The rise of hardware-based security and why it matters [Q&A]
Cybersecurity is usually viewed as something to be addressed via software. In recent years though we've seen a hardware element start to creep in -- Windows 11's requirement for TPM capability for example.
Can we expect to see more hardware-based security measures? And what benefits do these offer? We spoke to Ed Maste, senior director of technology at the FreeBSD Foundation (the non-profit organization supporting the open source FreeBSD operating system) to find out.
BN: Security is often thought of as a problem for software to handle. How are hardware developments starting to impact security and how will that trend evolve?
EM: Hardware developments have always had an impact on security, as hardware forms the foundation upon which software security is built. However, in recent years, there has been a growing recognition of the importance of hardware security -- and this trend will continue as our reliance on technology increases and threats become more sophisticated.
One established example of hardware that has had an impact on security is the use of secure boot and trusted platform modules (TPMs), which help to ensure that a system has not been tampered with or compromised during boot. Additionally, the use of hardware-based encryption, such as on hard drives and in networks, is well-established as a means of protecting sensitive data.
Looking to the future, we can expect to see the development of more advanced hardware-based security measures, and the integration of hardware and software security measures to provide a more comprehensive approach to security. One example of this is the development of secure instruction set architectures (ISAs), which provide a secure foundation for software execution.
BN: What do you mean by instruction-set architectures (ISAs)?
EM: Instruction set architectures (ISAs) are the specifications for a microprocessor that define the set of instructions that the processor can execute. Some examples of ISAs include:
- x86: This is a popular ISA used in many desktop and laptop computers, as well as servers. It has evolved over the years and has several versions, including 16-bit, 32-bit, and 64-bit versions.
- ARM: This ISA is used in many mobile devices, including smartphones and tablets. It is known for low power consumption, which makes it well-suited for use in portable devices. More recently, 64-bit ARM has become popular in the server space.
- RISC-V: This is a relatively new ISA that has been gaining traction in recent years due to its open-source nature and flexibility. It is well-suited as a research platform.
There are also other ISAs in use today, each with its own set of features and intended applications. The open source FreeBSD operating system currently supports the three ISAs mentioned above, as well as Power (formerly PowerPC).
BN: How do ISAs affect enterprise security postures?
EM: The choice of instruction set architecture (ISA) can have a big impact on an enterprise's security posture, as different ISAs may have different security features and potential vulnerabilities.
Here are a few ways in which ISAs can affect security:
- Security features: Some ISAs include built-in security features, such as support for memory protection, data execution prevention, or hardware-based encryption. These features can help to mitigate certain types of security vulnerabilities and attacks.
- Vulnerabilities: Like software, ISAs can have vulnerabilities that can be exploited by attackers. It is important for enterprises to stay up to date on CPU microcode updates to mitigate these vulnerabilities.
- Compatibility: An enterprise’s choice of ISA can also affect its ability to use certain security tools and software. For example, if an enterprise is using an ISA that is not widely supported, it may be more difficult to find security tools that are compatible with that ISA.
BN: A security project from the University of Cambridge, CHERI, has been gaining momentum as an ISA -- where is this in the real world and what are the broader security implications of projects like CHERI?
EM: CHERI (Capability Hardware Enhanced RISC Instructions) is a hardware-based security enhancement that aims to improve the security of systems by providing enhanced memory protection and control over data access. The CHERI project has developed enhanced ISAs as variants of MIPS, ARM, and RISC-V. CHERI is being developed at the University of Cambridge and SRI International as an open source research project.
The CHERI ISA has received a lot of attention in recent years due to its potential to improve the security of systems. CHERI introduces a new hardware date type, the capability. CHERI capabilities control access to regions of memory, and on a CHERI system, all memory access is via a capability. These capabilities have hardware-enforced bounds and permissions. Coupled with hardware and runtime support, CHERI systems provide strong spatial memory safety.
In terms of its real-world status, CHERI is still in the research and development phase, but real-world prototypes exist. The most advanced prototype is Arm's Morello platform which adds CHERI to a high-performance, super-scaler core and implements it in a system-on-chip and demonstration platform. With the most recent release of CheriBSD, the Morello platform can provide a memory-safe desktop software development environment based on FreeBSD. Several FPGA implementations also exist for RISC-V and efforts to standardize CHERI for RISC-V are underway. Both Morello and CHERI-RISC-V are being explored by a wide range of industrial partners, including Google and Microsoft.
The broader security implications of a project like CHERI are significant, as it has the potential to improve the security of systems in a number of ways. By providing enhanced memory protection and control over data access, CHERI could help to mitigate a wide range of security vulnerabilities and attacks, including memory-based attacks such as buffer overflows and use-after-free vulnerabilities. Beyond memory safety, CHERI allows for high-performance compartmentalization and makes it more difficult for attackers to gain unauthorized access to sensitive data, a key concern for many organizations. Overall, the development of CHERI and other similar projects is an important step in the ongoing effort to improve the security of systems.
BN: What role does open source have in the evolution of hardware security?
EM: Open source has played a significant role in the evolution of hardware security. Open source allows for collaboration and the sharing of ideas and knowledge between developers and security experts. This can facilitate the development of new hardware security technologies and approaches, as well as the improvement of existing ones.
The fact that open source projects make their source code or hardware designs available to anyone to review and examine can really help to improve security, as it allows experts to identify vulnerabilities and potential weaknesses -- and to propose and implement fixes. Open source projects can also foster innovation, as developers are able to build upon and extend existing technologies in new and creative ways. This can lead to the development of new hardware security technologies and approaches that may not have been possible otherwise.
CheriBSD is a capability-enabled extension of FreeBSD that implements memory protection and software compartmentalization features supported by the CHERI ISA, taking advantage of the capability hardware on Arm's Morello, and CHERI-RISC-V platforms. Building on an open source Unix-like operating system facilitates CheriBSD's progress.
BN: What can we expect from the future of hardware-based security innovation?
EM: Hardware security is a crucial aspect of overall system security, and it will continue to play an increasingly important role as technology evolves and security threats become more sophisticated. I am excited for FreeBSD to be a part of the efforts to advance hardware security and to shape the future of this field.
Image credit: Alexmit/depositphotos.com