Security Risks from Vulnerabilities and Backdoors

Abstract

It is well-known that Alan Mathison Turing, a mathematician, put forward an abstract computing model, Turing Machine, and provided a solution to the computability problem. Another mathematician John Von Neumann came up with the storage program architecture, solving the computational issue of how to control program directions. Later, computer scientists and engineers, one generation after another, have devoted themselves to the promotion of computational capability, the reduction of application threshold and improvement of man-machine efficiency research and practice. And progress in microelectronics and engineering has initiated a digitized, computerized, networking and intelligent era for the human society, creating a computer-controlled cyberspace which exists everywhere. Unfortunately, the security in the computer architecture has long been neglected. Meltdown and Spectre (refer to Sect. 1.1.3) hardware vulnerabilities which have been discovered recently have made people awkward and embarrassed. It seems impossible to find a remedy through pure software. Although people have paid early attention to software vulnerabilities and worked hard to solve the problem, so far no ideal solution has been found. People have to doubt whether software technology alone can overcome the obstacle. Developments in globalized industry work division and the opening of open-source code technology, supply chains or technology chains, and even industrial chains cannot guarantee the trust, which makes threats from potential backdoors even more complicated. The author believes that attack theories and approaches based on software and hardware code defects are the main cause (rather than one of the causes) for the general security threats in the current cyberspace.