The Security Penalty


It's not clear if Meltdown, Spectre and Foreshadow caused actual security breaches, but they did prompt big processor vendors like Intel, Arm, AMD and IBM to fix these vulnerabilities before they were made public by Google's Project Zero. While all of this may make data center managers and consumers feel better in one respect, it has created a level of panic of a different sort. For decades,... » read more

Enabling Cheaper Design


While the EDA industry tends to focus on cutting edge designs, where design costs are a minor portion of the total cost of product, the electronics industry has a very long tail. The further along the tail you go, the more significant design costs become as a percent of total cost. Many of those designs are traditionally built using standard parts, such as microcontrollers, but as additional... » read more

Is Your AI SoC Secure?


As artificial intelligence (AI) enters every application, from IoT to automotive, it is bringing new waves of innovation and business models, along with the need for high-grade security. Hackers try to exploit vulnerabilities at all levels of the system, from the system-on-chip (SoC) up. Therefore, security needs to be integral in the AI process. The protection of AI systems, their data, and th... » read more

Finding Security Holes In Hardware


At least three major security holes in processors were identified by Google's Project Zero over the past year, with more expected to roll out in coming months. Now the question is what to do about them. Since the beginning of the PC era, two requirements for hardware were backward compatibility and improvements in performance with each new version of processors. No one wants to replace their... » read more

The Rising Need for Satellite Security


Satellites today contain highly complex embedded microelectronics systems complete with processing, data storage, and data receiving/transmitting capabilities. Further, they are controlled by ground stations, computers in data centers. They are therefore susceptible to threats prevalent in cloud computing architectures including insider threats, malicious downloads, etc. As such, satellite secu... » read more

‘Fuzzing’ A Virtual Prototype ECU To Improve Security


Staying ahead in the arms race against hackers means constantly looking for novel ways to find and correct security flaws, including (and perhaps especially) when it comes to relatively low-level hardware. In this brief white paper we describe one such way — an automated fuzzing test of a virtual ECU to find and correct vulnerabilities during the upstream development process. To read more,... » read more

Cache Speculation Side-Channels


This whitepaper looks at the susceptibility of Arm implementations following research findings from security researchers, including Google and MIT, on new potential cache timing side-channels exploiting processor speculation. This paper also outlines possible mitigations that can be employed for software designed to run on existing Arm processors. To read more, click here. » read more

More Processing Everywhere


Simon Segars, CEO of Arm Holdings, sat down with Semiconductor Engineering to discuss security, power, the IoT, a big push at the edge, and the rise of 5G and China. What follows are excerpts of that conversation. SE: Are we making any progress in security? And even if Arm makes progress, does it matter, given there are so many things connected together? Segars: It feels like we’re maki... » read more

Why The IIoT Is Not Secure


The Internet of Things is famously insecure, but not because the technology to build it or secure it is immature. Likewise, severely insufficient security on the Industrial IoT suffers from a lack of will. Neither tech buyers nor providers have yet invested the same effort expended in other areas of the tech world to create and adopt steps that will make everyone safer, according to chipmakers ... » read more

Top 6 Application Security Hurdles And The Secret To Overcoming Them


Applications support some of the most strategic business processes and access an organization’s most sensitive data. These applications also contain 92% of reported security vulnerabilities, not networks. Yet application security continues to receive less budget and attention than network security. This means security-aware companies must find a cost-effective application security solution to... » read more

← Older posts