Strengthening cybersecurity at the edge: Intel and Mercury talk multilayered security
February 25, 2021Mercury Systems
Taking secure computing to the tactical edge requires a built-in multilayered security approach from system startup to system availability. Listen in as experts from Mercury Systems and Intel discuss how they work together to safeguard confidential data and IP against adversarial threats and deliver uncompromised cutting-edge data center-caliber systems that are both affordable and familiar.
Hello, and welcome to another edition of Mercury Now. I am your host, Ralph Guevarez, and today's topic, why data security matters at the edge. Now, as bad actors continuously look for ways to exploit vulnerabilities, technology leaders must employ various strategies to prevent these harmful effects. Now, today we're going to discuss the use of multilayer security to significantly reduce the attack surface area. We're going to have that discussion right here on Mercury Now. Joining me today from Mercury Systems is Scott Miller, expert scientist, and Shaun McQuaid, director of product management for our embedded division, and a special guest, John Brynildson, sales manager of military, aerospace and government markets within Intel's IOTG business unit. Gentlemen, good day and welcome to the show.
Thank you, Ralph.
Happy to be a part.
John, you're our guest today. Could you please give our listeners a brief background on your current role at Intel?
Yeah, so I am part of Intel's Internet of Things group, which is the team, the business unit within Intel that focuses on embedded compute applications. Within that team, I focus on our military, aerospace and government markets. My primary responsibility is as a liaison between our business unit team that's creating products for this market as well as our field sales teams, and more importantly with our ecosystem partners like yourself, Mercury Systems.
Thank you, John, and welcome. Scott, a brief background, please, if you will.
Sure. So after about 15 years in security technology R&D, I've kind of come to the dark side as the product manager for the secure products group. We're primarily responsible for driving security requirements into Mercury's hardware and then producing the capabilities that make use of the features enabled by those requirements. So we work pretty closely with the hardware teams, particularly Shaun's team in the embedded group to really help define Mercury's security enabled hardware architecture.
Thank you, Scott. Shaun, a return guest, if you please.
Great to be back. My name is Shaun McQuaid. I'm the director of product management for Mercury's embedded business unit. So I've been on the dark side for quite a while now. My focus is on the product lines that deliver ruggedized size, weight and power constrained processing subsystems to the tactical edge. And so that includes OpenVPX products as well as the chassis level solutions that deliver them.
Well, thank you all for joining me. I appreciate your time. Let's begin by discussing why security is important at the edge. John, could you please give us Intel's perspective on addressing security, if you will?
Yeah, absolutely. So the attack surface, and I think most listeners would agree with us, but that attack surface is really continuing to expand and leaving data unprotected. In part, it's really due to the growing number of IoT devices or edge sensors that are connected to a network. But I think just as importantly is our cyber criminals are increasing in sophistication. They're beginning to skirt firewalls and security software that in the past might have been effective. Although no single security solution really can be completely protective of a computer system, from these different challenges we do believe that a multilayer security approach is necessary to protect those critical processing systems and that government and public sector technology must be designed with these security issues in mind.
Yeah. I agree with John. That need for multilayer approach, particularly when you migrate hardware out of the data center out to the network edge, the attack capabilities grow quite a bit when they can put physical hands on a device. That doesn't mean cybersecurity goes away. That means adversaries really gain a lot more entries into the system. So it adds to that cybersecurity need.
Within my group and Mercury, we view physical security as the anchor of all other kinds of security. The reason for that really is physical security protects the keys that enable you to use cryptography, which in turn is used to build the capabilities such as secure boot or the data integrity that really protects modern data intensive applications like artificial intelligence or the emerging edge sensor use cases.
As Scott described, that physical security anchor is critically important. To take secure boot and secure computing to the edge, Mercury takes readily available commercial technologies and designs our own computing hardware from the ground up and then secures and ruggedizes it for field deployment. Think of it this way, there are many computer hardware companies out there, Dell, HP, Acer, for example, that make motherboards for laptops, desktop PCs, or servers. Now, if you narrow those down to those who actually make hardware using server class CPU's like the Xeon class from Intel, Dell, HP and the like, how many of those are US-based companies? How many have US-based designers? How many do that manufacturing in the US as well?
With the combination of Intel and Mercury Security Enablement, we can bring a unique value here in the security that can be deployed to the field or the edge, as the phrase goes. At the edge, value technology, critical IP and confidential data can be lost, altered or captured and therefore must be protected from attack. Intel security features are built into their silicon. Our BuiltSECURE technologies are built into our hardware, not bolted on. They safeguard this confidential data and intellectual property against adversarial threats even when a system might've been compromised, which you can imagine could happen when you're deployed at the tactical edge.
Thank you for your insights, gentlemen. You mentioned secure boot. Can you please expand on what secure boot is and why it's so important? Scott, we'll start with you.
Yeah. So secure boot is the process that takes us from power on to the system to running a known verified configuration. So it's really a step-by-step process that establishes the integrity of each piece of software or firmware before we allow it to run on the system. So if you think about what a malicious actor is going to try to do, yep, in some cases they'll get malware or a virus running on a system. Secure boot's role in that case is to really make sure that that malicious software that makes it onto a system can gain no persistent foothold, right? We want to know that every time we power cycle, the system is going to come up to a clean known state every time.
One of the other key pieces of secure boot is really about making sure a system comes up in the configuration it's supposed to be. In modern systems, we tend to build security on a basis of a specific configuration of the built-in security features of the hardware and then on that we build the rest of the security platform. And so if someone can get in, change security configuration, right, some of the assumptions we're depending on could be violated. So secure boot's there to make sure, obviously, the system comes up in the configuration that the rest of the security system is built upon. So we've been happy to see the growing interest in security in the commercial space. We work pretty closely with Intel to make sure that as the security technologies come off the line from Intel, we know how to make best use of them in Mercury's products.
