A New Doctrine for Hardware Security
Adam Hastings, Simha Sethumadhavan
TL;DR
This paper argues that hardware security issues stem from market incentives and proposes the Doctrine of Shared Burdens to explain and address these challenges, illustrated through case studies like Rowhammer, Spectre, and Meltdown.
Contribution
It introduces the Doctrine of Shared Burdens, a new framework linking market incentives to hardware security vulnerabilities and solutions.
Findings
Market forces hinder fixing hardware security issues.
The doctrine explains the persistence of vulnerabilities like Rowhammer, Spectre, and Meltdown.
Addressing market incentives can improve hardware security.
Abstract
In this paper, we promote the idea that recent woes in hardware security are not because of a lack of technical solutions but rather because market forces and incentives prevent those with the ability to fix problems from doing so. At the root of the problem is the fact that hardware security comes at a cost; Present issues in hardware security can be seen as the result of the players in the game of hardware security finding ways of avoiding paying this cost. We formulate this idea into a doctrine of security, namely the Doctrine of Shared Burdens. Three cases studies---Rowhammer, Spectre, and Meltdown---are interpreted though the lens of this doctrine. Our doctrine illuminates why these problems and exist and what can be done about them.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Physical Unclonable Functions (PUFs) and Hardware Security · Advanced Malware Detection Techniques