Rugged computer and server supplier General Micro Systems (GMS) is challenging its competitors and partners to join forces in getting the U.S. Department of Defense to only buy servers from U.S. suppliers whose products are supplied, designed and built in America. This company feels this push is essential in raising awareness of the risks associated with computer servers and electronics made outside of the U.S., especially in China.
“A single exploited server reporting back to a rogue nation state could put America at incredible risk,” states Ben Sharfi, CEO and chief architect at GMS. “Why buy servers or motherboards from a country with whom we’re having a trade war? That’s far too risky.” In June of this year President Trump put five Chinese tech entities on a trade blacklist, and earlier this year he signed an executive order barring the government from doing business with China-based Huawei, citing security concerns.
“President Trump is on the right track with these initiatives, but it would be extremely helpful to have him more specifically address the issues associated with the purchase and implementation of risky offshore hardware – and encourage or even mandate buying American,” Sharfi concluded. IEN recently followed up with GMA for further insight.
Jeff Reinke, Industrial Equipment News: Are there any attributes of these non-U.S. servers that could serve as red flags when purchasing?
Chris A. Ciufo, CTO, Chief Commercial Officer, General Micro Systems: Sadly, there is no obvious way to determine if a server has been compromised, either by software or an on-the-circuit-board exploit.
For hardware, a close visual inspection by the original equipment manufacturer (OEM) would clearly show changes—including devices missing or extra ICs not supposed to be there. But a customer would have to have access to the OEM’s original Gerber files and possibly PCB photos, and the good news is that machine vision automation would make this inspection routine and fast.
Unfortunately, if the exploit was placed by the OEM—or someone in their supply chain—getting access to that data will be difficult if not impossible. Any vendor’s server can be forensically examined but that is a difficult, slow and expensive proposition.
As for software, exploits—like terrorist “sleeper cells”—may lay dormant for years before being activated. Often, one only knows a server has been compromised when it starts misbehaving. Culling through software looking for exploits can also be done forensically using static code analysis and heuristics...the same techniques used by anti-spyware software.
But modern sophisticated exploits, particularly in the root or source code, do not respond well to these techniques. The more sophisticated (and buried) the exploit, the harder it is to find.
JR: Security risks exist outside the government and military applications – what does a company like GMS do to help those in the industrial sector stay secure?
CC: GMS follows our RuggedDNA design practice, which makes our systems inherently hardened against exploits. Anti-tamper devices notify the system if someone tries to open the chassis case. Special signals are included that allow the system to be queried remotely to determine security and operational status, and those signals can re-boot or completely erase (“zeroize” or “sanitize”) the system, including the BIOS itself.
If needed, NSA-approved storage drives can be used which follow both an NSA-approved encryption algorithm and an approved erasure procedure. Other hardware mitigation is also included, but not discussed.
Finally, GMS firmware (drivers) and BIOS are verified and maintained against exploits. As processor vendors like Intel issue exploit mitigation updates (think “Spectre” and “Meltdown” from 2018), GMS rolls those out to our customers on maintenance agreement or other contracts. Our SourceSafe BIOS is maintained by GMS to assure exploit-free operation.
JR: Are there any particular security trends that GMS is focused on right now?
CC: We are working to convince our customers that security is more than a one-liner on a specification. Many of our customers think security is important, but do not have “best practices” to help mitigate it. For example, our servers contain a mandated administrator device called a BMC—baseboard management controller. It’s an important way for admins to manage and maintain servers remotely.
However, the BMC has full access to the system by design. As a result, we are working to educate the customers on ways to use the BMC while still assuring access to it can’t be compromised. It’s often as simple as maintaining good, strong passwords and regularly changing them. This isn’t rocket science, it’s the same best practices we all know about from our desktop computers and portable devices.
But getting access to a defense system—especially a server that communicates with thousands of users—is a deadly serious topic. We find that educating our user/customer base is an important part of helping customers use our products.