Increased complexity practically guarantees that hardware vulnerabilities will continue to be unknowingly introduced.
Vulnerabilities like Meltdown, Spectre and Foreshadow are understandably considered quite serious by the semiconductor industry. This is because they can be exploited by a determined attacker to access sensitive data that should be securely locked down but isn’t.
We can think about a cloud-based server running multiple applications that process and store sensitive data. Vulnerabilities like the ones mentioned above could enable data associated with one application to be accessed by unauthorized code run by a different application (and user), even though it shouldn’t be visible or accessible by another program. The result? Sensitive data, such as credit card information, passwords and other security credentials could potentially be harvested by malicious code.
It is important to understand that hardware-based CPU vulnerabilities were inadvertently created over the years by well-meaning engineers focused on designing ever-faster silicon. CPU performance increased significantly in recent decades, with speeds improving significantly every year. This rather impressive feat was made possible by chip architects who leveraged a range of clever techniques to squeeze as much performance as possible out of every transistor, even as the number of available transistors was increasing.
As the years went on, new techniques were adopted for increasing performance while many of the old ones were still in use. And the new techniques were more complex, because most of the easy approaches had already been adopted. As a result, the techniques required to increase chip performance became more complex and multi-layered – which made CPUs the large, complex beasts they are today. From a security perspective, this complexity has arguably led to a decrease in security.
For example, speculative execution is one of the fundamental techniques used to increase performance, but it also enabled vulnerabilities like Meltdown. Meltdown exploited speculative execution to access protected data by pulling it into the cache where there were methods of accessing the data – without directly reading it. Put simply, unauthorized direct access was forbidden, but indirect access was neither anticipated nor protected against.
It is important to emphasize that Meltdown, Spectre and Foreshadow aren’t the only hardware-based vulnerabilities affecting the semiconductor industry. Increasing silicon complexity – across a diverse range of devices and verticals – practically guarantees that additional vulnerabilities with varying threat levels will continue to be unknowingly introduced into devices. A successful attacker has only to identify a single vulnerability, while system designers must secure a multitude of functions and interactions.
Despite real-world security risks, techniques to accelerate CPU speeds remain critical as compute workloads become more processor intensive. Concurrently, IoT devices, tablets and wearables are becoming ever-more power conscious. This means CPU architects need to think about achieving the right balance between higher performance and lower power for their application, which is a complex problem.
At the same time, system designers should also be considering security in a deeper way – and not just focusing on the micro-architectural level question of ‘how do we optimize the CPU?’ Rather, they should be thinking about securing the system at the most fundamental architectural level of the system itself. Semiconductor security is dynamic and should evolve organically to intelligently and proactively protect changing workloads and applications.
Leave a Reply