In this News Insight, Ars Technica explains the importance of chip-based security in mobile devices. You can learn more about why Samsung builds security right into their devices’ CPUs in this white paper. —Samsung Insights editorial team
In April of this year, the Defense Advanced Research Projects Agency (DARPA), the same federal government group that birthed the Internet, opened a competition to build better security into microprocessors. Never shy on acronyms, the System Security Integrated Through Hardware and Firmware (SSITH) will augment DARPA initiatives like High-Assurance Cyber Military Systems (HACMS) and the Cyber Grand Challenge (CGC), which all develop circuits that fight cybercorruption and hacking at the hardware level.
“Security for electronic systems has been left up to software until now,” said SSITH program manager Linton Salmon in a statement. “But the overall confidence in this approach is summed up in the sardonic description of this standard practice as ‘patch and pray’. This race against ever more clever cyberintruders is never going to end if we keep designing our systems around gullible hardware that can be fooled in countless ways by software.”
As computing spreads to the farthest reaches of everyday life, so too do holes and backdoors in which attackers can compromise the system. At all three layers—software, firmware, and hardware—researchers work to stay a step ahead of the bad guys. What many love about the pace of evolution in digital design—lowering costs, faster improvements—also keeps everyone on their toes. Companies modifying or deploying chips in unexpected applications may unwittingly leave security gaps that aren’t detected until after an attack.
Each layer of the chip can take responsibility for security, from roots up. To keep pace with changing security threats, devices will need to be built to scan themselves for attacks and operate with strict definitions for each process at every level. Tricking one resource to perform another system’s job—exploiting cross functionality—causes information breaches.
If the upper layers of a chip have paths for unauthorized bootloaders and tampered kernels, the device will need to self-regulate. Advanced chips are designed with switches that “blow” if they detect hacking or tampering with default controls. This sacrifices the device but saves the data—the former’s replaceable when lost. When the latter’s gone, it’s gone.
SSITH’s Salmon claims removing hardware vulnerabilities would shut more than 40 percent of the doors intruders use through software. DARPA claims roughly 2,800 breaches have taken advantage of software vulnerabilities having to do with the code’s permissions, buffer errors, resource management, information leakage, numeric errors, crypto errors, and injecting malicious code. “All seven of which are variously present in the integrated microcircuitry of electronic systems around the world,” the agency claims.
Software gets all the glamour with a device. It’s what we interact with. But beneath the glass, all those physical guts comprise an often unacknowledged architecture that powers our apps and workdays. The critical difference is that software can be updated—”patches”, “security fixes”, etc.—while hardware can’t. Once it’s built, it’s built. And if it contains a chip with exploitable features, a manufacturer may need to issue a recall.
As transistors get smaller (and faster) the cost to fabricate chips has forced many chip designers to trust third parties—often overseas—to build their products. That’s a stage in the process where mistakes can happen or nefarious third parties could get involved. Chip makers lean on post-fabrication quality assurance but nothing’s perfect.
“Unfortunately, this type of testing leaves the door open to malicious modifications since attackers can craft attack triggers requiring a sequence of unlikely events, which will never be encountered by even the most diligent tester,” read a recent academic paper.
In it, the researchers demonstrate how to embed a security threat to take control of the hardware’s activity. The malicious circuit uses the energy wrought from switching gate states. Once charged, using a small cascade of hardware additions, the researchers could attack and control the circuit remotely. One prominent programmer from a large technology company called the modification “the most demonically clever computer security attack I’ve seen in years.” The researchers hoped their results would spawn a better security checks and balances system within computer chips.
The hackers only need to find one weakness.
Find out why Samsung devices are some of the most secure available in this white paper.