October 23, 2009 - Eric Chabrow

In securing government IT systems, much of the attention is focused on software and networks. But hardware poses threats that can prove devastating.

Former NATO Supreme Commander, retired four-star Gen. Wesley Clark, and Peter Levin, Department of Veterans Affairs chief technology officer, teamed up to write an article on securing the information highway, published in the November/December issue of the journal Foreign Affairs, which among other points addressed the dangers unsecured hardware presents.

"Although networks and software attract most of the media's attention when it comes to cybersecurity, chip-level hardware is similarly vulnerable: deliberate design deficiencies or malicious tampering can easily creep in during the 400-step process required to produce a microchip."

To make their point, Clark - now a senior fellow at the Ron Burkle Center for International Relations - and Levin - founding CEO of the cybersecurity firm DAFCA - cited a three-kiloton explosion that tore apart a natural gas pipeline in Siberia in 1982; the detonation was so large it was visible from space. Twenty years later, New York Times columnist William Safire reported the CIA executed a cyber-operation by carefully placing fault chips and tainted software into the Soviet supply chain.

Even with automated equipment that can identify flaws in chips, they may not be able to detect microprocessors purposely etched to cause harm. They write:

"Compromised hardware is almost literally a time bomb, because the corruption occurs well before the attack - during design implementation or manufacturing - and is detonated sometime in the future, most likely from a faraway location. Sabotaged circuits cannot be patched; they are the ultimate sleeper cell."

Though the authors lament the research in hardware security has been anemic, they note that Stanford University aeronautics professor Per Enge is exploring ways to adapt methods aircraft manufacturers employ to identify vulnerabilities in the airframes of airplanes to securing computer hardware. It won't be easy.

"The difference between a chip and an airplane is that an engineer's ability to absorb knowledge and reconfigure hardware in order to make it more secure is much greater in silicon than in aluminum, especially if the internal response is both adaptive and intelligent."