The complexity, ineffectiveness, and cost of digital security has worn the digital technology industry into apathetic resignation. Some industry leaders are saying that it may be time for a new processor architecture to arrive, if only to put an end to the cesspool that is current digital security technology.
At the 2018 Arm TechCon in San Jose, California, Arm issued the second edition of their IoT Security Manifesto. I wanted to see what kind of progress had been made by the embedded industry toward meeting the goals that the document laid out originally and expanded upon this year. The result was, as John Cleese used to say, “not a sausage.” The question is: Why?
One clue was in the new issue of the manifesto in the section on Meltdown and Spectre (MDS). The revelation of those security holes earlier this year knocked the goals of the 2017 manifesto into a cocked hat for the simple reason that the holes were integrated into the very hardware. Patches were issued, but these could be easily turned off by both the users and the malefactors attacking the systems. Every vendor that I talked to admitted that this was a problem they were facing, along with the reality that the software patches caused performance slowdowns of 10% to 15% on a given processor.
I’ve been interviewing chief information and security officers (CISOs) for about five weeks now, asking a simple question: What will it take to make your network truly secure? Not the internet, just their network. Everyone said the same thing: “We can’t.” The CISOs of companies that purchase and implement security technology and services know that, even if they were to purchase everything possible, it wouldn’t guarantee a secure internet or intranet and, even if it did, it would slow their own productivity to a virtual standstill, making investment in more technology hard to justify. A telecom executive who requested anonymity said, “The state of digital security technology is like a cesspool. Every once in a while, we throw in something new, stick our paddle in, and stir, but it still stinks.”
In part, as I mentioned in a previous column , inherent insecurity of system arises from badly written code created by overworked and exhausted engineers. There are basic security standards to which developers are supposed to adhere in order to avoid those problems, and an entire sub-industry has sprung up to help teams stay on target. As you’ll see in this video , Jim McElroy, sales and marketing vice president at LDRA, says that this is more important to the automotive and industrial technology sectors, “…since they are under the gun from a security security requirements perspective, as different systems need to communicate securely.” But that is strictly from a software perspective. The issue of digital security lies much deeper.
The very core of the problem existed at the processor level even before MDS was discovered. Multi-core processors promised increased processing power, but customers started complaining that they were not seeing the improved performance that was advertised. To fix that problem, the chip industry switched from in-order processing to out-of-order processing, which involved putting off often used tasks to the cache and bringing them up when it was anticipated that they would be needed. This delivered the performance, but it also opened huge security holes. The manifesto section on MDS explained as much.
What the section glossed over was that the off-loaded tasks often included PIN numbers, usernames, passwords, bank accounts, etc. — all of the stuff that hackers were looking for, which was now easily accessible by those who knew how. The patches provided by the big players (Intel, Apple, etc.) theoretically covered those holes, but the corresponding degraded performance became noticeable to the user community, so on a case-by-case basis, the users were instructed how to turn them off.