Today’s security models are increasingly reliant on dedicated security processors to perform critical measurements within devices and systems. In many cases, a Trusted Platform Module (TPM) is integrated to handle these tasks, while securely storing the keys and certificates required to attest the device’s identity and integrity. Alternatively, a Device Identifier Composition Engine (DICE) can be used for enhanced security operations when a TPM isn’t present, or alongside one in a more complex environment.

Regardless of the technology chosen, protecting security-critical components – such as device firmware or sensitive data – from any unauthorised changes is essential. However, protection alone is not enough. If an attacker bypasses defences and tampers with code or configuration, it can lead to serious consequences.

Systems must now not only be able to defend against threats but also detect any compromises and recover from them effectively. Additionally, the protection, detection and recovery mechanisms themselves must be resilient against tampering or corruption. Achieving this requires the trust within the platform’s recovery capabilities – and this can be achieved through Cyber Resilient Technology (CyRes).

Key elements of CyRes
CyRes represents an architecture and a selection of building blocks to form a Cyber Resilient Module (CRM) within devices.

Within every device you will find some form of Resilience Target (RT), which is a core function or feature within the system requiring protection from cyberattacks or potential tampering. This is protected by the Resilience Engine (RE), which repairs and updates the RT when needed, while locking down any sensitive code or data to stop unauthorised access. This is done based on the instructions provided to it by the Resilience Authority (RA), which sits outside the device and provides policies for trusted, predictable behaviour within devices and systems.

This will be assessed through key building blocks implemented within the CRM. These include latches, which operate like locks to stop users and software attempting to read or change code without permission, and Watchdog Counters (WDC) which can be used to help the system check for problems on regular intervals.  Should the counter expire, this may be an indicator that something is wrong with the device, and this building block will give the chance to the RE to recover it. This WDC is managed by the RA from outside the device for continual monitoring of the entire system.

How does CyRes help?
Many sectors and industries can benefit from the security capabilities afforded through CyRes. Whether it’s information displays in airport terminals, common enterprise infrastructure in a closet or data centres, or equipment found in isolated (‘satellite’) offices across the globe, CyRes will provide the same fundamental principles of protection, detection and recovery.

The same principles can also be used to protect automotive charging stations in remote locations: as mentioned in our previous blog, Electric Vehicle Supply Equipment (EVSE) is increasingly being targeted by malicious actors due to the level access they can gain to car owners and even national grids. In these instances, CyRes can help mitigate any successful hacks, and return the EVSE to a trusted state to avoid further incidents.

There are also financial benefits to having resilient systems: for example, the use of remotely updatable anti-theft features within vehicles can reduce the cost of product recalls, and by extension, car insurance premiums for end users.

CyRes needs you
Implementing and monitoring the latest CyRes specifications remain the best option for providing disaster recovery and the necessary remediation against potentially critical threats. Visit the CyRes Work Group page on the TCG’s website to keep up-to-date with the latest publications regarding this foundational trusted computing concept.

To ensure that CyRes continues to meet the requirements of today, the Work Group is welcoming new members to help support their efforts. The scope of work would include the documentation of CyRes best practices, including recovery and detection design patterns, as well as how best the standard can be combined with other technologies developed by the TCG. They would also be interested in companies who can help define new CyRes capabilities, such as intrusion detection. It’s also important that they have the manpower and expertise to continue identifying current and future threats across a diverse range of industries and cultures. If you’d be interested in joining the CyRes Work Group, contact [email protected] to learn more.