Meltdown and Spectre bugs highlight importance of field
Hardware security made news in the worst way possible last month with the announcement that two CPU bugs, nicknamed Spectre and Meltdown, leave virtually every modern computer, smartphone, tablet and PC vulnerable to malicious attack. According to Google’s Security Blog,
The Project Zero researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible. For example, an unauthorized party may read sensitive information in the system’s memory such as passwords, encryption keys, or sensitive information open in applications. Testing also showed that an attack running on one virtual machine was able to access the physical memory of the host machine, and through that, gain read-access to the memory of a different virtual machine on the same host.
Hardware bugs like Spectre and Meltdown are extremely difficult to fix as they are the result of vulnerabilities ‘baked in’ to the processors themselves. Although firmware updates are possible to mitigate some hardware level bugs, the hardware (logic, memory, and interconnects) is basically static and immutable after fabrication. In other words, vulnerabilities like these cannot really be fixed until a new processor is designed, released, and installed. That process could take years, depending on the complexity of the chip.
Meltdown and Spectre attacks exploit “speculative execution,” used by modern processors for better performance. In layman’s terms, excessive CPU cycles are needed to determine which parts of a code to execute. Instead of waiting idly for the result, the system predicts which part of the code to execute and only waits to commit to the final results. If the prediction is correct (usually the case), the results are committed and the time that would have been wasted has been put to good use. If the prediction is incorrect, then the correct code is executed and the only penalty is the time which would have been wasted anyway. In this manner, speculative execution is a win-win for performance. However, speculative execution can provide hackers with “side information” which can be exploited to gain privileged and sensitive information about data and control flow. Meltdown also illustrates that the way “speculative execution” is implemented in hardware determines if there is an added security vulnerability.
The bottom line? Research and education will be critical in overcoming hardware vulnerabilities like Spectre and Meltdown. Experts predict that more vulnerabilities like these will continue to exist or be revealed, as the speed boost provided by speculative execution is too significant—companies won’t want to remove the process unless the speed loss can be mitigated in other ways. Many experts are of the opinion that Spectre and Meltdown provide the ‘kick in the pants’ that moves government and industry into a new paradigm of hardware design and developing a comprehensive, coherent strategy to radically improve hardware security practices.
FICS Research to the Rescue
Bugs and vulnerabilities such as these highlight the critical importance of the work being done at the University of Florida, specifically at the Florida Institute for Cybersecurity (FICS) Research. Established to be the nation’s premier multidisciplinary research institute in the advancement of cybersecurity, FICS Research boasts world-class facilities and preeminent faculty, all dedicated to advancing knowledge and technologies in this emerging field.
Prior to the creation of the Institute, Herbert Wertheim College of Engineering Dean Cammy Abernathy and ECE chair John Harris saw the need to position the University of Florida as a global leader in hardware security, IoT security, cybersecurity, and cryptography. With the creation of the Institute and several key hires, that leadership came to fruition. The University of Florida intends to stay at the forefront of these areas, as they are sure to become more and more critical to national security and identity theft prevention.
FICS Researchers are currently working collectively to address security issues at all types of hardware as well as hardware at all levels – from nanoscale devices to chips to circuit boards to systems (e.g. automotives, implants, wearables). FICS researchers are working to identify new vulnerabilities in hardware – e.g. leakage of sensitive information, hardware piracy, and Trojan attacks in hardware. Institute researchers empower hardware manufacturers to make secure and trusted ‘systems’ comprised of complex layers of hardware and software which will protect vulnerable users. Hardware systems and system security targets all parties involved in a product life cycle—from manufacturers to end-users.
FICS Research members are actively working on initiatives related to Spectre and Meltown, showing their global expertise in the field.
Sandip Ray and Swarup Bhunia are working on patchable hardware, frameworks, and architectures that are more mutable than existing hardware architectures, and enable seamless and disciplined correction of security vulnerabilities in-field.
Mark Tehranipoor, Domenic Forte, Swarup Bhunia, and Yier Jin are working on Design Security Rule Check, recommending frameworks and tools that analyze hardware designs through all levels of abstraction.
Yier Jin is working on hardware-assisted cybersecurity solutions with specific emphasis on the area of microarchitectural security. His paper, entitled HAFIX: Hardware-Assisted Flow Integrity Extension, won the best paper award at the Design Automation Conference (DAC’15) and another paper on microarchitectural side-channels was published in Network and Distributed System Security Symposium (NDSS’18).
Daniela Oliveira and Yier Jin are working on REVELARE – a hardware-supported dynamic information flow tracking (DIFT) framework to enhance IoT security and forensics.
Prabhat Mishra is working on developing formal verification techniques coupled with robust architectural primitives to avoid such attacks in the future.
In addition, many ECE courses are delving into this critical area of research:
|EEE 4714/5716||Introduction to Hardware Security and Trust||Tehranipoor|
|EEL 4853/5855||Cross Layered System Security||Oliveira|
|EEL 5934||Hardware Security Lab*||Bhunia|
|EEL 6935||Advanced Hardware Security and Trust||Forte|
|EEL 6935||Cybersecurity Case Studies||Bhunia|
|EEL 6935||Physical Attacks and Inspection of Electronics||Asadi|
* Uses a hardware hacking board developed in-house, to train students in the course about ethical hacking. Students receive this board in the mail and work with it remotely.
Who are the Core FICS Research Faculty in ECE?
Intel Charles E. Young Endowed Chair Professor in Cybersecurity
|Hardware security and trust, IoT security, electronics supply chain security, and reliable and testable VLSI design
Professor, Director of Education
|Hardware and systems security, food and medicine safety, adaptive and energy-efficient computing, wearable and implantable systems
|Hardware security, Reverse engineering, 3D imaging and image processing, Failure analysis, Sensors, Thermal barrier coatings
Hardware security and trust, Anti-reverse engineering, Anti-tamper, Digital VLSI/CAD, and Biometric systems
Associate Professor and IoT Term Professor
|Embedded Systems, IoT Design and Security, High Performance Computing Security
University of Florida Term Professor, CISE (with joint appointment in ECE)
|Embedded and cyber-physical systems, energy-aware computing, hardware security and trust, system-on-chip verification, bioinformatics, and post-silicon validation and debug.|
IoT Term Professor
|Interdisciplinary computer security and operating systems
Endowed IoT Term Professor
|Trustworthy computing; Synthesis, architecture, system design, security, prototyping, and verification; Hardware/firmware/software codesign; Design-for-resilience; Post-silicon readiness and validation streamlining for System-on-Chip designs.|
|Biometrics and identity science; pattern recognition and machine learning; image and signal analysis; computer vision applied to counterfeit detection and reverse engineering
Spectre and Meltdown will continue to be big news for months and years to come; expect UF and FICS Research to remain at the forefront.