Whether satellite, UAV, wearable or other equipment, today’s military hardware contains highly-complex microelectronics that include advanced processing, data storage, and data communications capabilities. In-theater personnel rely on these devices to successfully and safely complete their missions. High-performance memory and chip-to-chip interfaces are key to speeding the data between chips and systems critical to the functioning of a modern military.
The increase in connected devices has come with a commensurate growing risk to system security. Through side-channel attacks, adversaries can hack electronic devices and extract cryptographic keys, exposing sensitive information. Systems can be targeted by Distributed Denial of Service (DDOS) attacks, rendering entire groups of connected hardware ineffective and untrusted. Counterfeit chips can compromise the functioning of hardware or be used to steal vital information.
At Rambus, we understand the importance of delivering both the performance needed by military hardware and the means to ensure the data processed, stored and communicated remains secure. Our industry-leading interface and security IP solutions make possible faster, more secure, mission-critical electronic systems.
Our security platform is comprised of a tightly-integrated security ecosystem that enables simple and rapid integration into new and existing systems. The CryptoManager Root of Trust can be embedded as a secure processing core alongside the main CPU to provide robust device security. Secure protocol engines ensure secure transmission of encrypted data over the network.
One of the major benefits of a connected military system is the ability to do in-field Over the Air (OTA) software and firmware updates regardless of where the system is located. This minimizes the need to pull equipment from the field and keeps vehicles and equipment in service longer. A hardware root-of-trust embedded in the system enables the receiving system to verify that the OTA update is authentic. Additionally, the system utilizes personalized keys provisioned at time of manufacturing that are unique to each device to further ensure the integrity of the communication between the cloud and the hardware.
Beyond the traditional jamming and spoofing attacks, there is a growing and significant risk of a malicious attacker taking physical control of a satellite, decaying its orbit, exposing it to irreversible solar radiation damage, or maneuvering into other satellites in orbit. Satellites today contain highly complex embedded microelectronics systems, complete with processing, data storage, and data receiving/transmitting capabilities. Further, they are controlled by ground stations and computers in data centers. Because of this, they are susceptible to threats prevalent in cloud computing architectures, including insider threats, malicious downloads, etc.
In order to maintain in-theater security, military hardware should be examined prior to deployment for security flaws. ASICs, FPGAs, and all other semiconductors are all susceptible to side-channel attacks. In order to ensure that side-channel attacks will not be successful, a security analyst must have a method of testing the level of side-channel attack resistance by collecting power consumption or electromagnetic emission signals coming from a cryptographic device while it performs operations using secret keys. These collected signals can be examined using SPA and DPA testing to identify exposure of secret keys.
Maintaining signal integrity has become increasingly difficult as data rates moves past 28Gbps to 56Gbps and beyond. Up to 28Gbps rates, NRZ is the preferred and standardized encoding scheme which consists of 1’s and 0’s. NRZ is also referred to as PAM2 (pulse amplitude modulation, 2-level), due to its two amplitude levels which contain 1 bit of information in every symbol. With serial data rates hitting 56 Gb/s per channel, signal impairments caused by increased bandwidth has prompted the high-speed serial data industry to adopt PAM4, or 4-level pulse amplitude modulation.