The general flow of net based attacks is simple. With dictionary attacks, login attempts are started, followed by a series of telephone net commands. When successful, malware is downloaded, and actions like information uploads are started, and the user or operator is a victim. Just as effective are downloads of viruses and malware from contaminated external devices that are connected to e.g. automotive or IoT devices.
Security, however, not only has to be very safe and effective, in most systems for consumer use it must also be almost cost neutral. A prohibitive task, you would think, as most of those systems and applications cannot afford expensive, powerful processors for their protection. As such, other solutions to cost effectively and securely safeguard systems have to be found.
Which options exist for cost competitive high security? There are two basic ways to implement security: software and hardware based solutions.
Let us take a look at purely software based solutions. A new virus or malware has been developed that breaches existing software security. As result, an anti-virus is developed, followed by a new virus. A never ending cycle. Additionally, unintentional user admittance is a weak spot. The user virtually opens the door for the virus, which then might be re-distributed, and an increasing number of systems get infected. Malware might also intrude through ill use of software update mechanisms or by taking over the administrator rights. There are many methods of intrusion into software systems, which leads to the conclusion that there are no secure software based security systems: they are inherently bound to be broken. As a matter of fact, the best path to secure system integrity are hardware based solutions.
CPU IP (Intellectual Property) core providers offer secure environment methodologies for SoC (System on Chip) systems based on these cores. Three major vendors for CPUs - ARM, MIPS, and Intel - have implemented their own security approaches. ARM (TZ, Trust Zone) and MIPS (VZ, Virtualization Zone) use an embedded CPU for their implementations. Intel (VT/VT1, Virtualization Technology)) mainly uses servers. A hypervisor or virtual machine monitor (VMM) is computer software, firmware, or hardware that creates and runs virtual machines, creating a Trusted Execution Environment (TEE). Those hypervisors or virtual machines that run right on the host's secure hardware areas like ARM’s Trust Zone or MIPS’ VZ to control the hardware and to manage the guest operating system are called bare metal hypervisors. The embedded virtualization modules add a guest mode, which leaves the root or user mode in full control of what the guest operating system is permitted to do. The guest OS remains unchanged and without realizing its virtualization. While the secure hardware is part of the IP, the secure OS comes from a trusted third party vendor.