Every year, costly invasive assaults on data centres can be prevented using advanced hardware- and software-based security remedies. However, damage can still be done to equipment in a data centre physically attacked via various fault injection techniques. In order to identify such attacks, Intel created its Tunable Replica Circuit (TRC) telemetry monitoring technology, which is already supported by its 12th Generation Core Alder Lake platform.
“Software protections have hardened with virtualization, stack canaries, and code authentication before execution,” said Daniel Nemiroff, senior principal engineer at Intel. “This has driven malicious actors to turn their attention to physically attacking computing platforms. A favourite tool of these attackers is fault injection attacks via glitching voltage, clock pins and electromagnetic radiation that cause circuit timing faults and may allow execution of malicious instructions and potential exfiltration of secrets.”
The platform controller hub, or PCH, included in Intel’s Alder Lake 600-series chipsets, which support the company’s Converged Security and Management Engine (CSME), already has a TRC module that continuously monitors the performance of other system components, including the CPU.
Timing errors that can be caused by a voltage, clock, temperature, or electromagnetic glitch, among other things, are monitored by TRC. For instance, when certain CPU timings are abnormal, this may be a sign of a cyberattack (one that uses a fault injunction or exploits holes in security).
Intel is certain that the technology will not activate mitigation mechanisms to ensure data integrity in normal circumstances owing to a false positives probe since the set of TRC sensors is calibrated to identify errors produced by a fault injection rather than by typical workload voltage droops.
“By changing the monitoring configuration and building the infrastructure to leverage the sensitivity of the TRC to fault injection attacks, the circuit was tuned for security applications,” said Carlos Tokunaga, principal engineer in Intel Labs, explaining the research approach.
The TRC technology is now being tested on a client platform, but it will probably also be used in Intel’s forthcoming data centre platforms. Physical entry to a data centre is more difficult than access to a PC for obvious reasons. However, once a criminal is inside, he has simultaneous access to numerous systems, so TRC might be quite useful.
Also Read:
