Modern digital processors, such as central processor units (CPUs), are frequently fabricated from a single semiconductor wafer or chip. The trend is to merge more functionality, such as memory control, video control, etc., into the same semiconductor substrate that forms a CPU having one or more associated cores.
While integrated functionality processors and supporting logic continues to grow, much of the functionality, such as interfacing with peripherals, directly or via ports, continues to be managed by complementary logic. Intel® processors have been fabricated with Intel's Hub Architecture, which architecture includes one or two data communications chips that allow the CPU to communicate with components or peripherals. One such architecture employs what is referred to as northbridge logic which was originally designed to work with complementary southbridge logic.
The northbridge served as an interface between the CPU and fast data devices, such as graphics and memory. The northbridge also interfaced with the southbridge which formed an interface to other peripherals or systems, such as a PCI bus, USB, IDE, ISA, BIOS, or legacy ports or peripherals.
As transistor density continues to increase, and design and fabrication techniques continue to improve, functionality such as northbridge are now found on the same die as the CPU, whereas earlier each had been comprised of one or more chips. In some instances, southbridge functionality is also integrated on the same die, resulting in still further speed increases and lower costs. Even when functionality is integrated, conceptual distinction between the CPU, northbridge and southbridge logic may still be maintained.
The proliferation of computers, and the information that is exchanged via computers, has given rise to a significant rise in malicious attacks targeted to compromise computer systems. Attacks are directed to securing access to sensitive information, such as financial, trade secret or personal information. Attacks may also hijack computer or data resources for surreptitious use.
Prevention or minimization of computer security risks has spawned an entire industry. Solutions include network barriers, such as firewalls, and antiviral and anti-hacking software. Also, operating system vendors and application vendors are continuously updating their software to address vulnerabilities to intrusion or hacking. However, certain aspects of hacking are difficult or impossible to prevent. Prevention is difficult even when whole-disk encryption is used, such as available from many vendors.
One example of a difficult-to-protect scenario is referred to as the “evil maid,” so named because it is what might be encountered if one were to leave a computer in a hotel room, unattended. In this example, an attacker would boot a shutdown computer from a separate volume, such as booting from a CD, DVD, flash drive or external drive. The process writes a bootloader onto the targeted system. When the computer owner boots using the hacked bootloader and enters the encryption key, the key can be captured and stored for future retrieval, or even communicated to the hacker via the Internet.
Basically, there is little or no defense against attacks based on physical access to a computer. In addition to evil maid attacks, examples include the “cold boot” attack and the “stoned boot attack.” Marc Briceno, Director of Product Management for the computer security company, Symantec, has stated:
No security product on the market today can protect you if the underlying computer has been compromised by malware with root level administrative privileges. That said, there exists well-understood common sense defenses against “Cold Boot,” “Stoned Boot,” “Evil Maid,” and many other attacks yet to be named and publicized.
The subject application teaches embodiments that solve the above-noted problems, and others, and provides a system and method for increased security of computer systems and associated data.