Industrial Insights

Software-Defined Everything doesn’t mean Software-Only Security

Thank you for reaching out PUFsecurity’s blog!
This blog will be retired in June 2023.
Please visit our new resource library and subscribe to the newsletter on pufsecurity.com.

Computing power has reached the point where once “hardware-only” functions can now be handled by the software layer running on top of the hardware, with negligible performance difference for users. Applications once only seen in science fiction are becoming present-day science reality, such as the rise of the Metaverse and smart cars that approach the ultimate goal of level 4 autonomous driving. Increased software control over the underlying hardware resources has also recently been responsible for the software-defined everything (SDx) revolution, allowing for agile and flexible repurposing of the traditional IT pillars of compute, network and storage (including the secure container in the cloud).

Given the relative ease to reconfigure software code compared with modifying hardware, the “software-defined” trend continues to gain momentum as computing speed increases can cover most of the penalties as we move away from hardware-specific configurations and accelerators. In fact, the projected size of software-defined and virtualized network functions infrastructure market in 2023 is expected to be at $4.7 billion, according to a 2019 report from IDC.

However, even as systems start relying more upon the software for hardware configuration such as virtual machines for SDx, on top of implementing the application layer, it becomes even more important that the basis of system security remains at the hardware layer. Those same easily changeable characteristics that make software appealing for software-defined configuration/applications are a double-edged sword since the software is more easily hacked than hardware. In addition, more reliance on software means more attack surfaces for hackers to probe for system weaknesses. To take the advantage of software’s flexibility and address the security concerns, software must be developed with an immutable secure anchor, in which can only be achieved by hardware design. For these reasons, a well-designed, secure system must implement a hardware root-of-trust (HRoT) at its lowest, most basic hardware layer…

Please read the complete content on our new resource library.

Leave a Reply

%d bloggers like this: