There are few vulnerabilities that have been subject to the kind of attention and concerns than Meltdown and Spectre. The flaws, built into the design of the very processing chips that power most of the world’s computers, served as a wake-up call to the tech world that speculative, side channel attacks represented a serious, systemic threat to cybersecurity.
Today Microsoft announced it is partnering with three of the largest chip makers in the world – AMD, Intel and QualComm Technologies – to unveil a new security processor chip design for computers and devices that could dramatically reduce the impact of those attacks.
The security chip – dubbed “Pluton” – will “make it significantly more difficult for attackers to hide beneath the operating system, and improve our ability to guard against physical attacks, prevent the theft of credential and encryption keys, and provide the ability to recover from software bugs,” said David Weston, Microsoft’s director of enterprise and OS security, in a Nov. 17 blog post.
Much of operating system security is handled by the Trusted Platform Module, a microcontroller that oversees the integrity of the booting process and other core security needs. In recent years, Weston said attackers have “begun to innovate ways to attack” TPMs by targeting the communication channel between it and the Central Processing Unit. These attacks are tricky to defend against because they don’t really exploit specific vulnerabilities, just the normal information exchanges between the two chips.
Pluton attempts to neuter these kinds of attacks by essentially combining the TPM and CPU into a single chip, leaving no communication channel for attackers to intercept and exploit. The processor stores encryption keys and is segmented from the rest of the system, cutting off access needed to execute most speculative, side-channel attacks.
It also establishes a secure identity for the CPU that can be cross-referenced with Project Cerberus, a security platform that provides a hardware root of trust for motherboard firmware and edge devices. The new chips will also plug into an end-to-end security platform to process firmware updates that will be owned, maintained and updated by Microsoft.
Pluton was successfully road tested in previous Microsoft products, like Xbox One and the Azure Sphere platform, and now will be expanded to future Windows PCs and devices. AMD spokesperson Alex Verduzco told SC Media that Microsoft's new security processor design would be integrated into AMD Ryzen Mobile Processors "in less than three years."
“With the effectiveness of the initial Pluton design we’ve learned a lot about how to use hardware to mitigate a range of physical attacks,” wrote Weston. “Now, we are taking what we learned from this to deliver on a chip-to-cloud security vision to bring even more security innovation to the future of Windows PCs.”
The announcement represents a major move by the tech industry to avoid the same design oversights that led to attacks like Meltdown and Spectre. Experts often point to the flaws as prime examples of how many foundational components of our modern technologies weren’t designed with security in mind, or the prospects that an outsider might seek to sabotage or manipulate them for unauthorized purposes.
When they were first disclosed, Jonathan Smith, a professor of computer and information science at the University of Pennsylvania, said that when processor chips were designed he was “almost certain that people didn’t realize the consequences of this speculative execution for security,” something that would have to be prioritized in the design of future chips.