Many industry leaders claim to provide processors with some level of hardware security. CEO Jothy Rosenberg explains why Dover's CoreGuardTM  stands out from the crowd. 

Security is confusing to someone who makes or who deploys an embedded or IoT device. There are literally thousands of vendors selling all kinds of software for embedded devices or network security. Many of these large vendors claim they have a secure processor. Smaller vendors often take these purported security features, add their little twist, and claim what they have created is a also secure processor. While these features may add some security value, it is vital understand what really make a processor secure so you can focus your efforts on what will get you the right security.

First, let’s remember that software security solutions are, well, software. They have the same vulnerability profile that all software has. That is, on average, about 15 bugs per thousand lines of code (according to Steve McGuire of Writing Solid Code) of which about 2% (according to the FBI) can be turned into vulnerabilities. Even modestly sized security software runs to one million lines of code, while more sophisticated intrusion detection systems are 10 times that. We will revisit how these quite vulnerable defensive software systems can get a new lease on life and provide much higher value in a moment.

When a vendor says they have a “secure processor” what they mean in today’s world is that they have added encryption and maybe key management to a standard processor. They do this in hardware to make it faster than running encryption software on the standard processor. This is actually “communication security”, meaning they are helping their users make sure any data going to and from their device is encrypted. This makes data theft or exfiltration impossible or very difficult for an attacker. (When we say difficult that means that the attacker may find it not worth his while to work that hard since there are so many easy to attack places). Encrypting communication is good and in some situations vital. But it doesn’t really warrant calling it a “secure processor” as we will demonstrate.

As we have shown on this blog previously here and here, our main processors have to be protected or the attackers just find a software vulnerability, do a buffer overflow, inject some code, and take over the processor. Once they have done that, securing communications or having layer after layer of defensive software is meaningless. We have also shown here that huge vendors who claim comprehensive security in hardware really are only delivering a single relatively small feature — useful but hardly enough to make people sleep well at night.

Our approach at Dover is aimed squarely at computing security, or, if you prefer, processing security. And our goal is to completely secure computing against all forms of attack that can come over a network. MITRE breaks down all the network-based attacks and categorizes them by the type of software vulnerability (or weakness). In total there are 705 weaknesses, broken into 7 classes. We have addressed the first two categories (buffer errors and code injection openings) which already accounts for 90% of all attacks. The remainder will be addressed as our policy set becomes even more robust.

So if we need to call what CoreGuard provides computing security, then to disambiguate what today people are calling a secure processor, we need instead to call that “communications security”. And as I said earlier, many embedded devices, especially if they need to communicate over a network, will need both.

Finally, and here is the really cool part, any defensive layers of software the device builder or user wants to install just suddenly got really useful and will finally live up to its vendors claims. That’s because any vulnerabilities those software systems might have are blocked from being attack vectors due to CoreGuard being a secure computing processor.


The weekly CEO Column features Dover Founder & CEO Jothy Rosenberg’s thoughts on product, industry, community, leadership, and more. Center stage, every Monday. Be sure to subscribe to the Doverlog to never miss a beat, and continue to check in right here on our site!

Share This Post

More from Dover

PublishedJanuary 03, 2018

In the final iteration of Privacy and Integrity, Greg Wraps up with a few more IFC policy examples 

CoreGuard IFC