Cyber Escort Unit IP
A hardware-based solution which increases the security by checking the integrity of executed code on any microcontroller.
The CPU has undergone many transformations and processors have had to become smaller. These changes as well as the race for better performance have critical negative impact on security. Indeed, cybercriminals are constantly using new, complex and sophisticated attack schemes and malware to attack the CPU and access sensitive data or rootkit platform. But it is not just about software and operating systems. Increasingly, hackers are also targeting hardware components with physical attacks on the CPU to access to the system.
The problem with cyber-attack is that CPU are achieving more and more performance. These performances come with critical negative impact on security by neglecting certain recommendations on program execution.
Current software code contains bugs (estimated prevalence = 1 bug per 500 code lines). These bugs can be source of weaknesses and attacks such as:
- Breaches in cyber protection;
- Unpredictable;
- Zero-day attacks.
Spectre, Meltdown and STUXnet are examples of cyber attacks due to bugs in the initial code that allow to generate a 0-day attack:
- The traditional vulnerability protection model is not capable of comprehensive security assessment. Current protections that consist in software patches; are not adapted to these threats for several reasons. They offer a limited scope of protection by only covering the detected bug and may themselves contain bugs;
- The development and deployment of software patches takes time and during this time, the system remains vulnerable.
Cyber Escort Unit IP solution
To thwart today’s and tomorrow’s software attacks, security must be designed directly at the hardware architecture level. Secure-IC has developed a hardware-based cyber-protection solution named Cyber Escort Unit.
The hardware and the software layers must cooperate to ensure tangible security. Cyber Escort Unit IP provides a robust and sustainable model for rapid detection of cyber-attacks (even undocumented ones) to quickly respond and reverse the advantage.
Cyber Escort Unit IP offers the following features:
- Real-time detection of zero-day attacks on the code,
- Hardware protection integrated in the customer’s chip (SoC),
- Operates alongside the CPU to verify the integrity of the executed code and its control flow,
- Timely detection of corrupted executed code and execution flow deviation,
- Fills the security gap between software cybersecurity and hardware embedded security.
Cyber Escort Unit IP can be used in several markets and applications such as automotive (real time, low latency requirement, safety compatible), set-top boxes (high security and high asset value), SCADA (supervision), datacenter (data protection), network and telecom infrastructures and government sector (incl. defense and aerospace).
Cyber Escort Unit is particularly relevant for:
- Ensuring a robust secure boot of the electronic system by instantly detecting any corruption of the executed code and deviation of the execution flow
- Detecting malicious Trojans in your system and triggering an alarm when the Trojan attempts to manipulate its target
- Identifying the signature of a cyber-attack by creating a log to report any deviations of the execution flow.
Cyber Escort Unit IP is a combined protection against cyber and hardware attacks. Thanks to Cyber Escort Unit, the malicious attack on the code or on the control flow can be stopped before being executed, with an instruction granularity. Cyber Escort Unit is able to detect timely (real-time detection) the corruption of the executed code and the deviation of the control flow graph (CFG) and provides robust protection against buffer overflow attacks and Control Flow Integrity Corruption.
Cyber Escort Unit has low run-time overhead with a very low CPU usage of approximately +1% impact on the average execution time.