We are already aware of how difficult it is to find a security flaw from any software. The ones that are deliberately inserted by spies and hackers in the form of hidden backdoor’s are even worse to detect. Have you ever imagined how difficult it would be to detect a backdoor when it’s not in the software or in the operating system, but is planted deep down in the hardware?
Hardware is the base that supports every program and software to run on a computer. It is something that everyone has to rely on.
You might think it might be easier to detect the backdoor if it’s in the form of hardware and is part of some chip. But, that hardware part is one among other billions of parts that are planted on a single chip. Each component on such chip is extremely small (thousandth of the width of a human hair) and cannot be seen by human eye. In addition, that silicon backdoor is undetectable not only by computers’ software, but even by the chip designer, who has no clue that something like that was added to the hardware by chip manufacturer.
Undetectable Hardware Backdoor To Help Data Theft
Hardware is the base of any system. All the software and algorithms are executed on top of a processor. The software trusts that the hardware will implement the specifications faithfully. For the majority type of hardware flaws, the software has no way to check if something went wrong. To make it even worse, if the hardware is attacked, it can taint all the layers of the system that relies on that part of hardware, which may violate high-level security policies that are correctly implemented by software.
Back in 2011, General Michael Hayden, who was a former director of both CIA (Central Intelligence Agency) and NSA (National Security Agency), defined the idea of computer hardware that contains hidden backdoor as “the problem from hell”. In October 2013, it was reported that the NSA itself practiced this by teaming up with U.S. companies in order to plant a secret backdoor into the chips and other hardware components of computers to support their surveillance efforts.
After getting this news, security experts were highly concerned as Hayden’s assessment was held to be true. Vulnerable hardware is really difficult and quite impossible to detect. If hardware is compromised, it can do things such as accessing data from the computer in such a way that it is undetectable by any software. If the NSA is encouraging chip manufacturers to plant hardware backdoors, then there is a huge possibility that other agencies across the world are also doing the same thing. Such security violation can also mean that agencies like NSA that encourages such moves can also get tempted to cross the legal restrictions that are applied on surveillance.
The Hardware Backdoor Dilemma
All of this began with the trend of smaller transistors, which delivered enhanced performance while consuming lower power, but the only problem with it was – it made fabricating of the chip more expensive. As a new generation of transistor is about to come, there is a cost associated with retooling of the smaller transistor. It costs 15% more to setup fabrication line for each successive process node. By 2020, it is assumed that setting-up a fabrication line for the smallest transistor size may require $20 billion of upfront investment.
To amortize the cost of this, initial tooling that is required to support a specific transistor size, a majority of hardware companies outsource fabrication.
One of the main reasons for outsourcing fabrication was to keep the final price lower, as it affected the buying behavior of all the customers around the world. This resulted in a decrease in the use of trustworthy and authorized resellers.
Most of the fabrication orders today are outsourced to some far-flung Chinese factories as they offer to do the production at a much cheaper rate. This situation is somewhat conflicting, as majority of security attacks against western companies is assumed to be done by their government agencies.
Even when there are few allegations against various government agencies, the idea of deploying backdoors in computer hardware is not yet backed by any publicly confirmed case. In the past few years, the stealth of malicious hardware has been clearly demonstrated by security researchers, as the security of computers is constantly compromised by installing backdoors into the firmware of the computer components.
In 2012, a presentation at the Black Hat security conference splurged how to plant a backdoor in a new computer system in such a way that even replacing the hard drive won’t help.
Before knowing that the NSA was also involved in encouraging the installation of hardware backdoor, most of the United States officials strongly believed that such tactics were implemented by China, looking at their government’s attitude towards the U.S. Also, the fact that a large number of computer hardware was manufactured in China made it even more suspicious.
Is There A Way To Detect Malicious Hardware Component?
If any hardware backdoor is detected at the Register Transfer Level, an Integrated Circuit can isolate it so as to avoid the triggering of the backdoor. According to security experts, the post-fabrication phase is most crucial for detecting potential security threats.
Here are two ways in which the backdoor can be detected:
This method completely breaks down the component that is currently being analyzed. All the hardware components are reverse-engineered, to know what’s wrong. This method is very expensive and time consuming and is usually performed by Chemical Metal Polishing. This process is then followed by SEM (Scanning Electronic Microscope) image reconstruction and analysis. The circuits are generally verified using visual comparisons. However, this method isn’t useful if the backdoor is planted before fabrication.
NON DESTRUCTIVE METHOD:
Non-destructive detection can be further classified into two types: invasive method and non-invasive method. Using invasive method, the design of the components is altered in order to control the embed feature for backdoor detection. For instance, in invasive method, an additional I/O is added for each module to permit the execution of self-testing circuitry that is particularly designed to test abnormal events.
On the other hand, non-invasive hardware Trojan detection is done by comparing the performance of the component that is under analysis with a component that is considered as good or ideal. This type of detection is done during test-time or during run-time.
How Can We Eliminate The Installation Of Hardware Backdoor Altogether?
The best and the only way to prevent the installation of hardware backdoor is to keep a keen eye on the entire production process. Instead of outsourcing the fabrication, it has to be done by a trusted team of chip designers and manufacturers. This type of production may sound impractical as most of the companies cannot bear the high cost and time that it consumes. But, unfortunately, employing trusted people in creating the hardware using self-made tools seems like the only way to eliminate the presence of hardware backdoor from the computer components.
The issue of hardware backdoor is considered so noteworthy because those electronic components are widely spread in our surroundings. Starting from our vehicles to sophisticated defense systems, every device contains firmware and microcircuits. So, each and every device in our surrounding requires a cautious verification.
As the globalization of manufacturing processes takes a hike, it is next to impossible to verify each and every device that we use in our daily lives. The only solution to avoid tainted components with hardware backdoors is to frame a cyber-strategy that is accepted by the government of every country in order to guarantee the security levels of all the devices.