UltraSoC today announced next-generation hardware-based cybersecurity products that can be used to detect, block and record cyber-attacks in a broad range of applications – from vehicles and factory robots to consumer devices. Embedded monitors detect, block and record attacks, prevent propagation.
UltraSoC today announced next-generation hardware-based cybersecurity products that can be used to detect, block and record cyber-attacks in a broad range of applications – from vehicles and factory robots to consumer devices.
These new offerings embed advanced real-time cybersecurity features in the systems-on-chip (SoCs) that power and control every modern product. The first product in the range, the UltraSoC Bus Sentinel, allows SoC designers to control access to sensitive areas of their devices, instantaneously detect and block suspicious transactions, and build a long-term profile of system operation to secure against current and future cyber threats.
UltraSoC’s security solutions allow designers to incorporate an independent internal monitoring system into their chips. This continuously checks that the device is operating as expected, detecting anomalous behavior that might indicate a security breach. Because it is embedded in the hardware, it can respond in real time (in microseconds rather than the milliseconds required by traditional threat mitigation measures), is very hard to subvert or circumvent, and can even block “zero-day” type attacks that the chip’s designers have not anticipated. In addition to detecting and blocking cyber threats, it can be used to trigger actions that prevent propagation, and to provide a forensic “black box” record of events.
UltraSoC Chairman Alberto Sangiovanni-Vincentelli, commented:
“In an age of autonomous vehicles, ubiquitous connectivity and increasing dependence on technology, cybersecurity is one of the top challenges for technologists. We feel that we have a truly unique solution to these problems: which is why more and more customers are turning to UltraSoC to ensure that their products function safely, securely, and exactly as they were designed to do.”
The new Bus Sentinel module monitors and controls the internal bus of an SoC, observing how the chip’s interconnected sub-blocks are interacting. It can be configured at run time to detect specific transaction types; for example, if a process tries to access the control registers of the memory controller at any time other than a system re-boot; or if a process with insufficient privileges attempts to access a protected area of memory. The detection process itself is performed via a range of configurable filters which can be cascaded to implement complex conditions and detect even very subtle nuances of system behavior.
In addition to its detection functions, the Bus Sentinel can be configured to respond to threats in a variety of ways, also in real time: it can allow the transaction to proceed unmodified; it may block the transaction from proceeding beyond the monitor using a transaction gating technique; it can modify the transaction in some way – for example by marking it with a flag; and it can generate a response on the bus. It can also issue a trigger event across the dedicated UltraSoC communications fabric, allowing an immediate response to be generated by other system blocks, or by external threat mitigation systems.