So, Ralph, just to add in to what Scott said, if you can't trust the system, you can't risk exposing critical software to it. We see a trusted boot sequence really providing that foundation from which you can build your multilayer security approach on. So it's really your start point. There are two technologies, if I could just real briefly, Intel Secure Boot with Converged Boot Guard and Trusted Execution Technology. That is a fusion of two powerful boot sequences, Intel Boot Guard and Intel Trusted Execution Technology or TXT.
The Boot Guard's a technology that determines whether the firmware booting the platform can be trusted or is inappropriately modified. And with the Intel Boot Guard, the system manufacturer like our partners, Mercury, will create a digital signature for the firmware that must be validated before the boot sequence can be completed. Then combining that, as I mentioned previously, Intel TXT. So it offers a little extra control beyond the firmware where TXT creates a cryptographic unique ID for each launch enabled component, and it will terminate the launch of code if it doesn't match your approved code. So this technology really establishes what we call a measured launch environment and it compares all critical launch environment elements against a known good source. So we believe that these technologies really help establish your secure boot and will build that foundation from which to build upon your additional layers of security.
Yeah, absolutely. At the end of the day, having that secure boot on a boot server that can then serve the operating system and the application to a deployed cloud computing cluster can really only secure that hardware if it can be trusted from power on through boot, application, loaded, and then delivering that known good content to the rest of the processing elements that make up the cloud.
So leveraging Intel's technologies ensures that we can deliver cutting edge data center caliber systems that are both affordable and familiar. The key is to ensure that security is in place ahead of time and built-in. That allows standard hypervisors, containers, operating systems and applications to run in the same manner as can be found on the commercial data center that lives behind closed doors, active firewalls set with constant human and machine oversight.
Thank you, gentlemen. Now, when I read about security, it seems cryptography is the central theme. Scott, can you speak to cryptography in the context of secure processing, please?
Sure. So cryptography really provides the basic toolkit for detecting unauthorized changes and for denying access to software and data to unauthorized parties. But cryptography, really, it's not a silver bullet, right? Its security guarantees are mathematical in nature, and so there's a lot of care has to be taken on meeting the assumptions that provide the security guarantees of cryptography. And that's before you get to considerations like, how long do you use your crypto keys before changing them? Or making sure you're doing good, what we call buffer hygiene, right? Removing data from memory once you're done using it.
All that aside, though, cryptography is still one of the most important tools. It just means or those considerations just mean that a lot of care has to go into using cryptography. That's part of the best practice guidance you see in the industry of, "Don't invent your own cryptographic solutions," or at least most application developers shouldn't be rolling their own solutions. That's one aspect where our customers have found a lot of value in our Intel-based products. The processors offer both access to high-speed low-level cryptography like the AES-NI instructions, but also offer sort of integrated higher level features like transparent memory encryption, things that take care of all of the crypto details and let customers really focus on their application development.
So agreeing with what Scott said, cryptography really plays a key role within many of the hardware-based security technologies. So Intel use encryption techniques, a couple of security technologies in particular, Total Memory Encryption and Software Guard Extension. Two examples where it's used, Intel Total Memory Encryption will encrypt the platform's entire physical memory and it helps ensure that all memory access by the CPU is encrypted. The encryption key is created during every boot sequence by a hardened random number generator within the CPU and it's not exposed to the software. Intel SGX will also use encryption techniques. It encrypts specific application code and data to create private regions in the external memory called enclaves. These enclaves are protected from malicious processes writing at higher level or higher privilege levels. So it would protect it from, examples include, rootkit malware and physical access rights.
Thank you, John. Now, Shaun, we're talking about the importance of confidentiality and data integrity. What are other aspects important to security?
So system availability is another key pillar of overall system security. The concept is that services, whatever they might be, are reliably available when you need them. You can imagine how critical this is when your server cluster is at the edge. In the commercial world you may have heard of denial of service attacks, where someone coordinates a large number of computers on the internet to simultaneously make requests from a target business. This effectively shuts down their website. This is a good example of poor or compromised system availability. Now, at the edge, availability is critical to folks who depend on those servers for situational awareness, to sift through the data, to extract actionable information. Because these decisions need to be made in real time, a gap in availability cannot be tolerated. Luckily, Intel and Mercury work together to offer protections in this area as well.
So Shaun's response about denial of service attacks and system availability is really a key point. One of the capabilities or technologies that Intel also offers within the hardware is a technology called Resource Directory Technology. What that allows is it provides visibility and control over some of the shared resources like your cache or memory bound with bandwidth and how they're used by the different applications, or virtual machines, or containers.
The Intel Resource Directory Technology really can provide many insights to system administrators that they can gain. But with respect to security, designers can use this tool to dedicate certain regions of cache to critical threads or applications and ensure that a denial of service attack cannot commandeer or interfere with the cache and memory bandwidth that's been assigned to priority applications. So, that's a really good example of another type of security threat you need to prepare for.
Gentlemen, I want to take this opportunity to thank you for joining me today. I enjoyed the discussion and have a better understanding of Intel's world-class data center security features and how Mercury further augments Intel's technology to deliver trusted and secure solutions to the edge. I wish you best of luck moving forward. God speed, and I look forward to having you all on the show again soon.
Thank you very much, Ralph.
It's always a pleasure to be here.
Listen to us
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- November 2019
- October 2019
- September 2019
- July 2019
- June 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018