Industry Expert Blogs

Given recent events, its time for chip makers to take a page from the software vendor handbook and step up their game in heading off potentially costly threats.

A Secure Development Lifecycle (SDL) for hardware with appropriate hardware security products could have prevented the recent Meltdown and Spectre vulnerabilities affecting Intel, ARM and AMD processor architectures. An SDL is the process of specifying a security threat model and then designing, developing and verifying against that threat model.

Many in the software domain are familiar with SDL, which is a process invented by Microsoft to improve the security of software. To make this process as efficient as possible, the software domain is filled with widely deployed static and dynamic analysis tools to provide automation around security review for various stages of the development lifecycle.