Image: iStockphoto
In Brief
- Integrated circuits are increasingly complex and capable—but also increasingly vulnerable
to attack. - The circuits typically include designs from many sources. A “Trojan” attack hidden in one of these designs could surface long after the circuit has left the factory.
- A few relatively simple measures could go a long way toward protecting hardware from malicious hackers.
Your once reliable mobile phone suddenly freezes. The keypad no longer functions, and it cannot make or receive calls or text messages. You try to power off, but nothing happens. You remove the battery and reinsert it; the phone simply returns to its frozen state. Clearly, this is no ordinary glitch. Hours later you learn that yours is not an isolated problem: millions of other people also saw their phones suddenly, inexplicably, freeze.
This is one possible way that we might experience a large-scale hardware attack—one that is rooted in the increasingly sophisticated integrated circuits that serve as the brains of many of the devices we rely on every day. These circuits have become so complex that no single set of engineers can understand every piece of their design; instead teams of engineers on far-flung continents design parts of the chip, and it all comes together for the first time when the chip is printed onto silicon. The circuitry is so complex that exhaustive testing is impossible. Any bug placed in the chip’s code will go unnoticed until it is activated by some sort of trigger, such as a specific date and time—like the Trojan horse, it initiates its attack after it is safely inside the guts of the hardware.
This article was originally published with the title The Hacker in Your Hardware.
Already a Digital subscriber? Sign-in Now
If your institution has site license access, enter here.
See what we're tweeting about
15 Comments
Add CommentAs a ASIC verification engineer, I am curious if formal verification is a better solution for some of the issues identified in this article. Take the example of a block not releasing ownership of a bus. An interface assertion that the bus must always be released within some time window is easily created. If there is a magic packet (or some other condition) that would cause this to be violated, the formal engine should easily find the counter example. This applies to many of the other identified HW hacks.
Reply | Report Abuse | Link to thisI also wonder about the economics of protection versus ensuring designs are HW hack free. Several percent of additional die size/slower clock speed to add protection would make a chip no longer cost competitive for a chip vendor.
That being said, this was quite an interesting article!
Aren't customer upgradable microcode and system software and device drivers still far more vulnarable to malicious attack than hardware?
Reply | Report Abuse | Link to thisHas anyone verified the picture of the AMD Opteron 6100 that goes with the printed article? The "actual size" comment seems wrong. AMD says the die is 346 square mm, which is about 18 mm on a side for a square die.
Reply | Report Abuse | Link to this1^2+1^2+2^2+3^2+5^2+8^2+13^2 dont forget about the ghost in the machine the building block of all living things may get revenge
Reply | Report Abuse | Link to thisIf this bug will be in every new chip made, would it not be easy to check one chip and if the bug is found implement a chip wide erase? I am not that familiar with how this technology works, but if the bug is in one chip, would it not affect only one cell phone and then that cell phone spread the bug onward to other cell phones before the carrier phone shuts down? Isn't software manufacturers constantly updating their security systems to protect against attacks like this? My computer has been attacked before, but Microsoft has always had an injection of viral killers to stop the attack before the system shuts down.
Reply | Report Abuse | Link to thisShouldn't the cell phone companies be planning something against attacks against their systems? After all, none of them are new-jacks when it comes to computer software.
This type of HYPOTHETICAL fear mongering does not belong in a scientific discussion, but rather in a political blog.
Reply | Report Abuse | Link to thiscandide - I agree, but suggest a science fiction blog.
Reply | Report Abuse | Link to thisIt's commen sence to me.
Reply | Report Abuse | Link to thisJust as in busness , economics, politichs. No matter how bad things will get, there will be vultures waiting to reap the profits. And bottom line, life is good. Stay one step ahead of the virusses my friends and live prosperous.
Considering that operating systems like Windows have become so bogged down with security checks that I am looking at Linux just so I can use my computer again, I'm not sure. Hardware is purchased differently than software - by engineers rather than end users, so probably you are right about the economics. But the situation is already awful in plug and play operating system land.
Reply | Report Abuse | Link to thishaven't read the full article yet, but reminds me of the movie where Tom Seleck(sp) was the cop and Gene Simmons(of KISS) was the bad guy....
Reply | Report Abuse | Link to thisjtdwer...very much agree...much easier to incorporate a virus in the firmware/os/drivers than into the chip....
I found the article most interesting because it deals with a topic that is included in my book Pattern Seeker. I began to write the story in 2006 and have just published it. I was fascinated to see such an article and to know that the tech community is giving this thought.
Reply | Report Abuse | Link to thisTraceability will be an important part of hardware security. A robust system for knowing where each part of the system comes from, who is responsible for it, and who has had access to it will help ensure that if hackers do operate, they can be found. Reasonably effective traceability systems will act as a useful deterrent.
Reply | Report Abuse | Link to thisThe conclusion that more flexible and field reconfigurable hardware seems to add more attractive and field accessible targets for attack that can be exploited once the integrated circuit is in the unprotected real world. As others have already said programmable microcode is a much softer and realistic target than hardwired logic.
Reply | Report Abuse | Link to thisSorry, I intended to say "he conclusion that more flexible and field reconfigurable hardware is the best defense does not appear to be correct since it seems to add more attractive ..."
Reply | Report Abuse | Link to thisHello, I am a senior attending Cape Coral High School in Florida. I have recently performed an investigation into the issues that this article has covered. To further my investigation, I now need to interview a few stakeholders that have personal experience with the issues contained in the article. From your comment, it seems that you would have a lot of information from first-hand experience that would be very beneficial to my cause. If you have the time and would not mind doing so, I would like to ask you a few questions about your take on hardware, its vulnerabilities, and possible solutions to attacks. Please email me at marlee.henn@gmail.com if you are interested.
Reply | Report Abuse | Link to thisThank You,
Marlee