A new algorithm has been developed to find security bugs in computer chips before they hit the market. The algorithm, known as Unique Program Execution Checking (UPEC), is the brainchild of a group of researchers from the TU Kaiserslautern, Germany. According to the team’s key member Wolfgang Kunz, UPEC lets chip designers identify security flaws in the microarchitecture before they are manufactured on a large-scale.
Kunz, who is the lead Professor - Chair of Electronic Design Automation at TU Kaiserslautern, told Help Net Security that UPEC can effectively remediate what they call the ‘Orc’ attack. This attack is predominantly used to target IoT devices.
“Theoretically, a hacker could use an Orc attack to assume control of an autonomous vehicle or to commandeer networked computers on the Internet-of-Things,” said another team member Subhashish Mitra, who is a Professor in the Department of Electrical Engineering and Computer Science at Stanford University.
UPEC is claimed to be easy to use for chip designers. Moreover, the algorithm has seen positive results for processors of medium complexity. Research on high-end processors is still ongoing and is expected to come out in the future. Overall, UPEC aims to prevent hardware security attacks in a much more proactive way.