This is Hamamoto from TIMEWELL
This is Hamamoto from TIMEWELL.
Hardware Vulnerabilities Have Become a Serious Concern Across the IT Industry
Hardware vulnerabilities have become a serious concern across the IT industry. The discovery of Spectre and Meltdown in 2018 sent shockwaves through the sector, exposing fundamental flaws in CPU design that attackers could exploit. Because these issues cannot be fully addressed through software patches alone, a root-level solution requires security measures to be built in from the hardware design stage itself.
This is where proactive security assurance becomes critical. Intel, the world's largest semiconductor manufacturer, is at the forefront of this work. We spoke with Anders Fogh, who leads Intel's security research team, about the company's approach.
- The Current State of Hardware Vulnerabilities and Intel's Response
- Three Techniques: Formal Methods, Taint Tracking, and Interface Hardening
- The Importance of Manual Investigation
- How Hardware Vulnerability Trends Are Shifting
- Summary
Looking for AI training and consulting?
Learn about WARP training programs and consulting services in our materials.
The Current State of Hardware Vulnerabilities and Intel's Response
According to Fogh, the discovery of and response to hardware vulnerabilities is heavily shaped by the capabilities of attackers. As attackers become more sophisticated, the likelihood of new vulnerabilities being uncovered increases. For this reason, Intel invests heavily in "offensive security research" — approaching its own products from an attacker's perspective to find weaknesses before they can be exploited.
In Offensive Security Research, the Goal Is to Identify
In offensive security research, the goal is to identify potential vulnerabilities from the earliest stages of product development and put mitigations in place. Fogh's team is committed to improving security quality throughout the entire product lifecycle. Intel's 2024 Product Security Report revealed that all 21 hardware vulnerabilities the company discovered that year were found through internal proactive security assurance work — not through external disclosure.
Three Techniques: Formal Methods, Taint Tracking, and Interface Hardening
Intel uses a range of techniques to find and prevent hardware vulnerabilities. Three stand out as especially important: formal methods, taint tracking, and interface hardening.
Formal methods use mathematical analysis to verify hardware designs. By converting a design into a system of equations and defining security properties, it becomes possible to mathematically prove the presence or absence of vulnerabilities. Intel applies formal methods not only to products under development but also to security verification of existing products. That said, challenges remain: defining the right security properties is genuinely difficult, and equations can become too complex to yield a solution.
Taint Tracking Follows the Flow of Data Through a CPU Simulation
Taint tracking follows the flow of data through a CPU simulation. By checking whether sensitive data leaks into locations it should never be able to reach, it is possible to identify a class of vulnerabilities known as "stealth data" problems. Intel has used taint tracking to prevent stealth data vulnerabilities from reaching production for over two years.
Interface hardening involves scrutinizing the interfaces within a CPU and rigorously defining the rules that govern how data propagates. Proper interface definitions, strictly implemented, go a long way toward making hardware more secure.
While automated techniques like formal methods and taint tracking are essential, manual investigation remains indispensable. According to Fogh, Intel conducts architectural reviews from the earliest stages of product development in an effort to identify potential vulnerabilities early. The team also directly attempts to hack physical CPUs as a way of uncovering new issues.
Manual investigation takes time, but Intel handles it efficiently by drawing on collaboration across internal experts. Fogh's team works directly with CPU designers when needed — asking questions and deepening their understanding as the investigation progresses. Whereas academic researchers typically take more than a year to find a hardware vulnerability, Intel's internal team is consistently able to move faster.
Fogh Notes That Hardware Vulnerability Trends Have Shifted Significantly
Fogh notes that hardware vulnerability trends have shifted significantly over the past five years. Around 2018, when Spectre and Meltdown were first disclosed, side-channel attacks were the dominant threat. Today, logic bugs — flaws in the functional design itself — account for a growing share of vulnerabilities.
Side-channel vulnerabilities were security problems that didn't stem from functional defects in the CPU, but logic bugs carry risks for both security and functionality. To keep pace with this shift, Intel is now applying techniques originally developed for functional verification to security verification as well. Of the 21 vulnerabilities the company discovered in 2024, only three involved side-channel attacks.
Hardware vulnerabilities are fundamentally difficult problems to solve completely. But when semiconductor manufacturers like Intel commit to proactive security assurance, the systematic discovery and prevention of vulnerabilities can make real and steady progress. By combining formal methods, taint tracking, interface hardening, and manual investigation, hardware security continues to advance in a meaningful way.
As the importance of hardware security grows, industry-wide engagement is becoming essential. Intel's security research team's work will have a significant influence on other semiconductor manufacturers, and it signals the direction the entire sector needs to move.
Reference: https://www.youtube.com/watch?v=hnyKOJiqqsw
Related Articles
- From Full-Time to Part-Time: Life After Two Maternity Leaves and How My View of Work Changed | TIMEWELL
- Before Paternity Leave (Part 2): Three Things You Absolutely Must Do to Take Leave During Busy Season
- Staying True to the Field: How the 5th-Generation Head of a Construction Firm Found His Own Way | Fujita Construction