The New Era of Mega Trends: Hardware Rooted Security

By Ahmed Sallam

Late last year, I delivered a talk at the ARM TechCon conference. One of the key points I made was that we are now in the era of mega trends that will take us to a new world. I intend to write a series of blogs talking about each of these mega trends, along with a closing blog putting the pieces of the puzzle together envisioning the new world these mega trends will take us to. We will start with Hardware Rooted Security.

You may also like the following articles

What are the Top Use Cases for Desktop Virtualization?
he workplace model is changing and it all begins with desktop virtualization. In traditional business...

Escape the PC refresh cycle with desktop virtualization
Almost every organization is painfully familiar with the annual PC refresh process. With an average...

For close to three decades security has failed to stand up to the challenges imposed by malware authors and by the underground cyber crimes. Malware attacks take place underneath the host operating system, comprising the entire computing experience in such a way that nothing is far from the reach of malware authors.

One of the advanced attacks towards the end of 2009 was Operation Aurora. I happened to be one of the principal forensic analysts who worked on figuring out what happened during the attack including how it started, what went wrong and what was stolen. We never published our findings officially but it was clear that the bad guys were able to access the source code behind the software powering most of today's digital infrastructure including: devices, servers, networks, storage and the cloud.

This incident was not isolated. Since then, a considerable number of carefully and cleverly coordinated attacks have taken place, which could potentially result in some catastrophic tragedies, that and challenge the stability of the modern digital economy.

In analyzing several advanced attacks, by 2010, many things became clear:

  1. Pure software-based security solutions are not capable of preventing waves of advanced, persistent attacks
  2. Security has to live underneath the operating system, not on top of it, and be further assisted by the system hardware
  3. APT (advanced persistent threat) attacks will continue to target stolen software products as seen during Operation Aurora
  4. Data can no longer be protected once; the bad guys know the software security algorithms used to protect them
  5. Some private keys have already been stolen and have compromised the validity of the asymmetric public crypto infrastructure

Even with all of the above, one can still say that today we are at a much stronger defensive position. This is mainly due to the development of many hardware-rooted security technologies that provide out-of-band security assurances.

Obviously, I would start by mentioning the work at Intel and McAfee developing the DeepSAFE vision and technology. The main vision was to develop an out-of-band security that meets the following criteria:

  1. Can be fully isolated from the reach of an un-trusted code
  2. Has full control and visibility to execution environment
  3. Can fully access, trigger, trap and instrument the execution environment
  4. Has the ability to change the flow of execution with no limit
  5. Can safely inject and replace code modules with no restriction
  6. Can protect any piece of code from untrusted read, write and execute access
  7. Can partition execution environment into containers associating different access controls and privileges to each
  8. Provide continuous protection through: disk, CPU, GPU, memory and network operations
  9. Can tag and track data move operations across hardware subsystems
  10. Can store its data securely and communicate out-of-band with each other via networks and local buses

1The usage of Intel's hardware virtualization and TXT has proven to work allowing out-of-band protection for the Windows kernel and applications.

Figure 1: McAfee DeepSAFE utilizes features contained within Intel processors to enable out-of-band protection

2In the Windows-Intel ecosystem that was not the only key development, as other brilliant technologies were developed across the industry. Windows 8 in particular came with a new set of out-of-band protection taking advantage of hardware TPM to measure and secure system firmware and Windows boot environment.

Figure 2: Windows 8 Out-of-Band Protection

3On the ARM side, the TrustZone technology provides a hardware-enabled trusted execution environment that can safely host critical sensitive operations like: video, decoding, data decryption, e-payment transactions, etc.

Figure 3: ARM TrustZone Technology

4Apple has also published an elegantly written, deep technical paper discussing the use of hardware as a root of trust to ensure the security of iOS devices. It is this hardware rooted security that is allowing Apple to develop Apple Pay, hence defining how financial transactions and electronic payments take place.

Figure 4: iOS Security Architecture

Hardware-rooted-security is truly a game changer and a clear mandatory requirement for building any secure end-to-end system. Nonetheless, one can't assume that it can solve all elements of system security. A simple example is the recent attack over iCloud, which demonstrated the need to further focus on those attacks that don’t target the system itself but rather focus on user identity, or user-defined security. It is true that hardware can and should play a much stronger role even in prevent such attacks over user credentials. But that would be a topic I'll be covering in future blog posts.

5Before concluding this article, I’d emphasize three properties of software systems that should be hardware rooted as illustrated in the figure below:

Conclusion, final words and next steps

Hardware Rooted-Security delivers a protection value that has been historically unavailable through traditional software-based security solutions. It makes safety a core component of every computer system regardless of its own operating system. It further helps in unifying the set of security features available across consumer devices and infrastructure servers hence facilitating the secure exchange of data from devices all the way to clouds.

Hardware innovation will continue evolving to meet the ever-changing security needs and challenges we face. Some of the areas that I think need further attention are the following:

  • Tying authorization and access to resources into the holistic set of contextual relational properties focusing around locations and places, wireless networks and other forms of measuring sensors available on mobile devices
  • Tying human driven sensory properties (biological measurements, senses, affection, natural language processing) into the practice of managing, tracking and controlling users activities
  • Unifying and bridging common security features across the two dominant hardware architectures: ARM and x86
  • Unifying hardware security features across devices and servers given the inclusion of common SoC (system on a chip) modules in their chipset platforms

Finally, I intend to continue this series, sharing my personal thoughts and experience. My hope is that series can generate useful healthy debate and further bring awareness to those evolving mega trends that will change our digital economy and human lives forever.

1 Image source (within whitepaper):
Image source (within whitepaper):
Image Source (under HW Architecture):
Image source:
Image source: Ahmed Sallam


About the author
Ahmed Sallam is Citrix cross-functional VP and CTO leading technology development, emerging solutions and products strategy in new emerging era of smart devices, IoT, IIoT, IoE, system virtualization, server physicalization and security. His focus is on new emerging end-to-end solutions ranging from devices to networks to clouds across Citrix lines of products. He also drives Intellectual Property growth opportunities and monetization strategy. Works closely with software and hardware ecosystem partners integrating into Citrix open platforms.

Prior to Citrix, Ahmed was CTO of Advanced Technology and Chief Architect at McAfee/ Intel. developing global threat intelligence along with (PPP) Proactive Predicative Preventive anti-malware security solutions. Ahmed is the co-inventor and architect of Intel/ McAfee’s DeepSAFE technology and co-designer of VMware’s VMM CPU security technology known as VMsafe. Prior to McAfee, Ahmed was a Senior Architect with Nokia’s security division and a Principal Engineer at Symantec. Prior to that, Mr. Sallam was a founding engineer / director / chief architect at three start-ups.

Ahmed is a renowned expert across the industry well known for pioneering new models in computer system virtualization, security and management delivering flexible, safer, well-managed and secure computing experience. He holds 31 issued patents along with over 40 pending patent applications. He is a frequent keynote and session speaker at many conferences including: Citrix Synergy, McAfee Focus, RSA Conference, VMworld and ARM TechCon.