Industry’s First Intelligent, Peer-to-Peer Cloud Computing Platform Leans on Open Hardware Security

The semiconductor industry is responding with increasing fervor to hardware security.

One recent startup, Subutai, is seeking to combat security challenges with the "first intelligent peer-to-peer (P2P) cloud computing platform" for IoT and blockchain. 

 

Subutai's Product Suite

Subutai claims that their products "disrupt, democratize, and commoditize cloud and Internet of Things (IoT)." A few of the company's products include: 

• Subutai Blockchain Router: an 18 W to 60 W broadband cloud router and an open hardware gateway for IoT
• Subutai PeerOS: container-based, open-source P2P cloud and IoT software and firmware, allowing users to create their own virtual private clouds
• Subutai Bazaar ("the Airbnb of computing resources"): a global marketplace that allows users to buy, sell, and exchange computing resources (including idle computer resources) and cloud applications

 

Subutai Blockchain Router v2.0. Image used courtesy of Subutai

 

These products are rooted by Subutai's hardware security ideals, which are explained in Alex Karasulu's (CEO of OptDyn) research on an open hardware security framework.

 

Diagram of how hardware components and FPGA-based platforms work together for hardware security. Image used courtesy of Alex Karasulu

 

Though our discussion won't be as comprehensive as Karasulu's, we'll identify some of Subutai's key hardware security tenants here.

 

SIEM

In his research, Karasulu emphasizes SIEM, a two-level security system that includes 1) a cloud-based software solution that acts as a command control center for IoT devices and 2) a hardware layer that runs in co-operation with the IoT processor.

Since IoT networks can potentially contain many devices, it is important that all devices can protect themselves during an incursion of malware. The idea behind SIEM is that each IoT device has a security SoC purposed to monitor abnormal behavior.

To achieve this, the IoT device is analyzed by the security SoC during nominal conditions (without the presence of malware). When malware is injected, the IoT device behaves differently (as it is now running malicious code) and this can trigger the security SoC to perform security-based actions, like informing the command center.

From here, the command center can take action, such as informing all IoT devices to shut down or disconnect to prevent the spread of malware. 

 

DIFT

One concept driving Subutai technology is DIFT or Dynamic Information Flow Tracking. DIFT is used to monitor the flow of data and code as it is executed.

The DIFT module is designed to detect inconsistent and illegal conditions that could cause unexpected behavior. Such conditions include command injection, authorization bypass, format string attacks, CSS, buffer overflows, SQL injection, and directory traversal. 

 

Proposed architecture for DIFT using Arm CPUs and Xilinx's Zynq SoCs. Image used courtesy of Alex Karasulu

 

Karasulu cites research from Intel and the University of California in which engineers implemented "hardware-based DIFT using multi-core processing systems with a core dedicated to DIFT calculations." The core, they claim, drives information flow tracking.

 

Fuzzy Hashing

Fuzzy hashing is a cryptographic hashing method that produces a hash with a value that is very similar when the input changes marginally. To understand why this is useful in security, we first need to understand more about malware.

Polymorphic is a type of computer infection that modifies itself to look digitally distinct while still performing the same routines. Fuzzy hashing can be used to hash the original virus to produce an identifier. If the new virus is fuzzy hashed, then the two hashes will be similar enough—though not identical—to show that the underlying function is somewhat similar. 

This type of comparison is normally very slow when accessing external memory to scan store code. This is why Subutai’s approach is to have all data streams scanned in real-time. Since there is a great deal of pattern matching required, a special pattern matching processor is used that performs all pattern matching in hardware.

This pattern matching system, combined with the fuzzy hashing, allows for real-time detection, which can update its own malware database when a new virus detection is made—despite the virus having changed its digital appearance.

 

IoT Security Starts at Hardware

Running software security solutions can only do so much. Hardware security can dramatically improve security while having little to no impact on processor speed. With the next decade set to see a rise in demand for privacy, designers may be increasingly attuned to some of the hardware security measures that Subutai has raised an ear to.