A professor from the University of Michigan says he and his team are nearing the completion of a remarkable new microchip design that is claimed to make a computer the closest thing to unhackable the world has seen.
That bold claim comes from a media release from the University, the new development diverges from the convention approach, “which relies on software- specifically software patches to vulnerabilities that have already been identified. It’s been called the ‘patch and pray’ model, and it’s not ideal.”
“Today’s approach of eliminating security bugs one by one is a losing game,” Todd Austin, Professor of Computer Science at the University of Michigan and developer of the new system said. “People are constantly writing code, and as long as there is new code, there will be new bugs and security vulnerabilities.”
“Imagine trying to solve a rubiks cube that rearranges itself every time you blink,” he said. “That’s what hackers are up against with MORPHEUS. It makes the computer an unsolvable puzzle.”
“With MORPHEUS, even if a hacker finds a bug, the information needed to exploit it vanishes 50 milliseconds later. It’s perhaps the closest thing to a future-proof secure system.”
The project has received funding for its development from DARPA in 2017, a research and development arm of the U.S. Department of Defense, which would no doubt be keeping an eye on the results of the tests for possible implementation protecting vital military and critical infrastructure systems.
Linton Salmon, manager of DARPA’s System Security Integrated Through Hardware and Firmware program explained “instead of relying on software band-aids to hardware-based security issues, we are aiming to remove those hardware vulnerabilities in ways that will disarm a large proportion of today’s software attacks.”
Head of the project, Todd Austin said the chip could potentially shield against dreaded zero-day exploits, which as the name suggests, gives the victim zero days to protect themselves against the attack. A piece of malware can be lurking inside the system for days, weeks and months before starting the attack. “What’s incredibly exciting about the project is that it will fix tomorrow’s vulnerabilities… I’ve never known any security system that could be future proof.”
Austin went on to explain that “we’ve all seen how damaging an attack can be when it hits a computer that’s sitting on your desk. But attacks on the computer in your car, or in your smart lock or even in your body could place users at an even greater risk.”
This point is becoming more and more of a serious threat, as critical infrastructure, even the TV and fridge in your house become ‘smart’, and become a node in the network of the internet of things. This inevitably opens up areas of opportunities for a third-party to access one seemingly innocuous appliance in your house, which can eventually lead to grave consequences.
“These protections don’t exist today because they are too expensive to implement in software,” Austin said. “But with DARPA’s support we can take the offensive against attackers with new defenses in hardware and implement them with virtually no impact to software.”