Army

Microprocessor design for secure, high-assurance, safety-critical computing

Hardware-level computer security utilizing a hierarchy of access layers substantially raise the difficulty level to hack a computer system

Software & Information Technology

Given the number of data breaches and amount of information stolen from computer networks, it’s clear that conventional computer architectures do not adequately support cybersecurity. According to a study sponsored by IBM, businesses have a one-in-four chance of having their data security breached, costing an average of $3.6 million.

In light of these concerning statistics, Army scientists and engineers have developed a microprocessor computer system for secure, high-assurance, safety-critical computing.

The architecture leverages an array of cache controllers and cache bank modules, with the latter comprising cache bank hardware permission bits and memory cell hardware permission bits for managing access to system resources. The design also includes a computer security framework subsystem of a hierarchy of access layers in which the top layers are completely trusted, and the lower layers are moderately trusted to completely untrusted.

The top layers comprise a trusted operating system layer that manages and controls system resources, the cache bank hardware permission bits and the memory cell hardware permission bits. The cache bank hardware permission bits and the memory cell hardware permission bits define limits for a hardware execution security mechanism for less trusted to completely untrusted software. Exceeding the bounds of the security mechanism results in a hardware exception, and blocking all attempts to access or modify resources outside the security mechanism.

This technology described in US application number 20170300719 is related to US patent 9,122,610. The ‘719 application illustrates how the hardware, operating system, and application software all work together to create a more secure computer system. It extends and improves the hardware permission bits to make their use more efficient. The cache bank to execution pipeline interface was also improved in this application.

Do you have questions or need more information on a specific technology? Let's talk.

Contact Us