Low power processing cores, such as, ARM cores, now reside in a multitude of common devices, including cellular telephones, as well as, cameras, mobile devices, embedded systems, and within various components of complex systems, such as automobiles and household appliances. These processing cores are being connected together through different protocols, such as Universal Serial Bus (“USB”), Controller Area Network (“CAN”), Near Field Communications (“NFC”) and Bluetooth. This has created a cybersecurity problem at the interface level between hardware devices. Communication protocols such as Bluetooth and NFC have failed to incorporate adequate security, while others such as USB have been retrofitted with protocols developed for the desktop PC market, which only patch a minimal number of security holes at the application level and do not address hardware level communications.
In order to combat data security problems, the processor manufacturers have developed secure enclaves. For example, ARM Holdings' TrustZone and Intel's SGX technologies are designed to enable secure hardware enclaves, such that an application running in one of these enclaves cannot have its memory read or execution modified by any process outside of the enclave, including the operating system. Hardware enclaves prevent secured data from being compromised by malicious software, even if the infection spreads to the operating system. Secure enclaves represent only a first step into the security required for embedded and mobile systems. In addition to securing against these software attacks, one must consider the inputs/outputs from the CPU itself. To address such attacks, processor manufacturers could disable all CPU inputs/outputs; however this approach would result in an unacceptable loss of functionality.
Operating system (“OS”)/driver level attacks have become easier with time as virtually all modern electronic devices now contain a full central processing unit (“CPU”). Therefore, designing an intelligent attack over a hardware protocol no longer requires custom designed hardware or even hardware expertise.