Cybersecurity runs over a complex, adaptive system, and the problems and challenges the industry faces when it comes to effectively protecting computing technologies require creative, adaptive, multifaceted solutions. For the industry to build the best and most secure products and solutions amid the complex dynamics that exist in cyber, we must all think beyond the algorithms, processors and tech and draw inspiration and guidance from the world around us. And there’s no better example of a complex, adaptive system than nature itself.
I’d like us to explore a few parallels between the natural world and security, and in doing so, highlight the insights and best practices those similarities can teach us about building more secure computing solutions. Trees offer a compelling lens with which to view computer systems and cybersecurity. Drawing inspiration from trees, here are three goals security teams can set to improve security:
- Create seamless integration between each layer in the stack.
A tree operates as a system in and of itself, with several components that each play important individual roles and collaborate with one another to help ensure its ability to survive and thrive. There are three parallels between the roots, trunks and leaves in trees and computer systems. First, the roots. Similar to the way a tree’s roots serve the critical role of sourcing fundamental requirements like water, nutrients and oxygen, successful and secure computer systems are designed to start with a trusted foundation deep down at the silicon level. This type of built-in hardware-based security (or root of trust) can better provide protection during different system states and transitions (such as boot and execution) for data, keys, and identities – from the chip up through the rest of the system.
Second, we find the trunks. The rugged outer bark or hard wood of a tree serves as a shield against harsh external conditions and threats, while its inner soft wood serves as a central hub that integrates and extends various life support functions from the trunk throughout the organism. In the same way, computer systems are designed with a core chain of trust composed of a variety of components, suppliers and vendors, including hardware and software providers, original equipment manufacturers, original design manufacturers and others. This complex ecosystem must be organized and integrated to help ensure compatibility, performance and security. As computing extends across on-premises locations to public cloud environments and to the edge, security solutions must deliver more seamless protection for software and hardware designs. This can include code running on all types of processing devices (CPUs, GPUs, FPGAs).
Finally, the leaves. A healthy tree’s leaves gather energy from sunlight and convert it to ensure that the organism will grow and flourish. If any leaves or even complete sections of the tree fall victim to damage or infection, the tree will compartmentalize the compromised or diseased segment, and divert resources to support healthy areas and facilitate new growth. Similarly, a trusted execution environment (TEE) can create an isolated environment that prevents unauthorized access or modification of applications and data even in the event that other aspects of a computer system are compromised. In fact, confidential computing efforts aim to extend this isolation so data and workload processing can continue more seamlessly and applications on devices or virtual machines in the cloud can operate more securely.
- Build adaptable systems.
From seed to sprout and sapling to maturity, and across various seasonal states including growth, dissemination, dormancy and more – trees are in a constant state of adjustment to adapt to changing environmental conditions and requirements. In the same way, computer systems constantly adapt to their present environment, whether booting securely, going into trusted execution, undergoing secure updates or throughout continuous monitoring of the system in use. Just as trees budget resources to ensure growth, computer products and solutions have to balance different technical elements like power, performance and security. In both cases, it’s possible to reverse some energy to activate defense measures and quickly adapt in the event of an attack.
- Coordinate and cooperate with the broader computing ecosystem.
Did you know that trees can communicate with other trees? Recent research shows that trees and other plant life are connected within living networks that facilitate relationships, communication and signaling around changing conditions and new threats to ensure survival. Connected trees in a forest can moderate extremes of heat and cold, store water, and even generate automatic defense mechanisms when “attacked” by herbivores and insects. In this type of protected environment where survival exists as a community affair, trees can age gracefully. Likewise, the broader technology ecosystem can work together to solve complex challenges. Some great examples of this include industry efforts related to coordinated vulnerability disclosure, compute lifecycle assurance, and supply chain transparency. Industry partners, researchers and vendors can continue communicating about common issues, use cases, workloads, needs, assumptions and mitigations.
Technology, like nature, constantly evolves. As more connected devices come online and add to the deluge of data we’re already experiencing, it’s critical that we proactively assess and mitigate growing attack surfaces and opportunities for attackers. Understanding the lessons we can learn from the natural world and integrating them into product design and development can help improve security strategies, harden products and solutions, and ultimately deliver higher-quality, more secure products to customers.
Look outside of the immediate nuts and bolts of technology for inspiration that can help spur creative solutions. Try to collaborate with the broader ecosystem and, above all else, better prioritize the security team’s ability to respond and adapt to the changing threat landscapes. At the same time, continue building upon general security best practices and foundational security capabilities. As the proverb goes, “When the roots are deep, there’s no reason to fear the wind.”
Asmae Mhassni, principal engineer, Intel