You rely on complex computing and communications networks to keep your services running without interruption. You need reliable data and IT infrastructure to keep your network secure and maintain user trust. As your personal data becomes accessible at any time and from any location, you expect consistent access and security across all networks.

Because adversaries have become more aggressive, you face a rapidly changing threat landscape. You must protect your network from attacks by malicious actors and from counterfeit or tampered products. Trustworthy systems help maintain network security, protect user trust, and defend against increasingly sophisticated threats.

The SUDI provides your device with a tamperproof ID using an X.509 certificate. The private key is securely stored in the Trust Anchor Module (TAm) during manufacturing, ensuring your device’s identity is verified and protected against counterfeiting.

Your device is uniquely identified by SUDI, which combines its product ID and serial number. The X.509 version 3 certificate, which complies with IEEE 802.1AR and uses RSA or ECC encryption, helps prevent identity cloning or spoofing and protects your equipment from counterfeit risks.

The Cisco TAm is a tamper-resistant chip embedded in your Cisco devices. It includes non-volatile secure storage and serves as the foundation of the device's trust chain. The manufacturer's public key is securely stored within your device's TAm chip.

Your device includes Anti-Counterfeit Technology (ACT) by embedding specialized hardware chips called ACT and ACT2 within your devices.

The TAm provides these features:

Identity

During manufacturing, your device’s ACT2 chip receives the Cisco SUDI as an X.509v3 ECDSA or RSA certificate (or both), along with key pairs and certificate chains. The SUDI forms the basis for the hardware anti-counterfeit check and helps establish the device’s initial network identity.

Entropy

The ACT2 features a NIST SP 800-90B compliant entropy source, making it ideal for seeding host-based pseudo-random number generators.

Key Management

The ACT2 is capable of generating symmetric keys, as well as ECC and RSA asymmetric keypairs. Crucially, the symmetric keys and the private portions of these keypairs are never released from the chip. Access to these protected keys is facilitated solely through cryptographic APIs, and certificates can be enrolled for the keypairs generated by the ACT2.

Secure Storage

The ACT2 offers approximately 50 KB of host data storage, secured against physical tampering. This makes it an ideal repository for sensitive information like licenses and confidential data such as credentials. Crucially, important device keys and passwords are also safeguarded within this secure storage.

The TAm and SUDI in your device serve as unique hardware identifiers, much like a mobile device's IMEI number, and also offer added functions.

The TAm features secure nonvolatile storage for cryptographic keys, which applications access through TAm libraries. When your device starts, SUDI and boot measurements stored in the TAm help verify that your device is legitimate, making sure the boot process works as expected and helping detect tampering.

Secure Boot

Cisco Secure Boot ensures authenticity and integrity of code executing on your device. Its hardware-anchored secure boot safeguards the micro loader—the very first piece of code that boots—within tamper-resistant hardware. This creates a root of trust, effectively preventing your Cisco devices from running tainted network software.

Cisco digitally signs all images using the manufacturer's private key. This happens in a secure and audited environment. The key pair is generated using RSA encryption with a 2048-bit modulus.

Your device, after booting, authenticates with the TAm through SUDI to ensure that its hardware is indeed genuine Cisco, rather than a counterfeit or compromised unit.

The public key, embedded directly into the hardware, is accessible via TAm libraries. Cisco IOS XE images are signed using private keys that are never removed from the build DevOps release environment. During the boot process, these keys are compared, confirming that both the hardware and software have been signed by Cisco.

The secure chain starts when the TAm verifies the microloader’s integrity before loading it onto the CPU. Next, the microloader checks the BIOS or bootloader using the TAm's API to confirm the image is legitimate before loading. This verification also occurs when loading the Cisco IOS XE image.

After the CPU loads the image, the operating system utilizes the TAm API to verify software modules like KLM, RPM, and ASIC SDK prior to their activation.

Chip Guard (Chip Protection)

Your Cisco devices incorporate a chip protection feature that guarantees hardware integrity. This protection mechanism records each device's signature during manufacturing and then compares it during every device bootup, thereby ensuring that the peripherals of your device are not counterfeit.

Manufacturing Time Database

The manufacturing time database is the original copy of the unique IDs of Cisco ASICs, CPUs, SoCs, and other devices with their device types specific to a board. In most cases, the unique ID is a device serial number or other appropriate value of that device. The manufacturing database is a Known Good Values (KGV) database specific to a board. It is programmed onto the TAm device as part of the manufacturing process.

Collected Database

The collected database is collected by the firmware whenever the board is booted and extended to the TAm device. Measurements are collected either through firmware or through system drivers.

The BIOS boot process integrates the TAm library to populate the collection database. The BIOS detects various hardware components as part of initialization and uses the TAm library APIs to record the device type and unique IDs if the detected devices are part of the manufacturing time database. After all the device types and unique IDs are written to the collected database, the platform operating system invokes the TAm library API to validate the collected database against the manufacturing time database. If there is a mismatch, the platform holds the boot process.

