IoT Security Blog

Articles and Posts on IoT Security, Embedded Systems, and the Internet of Things

Hacking Hardware a Military Concern

Contributed by Joanne C. Kelleher

Per the New York Times, more than $3.5 billion of integrated circuits are bought annually for use in U.S. military gear. Only about 2 percent of these are manufactured in secure facilities run by American companies and the United States lacks the ability to fulfill the capacity requirements needed to manufacture computer chips for classified systems.

American intelligence agency experts say all sides are arming themselves with the ability to create hardware Trojan horses and to hide them deep inside the circuitry of computer hardware and electronic devices to facilitate military attacks.

So, using physical and cryptographic security methods in RFID tags and embedded systems may not be enough to protect your systems from hacks and attacks. You also need to trust who is manufacturing the  components and integrated circuits.

Read the New York Times article by John Markoff (October 26, 2009) – Old Trick Threatens the Newest Weapons

1 Comment

  1. Mike Ahmadi on October 28, 2009 at 9:45 am

    The most telling statement of all is the last line, stating “You also need to trust who is manufacturing the components and integrated circuits.”

    A properly executed security strategy abstracts the trust in people from the security to a great degree. In building secure microcontrollers, for example, the master key is only controlled by the CEO of the company, or split between the CEO and another top level executive. The programmers and line workers cannot access secure areas no matter who they are. This requires planning and solid procedures. The advantage is that if there is a breach it has to be from the top.