Technology Overview
Successful cyber attacks often leverage the fact that an instruction set architecture of a target system is well known. Given knowledge of the instruction set architecture, attackers can prepare malicious software, knowing with high confidence that it will run when introduced into the target system via code-injection attacks or other attack vectors.
Researchers at PNNL have developed a system and method that processes an encrypted instruction stream in hardware, where the main memory stores the encrypted instruction stream and unencrypted data. A central processing unit (CPU) is operatively coupled to the main memory. A decryptor, which is operatively coupled to the main memory and located within the CPU,decrypts the encrypted instruction stream when it receives an instruction fetch signal from a CPU core. The unencrypted data is then passed through to the CPU core without decryption upon receipt of a data fetch signal.
Advantages
- Deters cyber attacks on hardware systems
- Safely stores encrypted instruction stream and unencrypted data in hardware