Digging Deeper in Hardware/Software Security

Digging Deeper in Hardware/Software Security
by Bernard Murphy on 08-19-2019 at 10:00 am

When it comes to security we’re all outraged at the manifest incompetence of whoever was most recently hacked, leaking personal account details for tens of millions of clients and everyone firmly believes that “they” ought to do better. Yet as a society there’s little evidence beyond our clickbait Pavlovian responses that we’… Read More


Can I Trust my Hardware Root of Trust?

Can I Trust my Hardware Root of Trust?
by Bernard Murphy on 02-28-2019 at 7:00 am

Hardware Roots of Trust (HRoTs) have become a popular mechanism to provide a foundational level of security in a cell-phone or IoT device or indeed any device that might appear to a hacker to be a juicy target. The concept is simple. In order to offer credible levels of security, any level in the stack has to be able to trust that levels… Read More


Security and RISC-V

Security and RISC-V
by Bernard Murphy on 11-30-2018 at 7:00 am

Image Removed One of the challenges in the RISC-V bid for world domination may be security. That may seem like a silly statement, given that security weaknesses are invariably a function of implementation and RISC-V doesn’t define implementation, only the instruction-set architecture (ISA). But bear with me. RISC-V success… Read More


Webinar: Ensuring System-level Security based on a Hardware Root of Trust

Webinar: Ensuring System-level Security based on a Hardware Root of Trust
by Bernard Murphy on 08-23-2018 at 7:00 am

A root of trust, particularly a hardware root of trust, has become a central principle in well-architected design Image Removedfor security. The idea is that higher layers in the stack, from drivers and OS up to applications and the network, must trust lower layers. What does it help it to build great security into a layer if it can… Read More


Timing Channel Attacks are Your Problem Too

Timing Channel Attacks are Your Problem Too
by Bernard Murphy on 08-07-2018 at 7:00 am

You’ve heard about Meltdown and Spectre and you know they’re really bad security bugs (in different ways). If you’ve dug deeper, you know that these problems are related to the speculative execution common in modern processors, and if you dug deeper still you may have learned that underlying both problems are exploits called timing… Read More


CEO Interview: Jason Oberg of Tortuga Logic

CEO Interview: Jason Oberg of Tortuga Logic
by Bernard Murphy on 05-31-2018 at 7:00 am

I first met Jason Oberg, CEO and one of the co-founders of Tortuga Logic, several years ago when I was still at Atrenta. At that time Jason and Jonny Valamehr (also a co-founder and the COO) were looking for partners. The timing wasn’t right, but we’ve stayed in touch, for my part because their area of focus (security) is hot and likely… Read More


A Development Lifecycle Approach to Security Verification

A Development Lifecycle Approach to Security Verification
by Bernard Murphy on 02-22-2018 at 7:00 am

We have become accustomed to the idea that safety expectations can’t be narrowed down to one thing you do in design. They pervade all aspects of design from overall process through analysis, redundancies in design, fault analytics and mitigation for faults and on-board monitors for reliability among other requirements and techniques.… Read More