huntley. “You have to be part of the consortium to gain access to the blockchain. It’s a way to track placement from the wafer to the package to the assembly, and also track the assembly. It’s all based on an XML schema and all of that is managed in a database.”

Fig. 1: Real vs. counterfeit chip. Source: PDF/NIST, University of Florida

If successful, this model could help reduce concerns about Trojans and back doors in gray-market parts—a problem that is largely the result of shortsighted policy and regular upgrade schedules.

“Because we’re not allowed to dispose of computer equipment, a lot of that was shipped to China,” said Mentor’s Rhines. “So you’d see components showing up in the gray market from that equipment. There are ways to stop that. You can put odometers on chips with an encrypted key to show how much that chip has been used. But you can’t necessarily combat parts taken out of the reject bin.”

Security at the edge
Security also is becoming a differentiator in edge devices. While it has been a requirement in the server world, the edge largely has consisted of smart phones connected to powerful servers and low-cost IoT devices, where security is almost non-existent. That lack of security is what led to the Mirai botnet attack on Dyn in 2016.

Things haven’t changed much on that front. But what has changed over the past year is a recognition that there is far too much data to send to the cloud and back from image sensors in assisted and autonomous vehicles and from a growing population of medical devices. So now, instead of everything being sent to the cloud, raw data will be sent to localized servers or clouds for pre-processing. Those localized clouds will capture good data and discard the rest, which is the vast majority of what is collected.

To make that model work, security will be required at this newly defined edge. But this shift also coincides with a growing concern about side-channel attacks to ferret out data stored deep inside a chip. Spectre, Meltdown and Foreshadow—vulnerabilities discovered in processor architecture—utilize this type of attack to target speculative execution and branch prediction, which are roughly to processor requests what stored cookies are to search. There are other vulnerabilities, as well, and the big problem is figuring out where they are.

“The challenge is pinpointing the unforeseen security holes,” said Chris Jones, vice president of marketing at Codasip. “This is especially true when you offload the processor with I/O or memory coherency with the processor, so the host processor is not contemplating what is going on. There are more entry points and more unforeseen security holes.”

But unlike IoT edge devices, the average selling price on edge servers is high enough to support security. Moreover, because there is no de facto hardware at the edge—there is no instruction set architecture (ISA) with a dominant market share because this segment is brand new—security is being viewed as a differentiator. This is evident in talk about security throughout the chip industry. A year ago, security was limited to specialized tracks at conferences. Now it is one of the top items in keynotes at almost every conference, and that will only become more prominent as security becomes a differentiator at the edge. And once again, much of it relies on data analytics.

Tools developers, in particular, see this as a big opportunity because they benefit no matter which ISAs ultimately win. In his keynote speech at the recent Synopsys User Group (SNUG), Aart de Geus, Synopsys’ chairman and co-CEO, focused on the development flow and how it could impact security for open-source software that is developed in conjunction with the hardware.

“We can do continuous checks so that as you check things you can see whether they create some quality or security issue and fix them as you go,” said de Geus. “This is much faster, because if you’re fixing something way down in the process you don’t remember the context or what you’ve changed recently. It may be very hard to find. But we can do one better than that. In the diagnostics, we also have some e-learning that says, ‘That bug you should know about, and here’s how it happens. By the way, there’s a five-minute video that teaches how to avoid those and what to look for.'”

Lip-Bu Tan, president and CEO of Cadence, pitched security at the recent Cadence user group (CDNLive), as well. “The intelligent edge will require protocol translation, device management, compute, data filtering, edge analytics and security,” he said. Cadence inked a deal with Green Hills Software, which is certified for Common Criteria Evaluation Assurance Level 6+. EAL 6 is essential for “high-risk situations where the value of the protected assets justifies the additional costs.”

“One of the key parts of system innovation is the security,” said Tan. “Defense, automotive, medical and aerospace companies are embracing it. In this hyper-connected world we are in, security becomes critical. You have to protect the data.”

Automotive security
Security becomes particularly important in assisted and autonomous vehicles because it can impact safety. The general thinking in this segment is that systems will evolve through over-the-air updates, and security needs to evolve with them. But that requires more than just security patches in software. It also requires analysis of the data traffic in various systems in a vehicle.

