Ultrasoc tweaks debug technology to act as SoC burglar alarm
Debug IP specialist Ultrasoc is adding security monitoring to its toolkit, providing SoC designers with a mechanism for their chips to react to usage patterns that indicate attempts by hackers to break into secure areas.
Rupert Baines, CEO of Ultrasoc, said: “The logic we’ve got lets you see what’s going on everywhere in a complicated chip and detect, warn and take action if something untoward is happening.”
The security additions cover configuration scripts and other tooling to set up the monitoring points and logic to look for possible transgressions. “There are some worked examples that performs tasks such as checking that the only things that are trying to read from a keystone are elements that are trusted within the chip,” Baines said.
Shadow network
“Because we are inserting hardware we are non-invasive and we are invisible. We don’t rely on hypervisors or low-level firmware; we provide an orthogonal fabric to the main on-chip buses or networks. So, it’s much harder to interfere or subvert us. It’s not impossible. There are still potential vulnerabilities with anything like this but providing an attacker with two interconnect mechanisms to deal with, their problem is squared.
“This is not an alternative to other secure elements. You still need secure hypervisors, MMUs and other protection mechanisms but we are saying the logic for debug and measurement can be used to give you an additional level of security,” Baines added. “You have the hardware locks; we are the burglar alarm.”
How deep into the system the monitoring depends on choices made by the SoC design team. It can potentially go down to the level being adopted by processor vendors who are building interlocks based on accesses to system stack pointers and memory accesses based on process ID. “We can look at transaction IDs going across buses,” said Baines.
Security connections
As a result, there will be some overlap and potential for connections between other security features and modes onchip such as the security ID features in the SonicsGN onchip network fabric and ARM’s Trustzone modes. Baines said the debug network provided by Ultrasoc can add elements such as ID checks to other onchip networks, where accesses to targets by initiators that are not considered trustable are flagged or trigger alarms.
At a higher level, the Bare Metal Security elements can be used to help spot attempts to perform fuzzing and error-assisted side-channel attacks where if the device is sent into an unapproved mode it sends an alert to base and possibly to the user and then only allows boot into a safe mode until can be reset securely by the manufacturer or a service provider
Haydn Povey, CEO of Secure.Thingz, said: “We’re seeing increasing interest in building security into SoCs at the hardware level. In fact, a number of recent announcements have promised just that. UltraSoC’s technology goes further: an independent on-chip security infrastructure, as a complement to other access-control mechanisms. Because it is versatile and scalable it has applications from IoT, through to enterprise applications, making it an attractive option for many SoC design teams.”