Abstract:

Cyber security provides assurances and safeguards for cyberspace interactions and services. These are built upon hardware and software technology for computing, communications and storage. In the past half century, design goals have focussed mainly on improving performance, cost and power in hardware, and on improving functionality, versatility and ease-of-use in software. Approaches to cyber security have focused on reactive measures, perimeter security and software implementations. In contrast, we propose a proactive approach to cyber security, where every component, hardware, software or networking, has secure or trustworthy operation as a primary design goal. We ask what computer architecture might look like, if cyber security is a primary design goal, rather than added on as an after-thought. What is a minimalist set of architectural components for a security-aware processor? We give some examples of faster ciphers with novel permutation instructions, defensive design for mitigating DDoS attacks, and virtual secure co-processing.