Intel’s Tunable Replica Circuit Tech Uses Telemetry to Detect Cyberattacks

Invasive cyberattacks on data centers cost billions of dollars annually but can be mitigated with sophisticated software and hardware-based security measures. Physical attacks on machines in the center can cause damage without compromising security. Therefore, Intel developed the TRC (Tunable Replica Circuit) telemetry monitoring technology, already supported by the 12th Gen Core Alder Lake platform, to detect such attacks.

Intel Senior Principal Engineer Daniel Nemiroff said: “This has led malicious actors to turn their attention to physically attacking computing platforms. The tools of choice for these attackers are glitch voltages, clock pins, and electromagnetic radiation. It is a fault injection attack via , which can cause circuit timing failures, allowing the execution of malicious instructions and the potential exfiltration of secrets.”

Intel’s Alder Lake 600 series chipsets, which Intel calls Platform Controller Hub, or PCH, support Intel’s Converged Security and Management Engine (CSME), which controls the operation of other components in the system, including the CPU. It already has a TRC module that constantly monitors. itself.

The TRC monitors timing failures due to voltage, clock, temperature, or electromagnetic glitches, which can be caused by many sources. For example, if certain CPU timings are unusual, this could indicate a cyberattack (attack using fault instructions or exploiting a security hole). Because the set of TRC sensors are tuned to detect errors caused by fault injection rather than voltage drops in normal workloads, Intel is able to prevent data integrity under normal conditions from false positive probes. To ensure this technology does not activate any mitigation techniques.