Techniques are provided for actively controlling a communications bus to mitigate threats, including cyber-attacks. A methodology implementing the techniques according to an embodiment includes detecting a threat in a message that is being transmitted between nodes on the communications bus. The message comprises one or more message frames and the threat detection is based on analysis of an initial portion of the message frame. The method further includes actively controlling the bus, based on the threat detection, to prevent the remaining portion of the message frame from delivering the threat to one or more of the nodes on the bus. Actively controlling the bus includes isolating nodes from the bus and/or overwriting data in the remaining portion of the message frame to invalidate the message frame or to remove the threat from the message frame.

A method for testing an HMAC implementation for vulnerability to a side-channel attack can include mounting a template attack. The attack can include generating, based on first side-channel leakage information associated with execution of a hash function of the HMAC implementation, a plurality of template tables. Each template table can correspond, respectively, with a subset of bit positions of an internal state of the hash function. The attack can further include generating, based on second side-channel leakage information, a plurality of hypotheses for an internal state of an invocation of the hash function based on a secret key. The method can further include generating, using the hash function, respective hash values generated from each of the plurality of hypotheses and a message. The method can also include comparing each of the respective hash values with a hash value generated using the secret key to determine vulnerability of the HMAC implementation.

A parameter checking method includes substituting a plurality of initial parameters into a data integrity algorithm to obtain syndrome data using a processor, and using a hardware cipher to calculate a calculation result based on the data integrity algorithm based on a plurality of calculation parameters corresponding to the initial parameters. Moreover, when the processor determines that the syndrome data is not the same as the calculation result, the processor outputs a hacker attack message, indicating that at least one of the calculation parameters has been tampered with.

An embodiment integrated circuit includes a first electromagnetic pulse detection device that comprises a first loop antenna formed in an interconnection structure of the integrated circuit, a first end of the first antenna being connected to a first node of application of a power supply potential and a second end of the antenna being coupled to a second node of application of the power supply potential, and a first circuit connected to the second end of the first antenna and configured to output a first signal representative of a comparison of a first current in the first antenna with a first threshold.

Embodiments relate to a system, program product, and method for protecting cache access in a multi-tenant environment, and, more specifically, for allowing access to specified data, encrypted or unencrypted, in a shared cache to authorized tenants, while denying access to the data for unauthorized tenants. The system includes a server including one or more shared cache and a plurality of tenant devices coupled to the server. The server is configured to run one or more applications thereon, where each tenant has access to one or more authorized instances of the applications. The system also includes a cache proxy coupled to the tenant devices and the shared cache. The cache proxy facilitates enforcing one or more schemes to provide for separation of data for authorized tenants and their users using the shared cache from unauthorized tenants and users.

Methods, apparatuses, and systems for secure data input mechanisms are described herein. An example method comprises monitoring a user interface presented on a display of a mobile device, identifying an input field of the application shown within the display, and adjusting operation of the mobile device in response to entry of data within the input field, the adjusting operation occurring via an input method, the input method changing at least one characteristic of the mobile device indicative of entry of data with use of the mobile device, so as to prevent acquisition of the data by a malicious application installed on the mobile device.

A method of receiving one or more signals emanated from a monitored device, signal processing, based on a software model and a hardware-software (HW/SW) interaction model of the monitored device, one or more signals to determine if an anomaly exists in one or more signals, and responsive to determining that an anomaly exists based on the signal processing, transmitting an indication of the anomaly.

An apparatus comprises processing circuitry 14 to perform data processing in response to instructions, the processing circuitry supporting speculative processing of read operations for reading data from a memory system 20, 22; and control circuitry 12, 14, 20 to identify whether a sequence of instructions to be processed by the processing circuitry includes a speculative side-channel hint instruction indicative of whether there is a risk of information leakage if at least one subsequent read operation is processed speculatively, and to determine whether to trigger a speculative side-channel mitigation measure depending on whether the instructions include the speculative side-channel hint instruction. This can help to reduce the performance impact of measures taken to protect against speculative side-channel attacks.

In an embodiment, after a first phase of multiplication, in an electronic multiplication circuit, of a first operand by a second operand leading to a successive delivery of least significant words of the result of the first multiplication, a second multiplication, of the first operand by a supplementary operand is implemented in the electronic multiplication circuit, during a second phase of multiplication. The supplementary operands are not all identical.

The present disclosure provides a leakage measurement error compensation method based on cloud-edge collaborative computing, implemented on a communication network formed by interconnection between a leakage current edge monitoring terminal and a power consumption management cloud platform, and including the following steps: monitoring, by the leakage current edge monitoring terminal, leakage current data, and sending the leakage current data to the power consumption management cloud platform; iteratively training, by the power consumption management cloud platform, a pseudo-leakage compensation model by using the received leakage current data, continuously updating pseudo-leakage model parameters, and feeding the pseudo-leakage model parameters back to the leakage current edge monitoring terminal; and processing, by the leakage current edge monitoring terminal, the leakage current data according to the pseudo-leakage compensation model parameters, so as to eliminate the influence of a pseudo-leakage phenomenon in the leakage current data.