By Helena Handschuh, Chair of the RISC-V Foundation’s security standing committee and Fellow at Rambus
EETimes (April 22, 2019)
With the proliferation of intelligent devices, the industry needs new robust security approaches instead of trying to fix the cracks in existing designs.
Companies often don’t build security into their products from the start. Instead, they add on cryptographic algorithms and primitives to achieve confidentiality and authenticity properties, but this add-on approach makes the product a target of possible attacks.
Attacks might include exploitable software bugs, the most common vulnerability, or hardware leaks, physical attacks, logical attacks and remote and localized attacks. Newly identified vulnerabilities such as Spectre, Meltdown, Foreshadow and Spoiler have shown that problems such as side-channel attacks also exist in hardware designs, and that there are likely many more vulnerabilities in current solutions from hardware vendors.
Click here to read more ...