“The way you make Ethernet secure is you design it into the Ethernet connection,” said Burkhard Huhnke, vice president of automotive strategy at Synopsys. “But if you hand something over to the OEM 12 months before launch, they cannot make it secure. You need to build in software monitoring to make sure it doesn’t get hacked. You wrap the software in binary code, and you react as soon as someone finds a back door. To do that, you need to run software constantly through code analysis.”

This is where data analytics come into play, and it is being applied in at least two places. First, in conjunction with machine learning, it can identify aberrations in data traffic patterns such as increased signal activity. In addition, it can be used to identify activity at times when a system is not supposed to have any activity.

There are various ways to make this happen, and possible combinations for all of them. One is to run all traffic, or at least certain types of traffic, through an electronic chip ID or crypto processor. A second is to isolate and encrypt the key data components into what Arm calls a Root of Trust, and keep that off limits to any traffic without a key. The same can be done with physically unclonable functions. Then, when anyone attempts to tap into these areas, alarm bells go off and security measures kick in. A third approach is to use existing circuits to run checks on data movement and activity, which is where companies like UltraSoC, Moortec and Arteris IP are focused.

“We’ve got customers laying out their chip who are putting in processors specifically for this task,” said Rupert Baines, CEO of UltraSoC. “They are using this for safety and security applications. So the analytics are looking to detect safety problems, failures, potential hacks, malware, and they’re doing that live within the chip by observing traffic patterns as they flow past. And then they can react incredibly quickly because it’s in the same chip. They’re not sending traffic somewhere else to be thought about and then come back again.”

This changes the nature of hardware security because it shifts the focus from detection and software patches, which can take days or weeks to implement, to more immediate reactions within a system, such as forcing an unexpected software task to quit before it can be completed. And while the software patch may still be necessary, the immediate threat is eliminated.

“We’re looking at two program streams, and if they diverge we sound the alarm,” said Baines. “That’s happening on the fly in real-time, in silicon, in-situ as the chip is running. There are two groups interested in this. One involves the people building big chips, servers, data centers, AI chips, who have really complicated systems. They’re interested in performance and tuning. The second group is in automotive, and they’re interested primarily in the security and functional safety of the application.”

The automotive market is particularly sensitive to security after some very high-profile attacks, starting with a well-publicized hack of a Jeep in 2015. It wasn’t confined just to the Jeep, however. The same white-hat hackers, Charlie Miller and Chris Valasek of Cruise Automation, also showed similar vulnerabilities in the Ford Escape and Toyota Prius two years earlier.

“The biggest problem that you see today is that all cars are based on electronic buses where all data is flowing around the car,” said Gert Jørgensen, vice president of sales and marketing for the ASIC Division of Delta. “And now that we talk all about self-driving cars, there’s a lot of things going on to secure to be sure that nobody is disturbing that CAN bus, because that tells you the car’s condition and when it has to brake and so on. It’s about security, simply. So this bus is available, but if you tamper with it the self-contained car has a problem. A lot of efforts are going on to secure the CAN bus because the CAN bus is the communication nerve center between all modules in the car. There are even companies that make electronic circuits to detect if you have added things to the CAN bus that are not supposed to be there.”

Conclusion
Data analytics has been used in the past typically for marketing and efficiency reasons, but a new emphasis on security at the edge and in automotive (as well as medical and industrial) electronics has opened new opportunities for this kind of approach. Mapping the flow of data, and detecting irregularities in the quantity of data being moved or when it gets moved are key ways of tracking aberrant activity.

What has changed is the value of data and the recognition that data cannot be secured by putting it into a box. There is far too much data, and it either has to be blocked at a high level, or tracked on a local level. This will have a fundamental impact on how security is architected and applied in the future, and it could have a profound effect on which companies succeed and which ones fail across a variety of different markets.

—Susan Rambo contributed to this report.

Related Stories
Using AI Data For Security
Pushing data processing to the edge has opened up new security risks, and lots of new opportunities.
Next Wave Of Security For IIoT
New technology, approaches will provide some protection, but gaps still remain.
Building Security Into RISC-V Systems
Emphasis shifting to firmware, system-level architectures, and collaboration between industry, academia and government.
Blockchain May Be Overkill For Most IIoT Security
Without an efficient blockchain template for IoT, other options are better.