Less than a decade ago, our conversations about cyber security focused almost exclusively on the risk of outside perpetrators, the hackers and viruses that infiltrate and wreak havoc in our computers.

But seemingly overnight, the perceived risk shifted from uninvited intruders toward a new threat that may already lurk inside our machines. Computer engineers around the world are turning their attention to the emerging problem of hardware security. Today’s advanced processors may contain built-in components that can spy on a computer’s data.

“For a long time, people assumed their underlying hardware was trustworthy and that the biggest risk came from unwanted software,” says Sanghamitra Roy, an associate professor of electrical and computer engineering at Utah State University. “But all that has changed.”

The culprit is a class of devices called Trojans, which can be weaseled onto hardware components during various stages of the manufacturing process. Roy, one of the nation’s leading experts on hardware reliability and security, says Trojans are extremely difficult to detect and, once-activated, can stay with a computer for life. She and her colleagues have embarked on a multi-year research effort to better understand the problem.

“Today’s processors are so complex,” she explains. “They are built in series of clusters or cores, each containing billions of transistors. The cores communicate with one another through an interconnect. For hundreds and thousands of cores, the interconnect resembles the Internet. That’s why it is called a Network on Chip.”

The interconnect—the processor’s proverbial traffic cop, standing in the middle of the world’s busiest intersection—is the ideal location where a malicious actor might hide a Trojan. Roy’s team studies two threats related to the interconnect. In one case, the interconnect can snoop on conversations between cores while sending bits of data to the cloud without a user’s authorization. In another case, the interconnect itself can interfere with communication between cores, interrupting time-critical operations. Roy’s team calls this a denial of service.

“Let’s say two cores are exchanging extremely time-critical information. A malicious interconnect might interrupt that process by sending useless information packets that slow down the communication process,” she says. “The interconnect ends up hogging the network and denying service between the cores.”

So who’s behind these built-in, store bought hacks?

Sanghamitra Roy is one of the country’s leading
hardware security experts. Photo by Matt Jensen.

“The chips are being made across a big supply chain that spans oceans and different companies,” says Roy. “The Trojan can be implanted at any stage of that supply chain.”

One of the biggest challenges for the researchers is the clever design of Trojans. They defy security tests and regularly slip through manufacturers’ quality control. They ship in products around the globe and lay dormant inside their machines, waiting for a sequences of processes—a code—that triggers them into action.

For now, Roy’s focus of study is exploring ways to thwart or disable a Trojan, not go hunting for its architect. The National Science Foundation is backing her work, and so far the research is showing promising results. Roy and her team have secured two U.S. patents from the project.

By Matthew Jensen ’08