January 16, 2024
Tackling Cybersecurity Challenges
Mainsail Industries (Mainsail) together with Metropolitan State University (Metro State) in MN are the Air Force AFWERX award recipients to perform research and development (R&D) on Confidential Computing & Micro-Segmentation to Protect Against Side-Channel Attacks. Bringing industry and academia together to perform crucial research will greatly enhance our cybersecurity posture, especially for the Department of Defense.
Mainsail's STTR contract is paramount in establishing Metalvisor as a catalyst for groundbreaking developments in cybersecurity, particularly in defending against sophisticated cyber threats, such as side-channel attacks, zero-day exploits, and other advanced persistent threats. Our research focuses on Advanced CPU Micro Segmentation and Confidential Computing to establish a Hardware Root of Trust and protect against Side-Channel Attacks, including complex hardware-based attacks like Spectre and Meltdown, exploit indirect methods to extract sensitive information from computer systems, presenting unique challenges in digital security.
Mainsail & Metro State University Collaboration
An exciting component of a STTR contract is the opportunity to work alongside an educational institution to bring in researchers from academia to work with subject matter experts in the industry to define, research, and develop advanced concepts and technologies. Metro State University, under the leadership of Dr. Faisal Kaleem, has a Computer Science and Cybersecurity Department and was nationally recognized urban university, has been awarded one of just three newly created grants from the National Security Agency’s (NSA) National Centers of Academic Excellence in Cybersecurity to establish the Metro State University Cybersecurity Clinic, a pilot program to help protect small businesses, nonprofits, K–12 schools, and local government entities from cyberattacks. Together, we will lay the foundation necessary to develop and test Metalvisor in actual defense use cases to protect the Department of Defense's sensitive data and systems against sophisticated cyber threats.
At the center of our research is Mainsail's innovative technology, Metalvisor, which provides advanced CPU micro-segmentation and confidential computing capabilities defend against sophisticated cyber threats, such as side-channel attacks, zero-day exploits, and other advanced persistent threats.
METALVISOR DIFFERENTIATORS
- Integration: Metalvisor is integrated directly into the system's firmware, providing a more secure, efficient, and low-latency environment. Unlike traditional type 1 or type 2 hypervisors that run on top or within an OS.
- Security First: Metalvisor prioritizes security from the ground up, leveraging the embedded nature to provide a smaller attack surface and robust isolation capabilities.
- Secure & Performant: Highest level of Determinism & Quality of Service available on multicore processors today. Perfect for Edge Workloads; 5G, AL/ML, Low-Latency, and RTOS.
- Establishes a HW Root of Trust: Using hardware-sealing, keys are stored inside the CPU. With Metalvisor, workloads are immutable and have an established hardware root of trust.
Through our STTR contract, and together with Metro State University, we aim to strengthen the security of critical defense networks, particularly at the edge, by ensuring data integrity and confidentiality even in hostile cyber environments and set a new standard in cybersecurity for defense systems, paving the way for more secure and resilient military operations in the face of evolving cyber warfare tactics.
"Collaborating with Metro State University on this vital research marks a significant milestone for Mainsail. As we delve into the complexities of side-channel attacks, our combined effort with the university's talented researchers promises to drive advancements in cybersecurity that are essential for protecting our nation's digital infrastructure." - Eric Van Arsdall, Mainsail Industries CEO
What are Side-Channel Attacks?
Side-channel attacks are indirect ways to get information from a computer system. Instead of breaking into the system directly, attackers look for hints given off by the system’s physical operations. These hints can be things like the amount of power the system uses, the electromagnetic waves it emits, or flaws in hardware & software.
Hardware-Based Side-Channel Attacks: Understanding Spectre and Meltdown
What are Hardware-Based Side-Channel Attacks?
Hardware-based side-channel attacks exploit vulnerabilities in the physical design of computer hardware. Unlike software attacks, these target the fundamental way processors are built and operate.
Spectre and Meltdown Explained
Spectre:
- Nature: Spectre attacks exploit a feature in processors called speculative execution, where the processor guesses what information it might need next and processes it in advance to speed things up.
- Risk: The danger with Spectre is that it can trick the processor into processing unauthorized data, leading to potential leakage of sensitive information.
Meltdown:
- Nature: Meltdown attacks exploit vulnerabilities in the way processors isolate applications from each other and from the operating system.
- Risk: This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.
Why Are They Significant?
These attacks are particularly concerning because they affect the hardware itself, making them hard to detect and patch with traditional software updates. They can potentially affect millions of computers worldwide, regardless of the operating system. Side-channel attacks are worrying because they can be hard to detect and prevent. They don't require direct access to the system, making them a stealthy way to get sensitive information.
Addressing Hardware-Based Side-Channel Attacks
- Patches and Updates: Software patches can mitigate some of the risks, but they may also slow down the processor.
- Design Changes: Long-term solutions require changes in how processors are designed and manufactured.
- Research: Ongoing research, like the collaboration between Mainsail Industries and Metro State University, is crucial to developing more effective defenses against these types of attacks.
The Importance of Research in Side-Channel Attacks
Understanding and preventing side-channel attacks is crucial for protecting sensitive data. This research is not just about fixing a current problem but also about staying ahead of future threats. By studying these attacks, researchers can create better defenses and make systems safer.
Metalvisor’s Role in Combating Side-Channel Attacks
Mainsail's 'Metalvisor' technology is central to our research and is designed to protect against a wide range of sophisticated cyber threats.
Implications for the Department of Defense
The combined challenges of side-channel attacks, the vulnerabilities inherent in edge computing, and the security risks associated with rapidly adopted COTS hardware demand advanced, integrated security solutions like Metalvisor; providing complete protection, cyber resiliency to evolving threats, and integrity and security of hardware components, while maintaining operational efficiency and performance in various operational contexts. A cyber-resilient security posture is needed to protect against sophisticated cyber-attacks, advanced persistent threats, and nation state actors.
Conclusion
This collaboration between Mainsail Industries and Metro State University is a significant step in enhancing cybersecurity measures. It shows a strong commitment from the Government to develop solutions that protect against sophisticated digital threats.