CybersecurityMicroprocessor designers realize security must be a primary concern

By Mark Hempstead

Published 18 July 2018

Fifty years after the founding of Intel, engineers have begun to second-guess many of the chip-making industry’s design techniques. Recently, security researchers have found that some innovations have let secrets flow freely out of computer hardware the same way software vulnerabilities have led to cyberattacks and data breaches. This realization has led to calls from microchip industry leaders, including icons John Hennessy and David Patterson, for a complete rethinking of computer architecture to put security first. Identifying and securing these newly identified hardware vulnerabilities and side-channels will be challenging, but the work is important – and a reminder that designers and architects must always think about other ways attackers might try to compromise computer systems.

Computers’ amazing abilities to entertain people, help them work, and even respond to voice commands are, at their heart, the results of decades of technological development and innovation in microprocessor design. Under constant pressure to extract more computing performance from smaller and more energy-efficient components, chip architects have invented a dizzying array of tricks and gadgets that make computers faster. But fifty years after the founding of Intel, engineers have begun to second-guess many of the chip-making industry’s design techniques.

Recently, security researchers have found that some innovations have let secrets flow freely out of computer hardware the same way software vulnerabilities have led to cyberattacks and data breaches. The best known recent examples were the chip flaws nicknamed Specter and Meltdown that affected billions of computers, smartphones and other electronic devices. On 10 July, researchers announced they discovered new variants of those flaws exploiting the same fundamental leaks in the majority of microprocessors manufactured within the last twenty years.

This realization has led to calls from microchip industry leaders, including icons John Hennessy and David Patterson, for a complete rethinking of computer architecture to put security first. I have been a researcher in the computer architecture field for fifteen years – as a graduate student and professor, with stints in industry research organizations – and conduct research in power-management, microarchitecture and security. It’s not the first-time designers have had to reevaluate everything they were doing. However, this awakening requires a faster and more significant change to restore users’ trust in hardware security without ruining devices’ performance and battery life.

Not so secure
A single modern microprocessor chip can have more than a billion tiny components, including transistors and switches, that form their own little network on a piece of silicon deep inside a computer or electronic gadget. The main problem stems from the fact that tidbits of useful information can leak out from one component to others nearby, just like neighbors often know what’s going on in each other’s houses without asking.