DSC Security Solution
Relying on DSC technology from Tsinghua University, DSC security solution, as a CPU hardware security solution, aims at the hardware security needs from users and partners. Hardware attacks and threats behaviors, such as the Spectre and Meltdown attacks, hardware Trojan attacks, threats from hardware backdoors, and malicious use of hardware frontdoors, can be can quickly find out by using this solution. Additionally, management methods are provided, such as blocking the attack path and blocking the program that triggers the attack, to help users improve their CPU runtime hardware security level, and furthermore, to provide security measures for infrastructures like data centers, networks, and cloud computing environments.

Solution Details

Scenario 1: Secure and controllable X86 trusted server

With the digital transformation of businesses in traditional industries and the implementation of new technologies such as artificial intelligence, big data, and cloud computing, information security has always been the focus of users. The solution is deployed on a server platform and consists of target CPUs, RCP chips, I/O trace (ITR) chips, Hybrid Security DIMMs (HSDIMM), and firmware running on target CPUs. This solution performs non-intrusive signal tracing on target CPUs with no affect the normal execution of the operating system and applications running on it, and randomly traces the running target CPUs’ behavior fragments and quickly analyzes, judges, implements management and control, records logs, and saves the complete tracing data as needed. In addition, the secure boot and controlled updates of microcode functions ensure that the security service covers the entire life cycle of the target CPUs. Moreover, the platform is compatible with the original ecosystem, and while safe and controllable, it does not affect the operation of the original business.

Scenario 2: Precise tracing sensitive behavior/data/device information

DSC technology can continuously and accurately collect the hardware behavior fragments in the specified user context program block, and monitor the underlying hardware behavior of the specified memory area and the specified external device. It can also combine the results of monitoring software and analysis software and summarize the characteristic rules to establish a hard behavior standard map or anomaly map of hotspot applications to help users and partners fully control the specified behavior.