Hardware Features for Maintaining Security During Operation

Hardware Features for Maintaining Security During Operation
Hardware Features for Maintaining Security During Operation
White Paper
October 18, 2018

Hardware Features for Maintaining Security During Operation

Trusted Computing: The COTS Perspective Series

In our previous Trusted Computing white paper, we discussed the importance of secure boot for Trusted Computing. After the secure boot is implemented, our focus turns to hardware features built-in to the most popular defense and aerospace processor architectures to ensure the continued security of a trusted system during operation. Understanding these features, what they protect against, and how to effectively use them will enable embedded systems to operate securely even in the face of attacks. In most cases, some software has to be modified as well in order to take advantage of these hardware features. In a future white paper, we will discuss the software aspect of maintaining system security during operation.

Because different processor architectures support different security features, this white paper will consider some examples of those features. It’s important though to review your own specific platform’s architecture to determine which features are available and germane to your system’s unique requirements. Generally, the system integrator will want to use all of the security features that are available. Variables, such as cost, complexity, and the system’s security requirements and threat assessment, can influence the decision about which features will actually be implemented. Each individual program will have to review its program requirements and make the appropriate trade-off decision regarding security and cost, schedule, complexity. Discussions with commercial-off-the-shelf (COTS) hardware vendors at the earliest stages of system development can be of great help in making the right choices.

Login and download the white paper to learn more.

  • NXP QorIQ Trust Architecture
  • Intel SGX and OS Guard
  • Arm TrustZone