Intel Introduces First Protections Against Certain Physical Threats
August 15, 2022 | IntelEstimated reading time: 3 minutes
Intel improves software reliability by building silicon enhancements realized through logic inside the processor. Today, the company described a new technique to complement existing software mitigations for fault injection attacks.
Tunable Replica Circuit (TRC) – Fault Injection Protection uses hardware-based sensors to explicitly detect circuit-based timing failures that occur as the result of an attack. TRC is first delivered in the 12th Gen Intel® Core™ processor family. It adds fault injection detection technology to the Intel® Converged Security and Management Engine (Intel® CSME), where it is designed to detect non-invasive physical glitch attacks on the pins supplying clock and voltage. TRC is also designed to detect electromagnetic fault injections.
“Software protections have hardened with virtualization, stack canaries and code authentication before execution,” said Daniel Nemiroff, senior principal engineer at Intel. “This has driven malicious actors to turn their attention to physically attacking computing platforms. A favorite tool of these attackers is fault injection attacks via glitching voltage, clock pins and electromagnetic radiation that cause circuit timing faults and may allow execution of malicious instructions and potential exfiltration of secrets.”
Intel’s TRC was originally developed by Intel Labs to monitor dynamic variations, such as voltage droop, temperature, and aging in circuits to improve performance and energy efficiency. As new technologies evolve, so do their applications.
“By changing the monitoring configuration and building the infrastructure to leverage the sensitivity of the TRC to fault injection attacks, the circuit was tuned for security applications,” said Carlos Tokunaga, principal engineer in Intel Labs, explaining the research approach.
Intel Labs, iSTARE-PASCAL (Physical Attack and Side Channel Analysis Lab) and Intel’s Client Computing Group partnered on testing and validating TRC for security scenarios. Together they proved that TRC can be calibrated to a point where such timing violations could only be the result of an attack. Intel applied the TRC as a hardware sensor to detect and help protect against these fault injection attack methods.
Intel’s TRC is designed to protect against certain types of physical attacks by monitoring the delay of specific types of digital circuits. When calibrated to specific expectations of the sensor sensitivity, TRC signals an error when it detects a timing failure due to a voltage, clock, temperature or electromagnetic glitch. Because the TRC is calibrated to signal an error at a voltage level beyond the nominal operating range of the CSME, any error condition from the TRC is an indication that data could be corrupted, triggering mitigation techniques to ensure data integrity.
Intel has applied the TRC to the Platform Controller Hub (PCH), a separate chipset isolated from the CPU that enhances protection of a system’s root of trust called the Intel CSME.
The most crucial aspect for productizing this type of hardware sensor is calibration. Calibrated too aggressively, the sensor would detect normal workload voltage droops as false positives. False positives create noise and could result in platform instability, bringing additional burden for already overworked cybersecurity teams.
To avoid false positives, Intel developed a feedback-based calibration flow. Minimizing the false negatives is also important, so the feedback loop uses results from false-positive and false-negative testing along with margin data from the hardware sensor. This indicates how close the sensor was to detecting a glitch as well as the accuracy of the guard bands.
Architectural advancements can often result in considerably less execution overhead compared to software-only implementations, yet physical attack methods have traditionally been outside of threat models.
As more compute is brought to the intelligent edge, Intel has invested in physical attack protection security capabilities to enhance software resilience as workloads expand and threat models evolve. Security is a system-level property rooted in the silicon. Every component in the system — from software to silicon — can help keep data secure.
Details of this research was presented at Black Hat USA 2022: Fault-Injection Detection Circuits: Design, Calibration, Validation and Tuning. Additional technical information is available in the following whitepaper: Fault-Injection Countermeasures, Deployed at Scale.
Suggested Items
Real Time with… IPC APEX EXPO 2024: Software Solutions for Circuit Board Challenges
05/03/2024 | Real Time with...IPC APEX EXPONolan Johnson speaks with Will Webb from Aster Technologies about their software solutions for design teams, manufacturing, test engineers, and process engineers. Aster's software addresses the increasing complexities of circuit boards and the need for alternative testing methods.
Real Time with… IPC APEX EXPO 2024: My Role as a Technology Solutions Director
05/02/2024 | Real Time with...IPC APEX EXPOPeter Tranitz, senior director of technology solutions at IPC, shares insights into his role as the design initiative lead. He details his advocacy work, industry support, and the responsibilities of the design initiative committee. The conversation also covers the revamping of standards, the IPC Design Competition, and the implementation of design rules in software tools.
Boeing Validates Software for Future Manned Unmanned Refueling Missions
05/02/2024 | BoeingBoeing has advanced its manned-unmanned teaming (MUM-T) technology using a digital F/A-18 Super Hornet and MQ-25 Stingray. The testing shows the software is maturing for future U.S. Navy use and a potential to deploy the teaming capability on both F/A-18 Block II and III Super Hornets.
Europlacer Presents New Range of iineo SMT Placement Machines.
05/01/2024 | EuroplacerFor more than 15 years, the Europlacer iineo placement machines have made their mark on the SMT industry with unique features and unrivalled flexibility. Today, Europlacer announces the launch of the second generation iineo.
Siemens’ Breakthrough Veloce CS Transforms Emulation and Prototyping with Three Novel Products
04/24/2024 | Siemens Digital Industries SoftwareSiemens Digital Industries Software launched the Veloce™ CS hardware-assisted verification and validation system. In a first for the EDA (Electronic Design Automation) industry, Veloce CS incorporates hardware emulation, enterprise prototyping and software prototyping and is built on two highly advanced integrated circuits (ICs) – Siemens’ new, purpose-built Crystal accelerator chip for emulation and the AMD Versal™ Premium VP1902 FPGA adaptive SoC (System-on-a-chip) for enterprise and software prototyping.