SAN FRANCISCOA privately held semiconductor company based in Pleasanton, Calif., is offering a secure processor that provides anti-tamper technology for commercial and military systems as outlined in U.S. Department of Defense (DoD) instruction 5200.39.
The company, CPU Technology Inc., said its Acalis CPU872 is designed with a secure methodology and manufactured at the IBM trusted foundry in East Fishkill, N.Y., under the DoD and National Security Agency's Trusted Access Program Office, intended to prevent malicious hardware insertion during fabrication. The device protects not only on-chip software but entire systems against tampering or reverse engineering, according to CPU Technology.
According to CPU Technology, as more of the value of systems migrate to software, it becomes increasingly important to protect algorithms, rules and data from malicious attacks. Secure hardware is required to protect the software, according to the company, because software alone cannot do the job.
According to Robert Beanland, vice president of marketing for CPU Technology, the Acalis product line evolved out of the company's 20-year history in defense, developing modernized computing systems to update equipment.
"We had to do a lot of reverse engineering of these systems," Beanland said. "As we reverse engineered them, began to learn about the different vulnerabilities."
Beanland said the Acalis CPU872 is the eighth devices developed by CPU Technology, but the first that has been made available to the merchant market. As the sophistication of security threats has risen in recent years, commercial operations are increasingly turning to the type of anti-tamper technology that has traditionally been required for military applications, he said.
"This whole reverse engineering process can be done for good and not so good intentions," Beanland said. Electronics counterfeiting, malicious insertion of hardware or software to make a device do things it was not intended to do and reverse engineering to build systems that can counter a chip's security mechanisms are all increasing threats, he said.
DoD instruction 5200.39 defines anti-tamper as systems engineering activities intended to deter and/or delay exploitation of critical technologies in a U.S. defense system in order to impede countermeasure development, unintended technology transfer, or alteration of a system.