Random Number Generation and Entropy Source

Strong random number generation (RNG) is at the core of encryption, while weak RNG can undermine the entire encryption system. Random number generators play a key role in creating cryptographic keys, establishing highly secure communications between users and websites, and in resetting passwords for email accounts. Without assured randomness, an attacker can predict what the system will generate and undermine the algorithm. Your Cisco devices uses the RNG from Linux. The RNG is seeded with a random value, typically obtained from a hardware random number generator (HRNG), which makes it impossible to guess. Hardware also contains a Trust Anchor module that is compliant with NIST specifications and capable of providing much more effective RNG that extracts entropy from a true random source within the Trust Anchor.

Multistage BIOS

The BIOS is split into multiple, smaller pieces so that they can be loaded, validated, and executed entirely in the RAM to protect the BIOS from external modification (such as a Time-of-Check to Time-of-Use attack ¹). The BIOS is composed of the following things:

• Pre-EFI Initialization (PEI)

• Firmware Dependency Module (FDM)

• Driver Execution environment (DXE)

Having a multistage BIOS in your device makes it very hard to bypass the Cisco BIOS. Any intervention with the BIOS will stop the bootloader from loading the OS image

Runtime Defenses (RTD)

Runtime defenses target injection attacks of malicious code into running software. Your Cisco devices runtime defenses include Address Space Layout Randomization (ASLR), Built-in Object Size Checking (BOSC), and X-space Runtime defenses. These defenses make it harder or impossible for attackers to exploit vulnerabilities in running software.

Address Space Layout Randomization (ASLR)

Address Space Layout Randomization (ASLR) is an important security hardening functionality that randomizes the locations of sections of all processes and the kernel for your Cisco devices making it more difficult for an attacker to exploit existing vulnerabilities. ASLR is a companion defense along with executable space protection, which prevents inadvertent execution of code from unauthorized areas and prohibits writing of code over executable areas.

ASLR functionality for processes can be categorized into Cisco binaries and 3rd party binaries, both of which need to support ASLR. For ASLR support, Cisco and 3rd party binaries and shared libraries need to be built with the correct flags. Cisco binaries, including 3rd party shared objects, must ensure the library is randomized so as not to compromise the randomization of the Cisco binary itself. 3rd party binaries and shared libraries might require vendor support to randomize them.

ASLR functionality for the Linux kernel brings support for address space randomization to running Linux kernel images by randomizing where the kernel code is placed at boot time. Kernel ASLR support is present in Cisco devices to prevent hackers from injecting malicious code.

Executable Space Protection (XSpace)

Executable space protection (X-space) is one of the most important security protections in your Cisco devices. This feature ensures that executable space protection is enabled for devices. This prevents the execution of code from unauthorized areas and prohibit writing code over executable areas.

X-space prevents hackers from penetrating into the devices and ensures the device is secure.

Object Size Checking (OSC)

Buffer overflow is probably the best-known form of software security vulnerability. A buffer overflow condition exists when a program attempts to put more data in a buffer than the buffer can hold, or when a program attempts to put data in a memory area past a buffer. In this case, a buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers. Writing outside the bounds of a block of allocated memory can corrupt data, crash the program, or cause the execution of malicious code. Your Cisco devices have full protection to determine buffer overflows in C or C++ code by having object size checks before a write call.

SafeC Libraries

Cisco IOS XE software uses efficient library functions that promote safer, more secure C or C++ language programming and are based on the ISO/IEC 9989:2011 (C11) specification. Several standard C library functions are susceptible to vulnerabilities that can serve as launch points for more sophisticated attacks.

While providing "safe" replacements for standard functions in a consistent naming schema, SafeC aims to mitigate security exploits due to buffer overflows, provides bound checks that may not be present in the native library, and prevents string termination and truncation errors. This SafeC safeguards your Cisco device hardware from buffer overflow attacks.

Cisco Signed Kernel Modules

Signed Kernel Modules ensure that any kernel modules loaded into your device are authentic and unmodified. This prevents unapproved and untrusted executable code from being loaded into the kernel by conventional means.

If the modules are not signed by Cisco, then they cannot be used with the Cisco IOS XE software. This feature stops unauthorized software from running on your Cisco devices. These hardening features protect Cisco IOS XE software and its components from attacks.

Secure JTAG (sJTAG)

JTAG was also adopted to program FPGAs and provide a CPU debug access port. A laptop and a JTAG debugger are often all that is required to provide access to an embedded CPU allowing for retrieval of firmware images, dumping memory, and monitoring software execution. A small size interface coupled with a sophisticated toolset gives attackers a portable yet powerful means to exploit a system.

By having a secure JTAG on your Cisco device, we can mitigate intellectual property (IP) theft and avoid the stealing of passwords or keys from the memory.

Secure Erase

The secure erase feature erases all customer information within your Cisco device. Secure erase is an operation that removes all the identifiable customer information in the device for purposes of product removal due to Return Material Authorization (RMA), upgrade or replacement, or system end-of-life.

• RMA for a device: If you must return a device to Cisco for RMA, remove all customer-specific data before obtaining an RMA certificate for the device.

• Recovering a compromised device: If the key material or credentials that are stored on a device are compromised, reset the device to the factory configuration, and then reconfigure the device.