National Academies Press: OpenBook
« Previous: 4 International Implications, National Security, and Vulnerability Disclosure
Suggested Citation:"5 Concluding Discussion." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

5

Concluding Discussion

Fred Schneider, Cornell University, closed the workshop with a synopsis of the issues addressed and moderated a brief final discussion.

Schneider began by reflecting on some “watershed events” in how the field’s response to security vulnerabilities has evolved. A first event he noted was when researchers realized that the C programming language was prone to significant security errors. Eventually, compiler flags and modern programming languages were developed that were effective at ruling out certain classes of these errors.

The second event he discussed was the floating-point division error in Intel’s early Pentium chips, discovered in 1994. While it was not the first such bug, it was the first to convince the computing world just how disastrous hardware-instruction errors can be. It was very expensive to repair deployed computers and repeat suspect computations, and it led Intel to adopt a whole new set of techniques for validation of processor designs.

Spectre, he suggested, is also going to be a watershed event. In this case, he argued, we have encountered a vulnerability that is extremely difficult, if not impossible, to mitigate, given our current capabilities and processes.

Suggested Citation:"5 Concluding Discussion." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

Schneider highlighted that attacks have evolved considerably over the past 50 years. Early on, adversaries attacked software systems. Now, even processors and their supply chains are at risk. Internet of Things (IoT) devices are also a likely vector for many future attacks, thanks to their sheer number and the difficulty of ensuring consistent security for devices manufactured by a multitude of small companies with varying expertise, motivations, and mechanisms for implementing protections, he said.

One key takeaway from the workshop, Schneider said, is that computer scientists and manufacturers need to revisit how they understand the contract interface between the hardware and the software and how they view the role that microarchitecture plays. The trade-off between security and performance must be revisited, and more research needs to be done to answer tough questions in this space, he argued. Spectre underscores the need for a new generation of hardware and processors, but this will not be an easy feat for manufacturers.

Schneider also said that a further complication is that manufacturers must work strategically to prioritize and allocate their investments in bug repair and mitigation: resources are always limited in some way. Even beyond the responsibilities of individual companies, there is a need for society as a whole to develop a triage system to address new vulnerabilities as they arise. Security does not occur in isolation, he said; everything—the cloud, the software, the individual machines—has to be secure.

A new generation of attacks also requires a new generation of patches and patch deployment strategies, Schneider noted. Intel’s microcode patches are a good place to start, although it is too soon to say how robust these will be. An agreed-upon routine set of steps to follow (such as Schwartz proposed) is likely to be necessary for successful patch deployment, said Schneider. In short, Schneider concluded, Spectre has demonstrated that a triage system and a routine, agreed-upon response strategy—rather than an ad hoc one—will be critical to the evolution of cybersecurity going forward.

Bob Blakley, Citigroup, commented that Stuxnet, a malicious computer worm first discovered in 2010, represents another watershed event, because it was the first time that attackers sought

Suggested Citation:"5 Concluding Discussion." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

to cause physical damage and not just steal information. Building on this point, David Clark, Massachusetts Institute of Technology, posited that the threats are likely to evolve further in that direction. Many past attacks have resulted in data breaches, and more recently, ransomware attacks have resulted in loss of availability, he said. But the next big cyberattack may well be one that involves malicious destruction, perpetrated through hardware. As such, Clark argued, a key challenge in hardware development is to avoid missteps that allow attackers to use these devices to kill people or destroy infrastructure.

Suggested Citation:"5 Concluding Discussion." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×

This page intentionally left blank.

Suggested Citation:"5 Concluding Discussion." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page 55
Suggested Citation:"5 Concluding Discussion." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page 56
Suggested Citation:"5 Concluding Discussion." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page 57
Suggested Citation:"5 Concluding Discussion." National Academies of Sciences, Engineering, and Medicine. 2019. Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/25418.
×
Page 58
Next: Appendixes »
Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop Get This Book
×
Buy Ebook | $14.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

In 2017, researchers discovered a vulnerability in microprocessors used in computers and devices all over the world. The vulnerability, named Spectre, combines side effects from caching and speculative execution, which are techniques that have been used for many years to increase the speed at which computers operate. The discovery upends a number of common assumptions about cybersecurity and draws attention to the complexities of the global supply chain and global customer base for the vast range of devices and cloud capabilities that all computer users rely on. In October 2018, the Forum on Cyber Resilience hosted a workshop to explore the implications of this development. This publication summarizes the presentations and discussions from the workshop.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!