Did you read this article on hardware-enforce cybersecurity?
A colleague shared this well-written article on hardware-enforced cybersecurity.
I'd like to point out that most 'hardware-enforced' cybersecurity articles are about security functions that secure the booting and running of a CPU. But that's not what I mean by hardware-enforced. When I mean hardware-enforced, I mean optical or galvanic isolation; I mean encoding security in ASICs or FPGAs; I mean the hardware IS the security.
That's what this article is about.
Software v hardware
Software on hardware is still software-based cybersecurity. And as the article says:
"Current software-based solutions are becoming too costly in terms of the computing power needed to meet customer expectations for processing speeds in the context of richer content and more complex malware, making security 'very costly and very slow.'"
I work at Owl.* We have been showing folks for over 20 years that when the hardware IS the security their functionality can't be altered, you focus on the known-good rather than trying to keep up with the known-bad, and you don't bring any of the vulnerabilities of general CPUs and software (*cough* like any next-gen machine-learning AI-behavioral-analytics predictive-guessing buzzword-compliant firewall out there).
We have now taken this mind-set to FPGAs.
FPGAs
Again, the article:
"If the requirements are to build some kind of word processor or spreadsheet, a general-purpose processor is awesome for that. But if you want to do security, don't use a general-purpose processor. Use something that is immutable, something that can't be changed, and something that has strong security."
The article, by way of introducing the players (for some reason, missing Owl), discusses how purpose-built FPGA-based hardware-enforced security solutions are ideal for protecting endpoints. Or, as the article points out: 'hack-proof, totally secured communications between the endpoints.' Who doesn't want that?
This is what Owl has been pioneering: putting 20+ years of hardware-enforced cybersecurity experience and technology into FPGA-based solutions that OEMs can embed.
What about you?
Yeah, I'm biased and tooting my horn. I'm really excited about our new embedded solutions. But I'm glad to see others agreeing with what we are offering. That's why I really like this article.
The challenge, though, is that folks outside of the DoD and Intel agencies are still slow to adopt the usual data diodes for hardware-enforced cybersecurity. Even though embedding FPGA-based hardware-enforce cybersecurity is a logical next step, there's still a bit of education and validation to go before folks understand and accept it.
What do you think hardware-enforced security means? Are you applying programmable hardware, like FPGAs, to any of your security solutions?
*Disclaimer - yes, I work for Owl, but my opinions are my own and do not necessarily reflect those of Owl. If that were my intent, I'd be writing on the Owl site, or proclaiming myself a spokesperson, which, for this article, I have done neither.