Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

Sorting Out Security: Making Sense of Today's Solutions

Security at the process level is essential to creating an immunity to the cyberattacks of tomorrow.
By Jothy Rosenberg

Embedded Devices Need Embedded Security
The cybersecurity problem must be addressed at the root cause: the attacker's ability to take over the processor in the first place. Today's processors, however, are highly vulnerable, since they are based on Von Neumann's 1945 Stored Memory Processor architecture. Throughout the years, the architecture has been optimized to be smaller, faster and cheaper, but security has never been part of the mix.

Von Neumann's architecture doesn't account for the additional information a processor needs to ensure that it does only what the application designer intended. Processors will blindly execute the instructions they receive, and they have no way of knowing whether an instruction came from a trusted source or a malicious attacker.

Complex software will always have exploitable bugs because software is written by humans—and humans make mistakes. Our processors need computing security. They need to be modified to make them immune to attacks that prey on software vulnerabilities. They need to be given the intelligence to distinguish between good and bad instructions, and the ability to stop malicious instructions at the processor level before any damage can be done.

The Bottom Line
Our world of the Internet of Things (IoT) and embedded devices is highly vulnerable and under attack, and as the number of connected devices increases, so does the volume and sophistication of cybersecurity risks. Security must become a priority. Our devices need both communications security and computing security.

We need to secure our communications, so people can't siphon off corporate or national secrets, or steal identities and other personally identifiable information. Communications security is accomplished by using well-established cryptographic algorithms to encrypt and decrypt communications. We also need to secure our computing devices to protect against the inevitable and unavoidable vulnerabilities in software that enable attackers to hijack processors. That's computing security. As Larry Ellison, Oracle's CTO and chairman, noted, "Even the best hackers have not figured out a way to download changes to your microprocessor… You can't alter the silicon."

Security at the process level—and the systems in which it is embedded—is essential to creating an immunity to the cyberattacks of tomorrow.

Jothy Rosenberg is the CEO and founder of Dover Microsystems. Dover is the ninth technology startup that Jothy, as a serial entrepreneur, has founded and/or run since 1988. Prior ventures include MasPar, Novasoft, Webspective, GeoTrust, Service Integrity, Ambric, Mogility and Aguru; two of these companies sold for more than $100 million. Earlier in his career, Jothy ran Borland's Languages division, where he managed the development of languages, including Delphi, C++ and JBuilder. He earned his BA degree in mathematics from Kalamazoo College and his Ph.D. degree in computer science from Duke University.

Login and post your comment!

Not a member?

Signup for an account now to access all of the features of RFIDJournal.com!

PREMIUM CONTENT
Case Studies Features Best Practices How-Tos
RFID JOURNAL EVENTS
Live Events Virtual Events Webinars
ASK THE EXPERTS
Simply enter a question for our experts.
TAKE THE POLL
JOIN THE CONVERSATION ON TWITTER
Loading
RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations