UltraSoC Develops Embedded Hardware-Based Cybersecurity Products
October 22, 2019
News
Security solution rewrites transactions that breach security protocol.
Applications ranging from vehicles and factory robots to consumer devices can benefit from UltraSoC’s latest hardware-based cybersecurity products. These new offerings can detect, block, and record cyber-attacks in real time as they get embedded into the SoCs that power most of these systems.
The first product in the range, the Bus Sentinel, lets SoC designers control access to sensitive areas of their devices, instantaneously detect and block suspicious transactions, and build a long-term profile of system operation to secure against current and future cyber threats.
The security solution also lets designers incorporate an independent internal monitoring system into their ICs. This continuously checks that the device is operating as expected, detecting anomalous behavior that might indicate a security breach. Because it’s embedded in the hardware, it can respond in microseconds rather than the milliseconds offered by more traditional security measures. In addition, it can block “zero-day” type attacks that the chip’s designers may have not anticipated.
During operation, the Bus Sentinel module monitors and controls the SoC’s internal bus, observing how its interconnected sub-blocks are interacting. It can be configured at run time to detect specific transaction types; for example, if a process tries to access the control registers of the memory controller at any time other than a system re-boot; or if a process with insufficient privileges attempts to access a protected area of memory. The detection process itself is performed using configurable filters that can be cascaded to implement complex conditions and detect subtle nuances of system behavior.
One feature that I found particularly interesting is that the Bus Sentinel can be configured to modify a threatening transaction in some way. For example, it can mark the transaction with a flag, then generate a response on the bus. Or it can simply block that transaction.
The UltraSoC Bus Sentinel will be generally available in the first quarter of next year. Its modular design allows it to support any bus protocol, with immediate support for commonly-used on-chip buses including Arm APB, AHB, AXI-4 and ACE.