-
- News
- Books
Featured Books
- smt007 Magazine
Latest Issues
Current IssueComing to Terms With AI
In this issue, we examine the profound effect artificial intelligence and machine learning are having on manufacturing and business processes. We follow technology, innovation, and money as automation becomes the new key indicator of growth in our industry.
Box Build
One trend is to add box build and final assembly to your product offering. In this issue, we explore the opportunities and risks of adding system assembly to your service portfolio.
IPC APEX EXPO 2024 Pre-show
This month’s issue devotes its pages to a comprehensive preview of the IPC APEX EXPO 2024 event. Whether your role is technical or business, if you're new-to-the-industry or seasoned veteran, you'll find value throughout this program.
- Articles
- Columns
Search Console
- Links
- Events
||| MENU - smt007 Magazine
Intel Introduces First Protections Against Certain Physical Threats
August 15, 2022 | IntelEstimated reading time: 3 minutes
Intel improves software reliability by building silicon enhancements realized through logic inside the processor. Today, the company described a new technique to complement existing software mitigations for fault injection attacks.
Tunable Replica Circuit (TRC) – Fault Injection Protection uses hardware-based sensors to explicitly detect circuit-based timing failures that occur as the result of an attack. TRC is first delivered in the 12th Gen Intel® Core™ processor family. It adds fault injection detection technology to the Intel® Converged Security and Management Engine (Intel® CSME), where it is designed to detect non-invasive physical glitch attacks on the pins supplying clock and voltage. TRC is also designed to detect electromagnetic fault injections.
“Software protections have hardened with virtualization, stack canaries and code authentication before execution,” said Daniel Nemiroff, senior principal engineer at Intel. “This has driven malicious actors to turn their attention to physically attacking computing platforms. A favorite tool of these attackers is fault injection attacks via glitching voltage, clock pins and electromagnetic radiation that cause circuit timing faults and may allow execution of malicious instructions and potential exfiltration of secrets.”
Intel’s TRC was originally developed by Intel Labs to monitor dynamic variations, such as voltage droop, temperature, and aging in circuits to improve performance and energy efficiency. As new technologies evolve, so do their applications.
“By changing the monitoring configuration and building the infrastructure to leverage the sensitivity of the TRC to fault injection attacks, the circuit was tuned for security applications,” said Carlos Tokunaga, principal engineer in Intel Labs, explaining the research approach.
Intel Labs, iSTARE-PASCAL (Physical Attack and Side Channel Analysis Lab) and Intel’s Client Computing Group partnered on testing and validating TRC for security scenarios. Together they proved that TRC can be calibrated to a point where such timing violations could only be the result of an attack. Intel applied the TRC as a hardware sensor to detect and help protect against these fault injection attack methods.
Intel’s TRC is designed to protect against certain types of physical attacks by monitoring the delay of specific types of digital circuits. When calibrated to specific expectations of the sensor sensitivity, TRC signals an error when it detects a timing failure due to a voltage, clock, temperature or electromagnetic glitch. Because the TRC is calibrated to signal an error at a voltage level beyond the nominal operating range of the CSME, any error condition from the TRC is an indication that data could be corrupted, triggering mitigation techniques to ensure data integrity.
Intel has applied the TRC to the Platform Controller Hub (PCH), a separate chipset isolated from the CPU that enhances protection of a system’s root of trust called the Intel CSME.
The most crucial aspect for productizing this type of hardware sensor is calibration. Calibrated too aggressively, the sensor would detect normal workload voltage droops as false positives. False positives create noise and could result in platform instability, bringing additional burden for already overworked cybersecurity teams.
To avoid false positives, Intel developed a feedback-based calibration flow. Minimizing the false negatives is also important, so the feedback loop uses results from false-positive and false-negative testing along with margin data from the hardware sensor. This indicates how close the sensor was to detecting a glitch as well as the accuracy of the guard bands.
Architectural advancements can often result in considerably less execution overhead compared to software-only implementations, yet physical attack methods have traditionally been outside of threat models.
As more compute is brought to the intelligent edge, Intel has invested in physical attack protection security capabilities to enhance software resilience as workloads expand and threat models evolve. Security is a system-level property rooted in the silicon. Every component in the system — from software to silicon — can help keep data secure.
Details of this research was presented at Black Hat USA 2022: Fault-Injection Detection Circuits: Design, Calibration, Validation and Tuning. Additional technical information is available in the following whitepaper: Fault-Injection Countermeasures, Deployed at Scale.
Suggested Items
Avnet Launches QCS6490 Vision-AI Development Kit
05/17/2024 | AvnetThe QCS6490 Vision-AI Development Kit from Avnet enables engineering teams to rapidly prototype hardware, application software and AI enablement for multi-camera, high-performance, Edge AI-enabled custom embedded products.
Altus Adds PVA's Game Changing PathMaster X Software to Portfolio
05/16/2024 | Altus GroupAltus Group, a leading distributor of capital equipment in the UK and Ireland, has announced the addition of PVA's new PathMaster X software to its product portfolio. PathMaster X transforms programming for PVA's conformal coating and dispensing systems with an intuitive, game-like controller interface.
Saki Set to Highlight Cutting-Edge Inspection Technology at SMTConnect 2024
05/15/2024 | Saki CorporationSaki Corporation, an innovator in the field of automated optical and X-ray inspection equipment, will be exhibiting at SMTConnect 2024 in Nuremberg, Germany from June 11-13. As a key highlight of the Selecs booth #235 in Hall 4, Saki will be showcasing its unique range of automated inspection solutions including the award-winning X-ray Automated Inspection System (AXI) and innovative ‘One Programming’ and AI Solutions Features.
Siemens Partners with Microsoft to Deliver AI-enhanced Solutions for Resilient Product Lifecycle Management with Azure
05/14/2024 | PRNewswireSiemens Digital Industries Software announced an expansion of its partnership with Microsoft to make the Siemens Xcelerator as a Service portfolio of industry software available through Microsoft's cloud and AI platform Azure and integrating it with generative AI and Copilot features.
Real Time with… IPC APEX EXPO 2024: Modernizing a PCB Facility
05/13/2024 | Real Time with...IPC APEX EXPOAidan Salvi, chief transformation officer at Amitron, discusses modernizing the company's PCB facility including equipment selection, installation, process redefinition, staff upskilling, university engagement, and customer relationship building. Emphasizing that this is a significant endeavor not to be undertaken lightly, Aidan highlights the importance of focus, software technology use, and a step-by-step approach to modernization. He recommends caution when assessing whether to approach factory modernization as one big project or take a more measured approach to modernize in segments.