Highlight of Computer Chipsets
Source: https://www.secplicity.org/2019/03/25/highlight-of-computer-chipsets/
It is often thought that a computer’s central processing
unit (CPU) handles everything within a computer. To some extent, this is true;
however, CPUs have delegates per se. These delegates are referred to as
chipsets and they have dedicated and specific tasks to carry out. Depending on
the chipset and its location, the respective chipset handles that part of a
computer and relays information back to the CPU – hence the central part of
CPU’s spelled-out name.
If you’ve ever opened your own computer case or assembled
your own personal computer, you may have taken some time to look at the
motherboard that holds all the components together. The motherboard is known as
a circuit board and is responsible for holding pluggable modules, as well as
providing whatever other input / output devices per integrated slots and ports.
Not all motherboards are the same and may each offer different slots.
Overview
of Common Slots and Ports
Aside from the CPU socket, other common slots and ports
include: random access memory (RAM) modules, used for rapid CPU access for
additional memory addressing; accelerated graphics port (AGP), used for video
cards regarding gaming or graphics editing purposes; serial advanced technology
attachment (SATA) ports, used for the persistent storage of files and programs;
and peripheral component interconnect (PCI) ports, which vary in purpose but
you can add a Wi-Fi module or other peripherals to connect to your computers
motherboard.
Another common port would be universal serial bus (USB)
which allows connectivity of mice and keyboards – what an upgrade from punch
cards!
Tying
in Chipsets
For PC motherboards, there are two main chipsets: the
northbridge and the southbridge. The northbridge is directly connected to the
CPU, allowing for faster transmissions between it and ports that require faster
speeds. These include your RAM modules and PCI express cards, as well as AGP.
A southbridge handles non-express PCI busses, USB ports,
and hard disk connections. Usually these components do not require
communications as fast as the components communicating with the northbridge. It
makes sense if you think about it. Latency in RAM, for instance, can cause
other issues with a computer running smoothly. Likewise, for graphics cards;
imagine your screen(s) rendering tearing during a game of some sort – very
unpleasant.
Each of the above-mention components is connected to a
slot, known as a bus. No, not school bus nor a transit bus, simply a piece of
circuitry that interfaces a connected component to the respective bridge. These
busses have individual speeds depending on if they’re connected to the
northbridge or the southbridge, as well as its purpose.
So How
Does Communication Between CPU and Other Chips Happen?
This is a great question, as I had the same thoughts. Prior
to researching this, I assumed there was some sort of API (application
programming interface) that handled this. These take form in what we know as
device drivers. In short, seeing that whatever pluggable peripheral modules are
available can potentially be programmed in multiple ways, there needs to be
some standardised format in which to communicate with a computer’s CPU.
After researching this I found I was on the right track, save
the technical details of how this is done. As fascinating as this is, the exact
steps are well beyond the scope of this, but I would suggest reading the
references for some insights I used in better understanding this aspect.
To sum up the process though, the CPU works through the
northbridge and southbridge to talk to other connected components. The device
drivers offer a layer of abstraction that allows the CPU to talk as it does,
translating communications to and from the connected device in its respective
communication manner.
Are
There Any Security Concerns?
You would think that since chipsets are embedded on systems
and there is no direct interaction with them, well not an obvious way of doing
this at least, that there wouldn’t be issues or concerns. Despite that thought
process, security concerns do exist with chipset and chips in general. We know
that security concerns do exist as in the case of the Spectre and Meltdown
vulnerabilities, and the Intel-specific Foreshadow vulnerability. Further even
was when Supermicro was under heat after allegedly having malicious tiny chips
embedded on their manufactured server motherboards, though this is a hardware
hack and is slightly different than a software hack.
Upon researching other attacks on chips and chipsets, I
actually came across one known as CLKscrew that warrants a post of its own.
When you begin to understand how computer cycles work, then you can see how an
attack like this is possible. I haven’t dived into research yet, but I will –
stay tuned for that in a future post. With all the above in mind, it is clear
that the potential attack surface is broader than one would think.
Conclusion
The intention of this post is to distinguish roles of a
computer’s chipset and breakdown different available components. Chipsets vary
in function from personal computers, to Arduinos and Raspberry Pis. It is also
intended to make known possible attacks that can be carried out on them, and
with them, in their respective manners.
Further, this post may give way to future posts about microcontrollers and expanding on Arduinos and Raspberry Pis (IoT security is a huge pitfall it seems). One big differentiator between chips within a personal computer and those on the two aforementioned devices is that there are public libraries available for use to program a particular device to do what you want. You might have a microchip used to control a matrix of LEDs, another to utilise radio frequencies, and beyond. Oh, the joys of collaborative efforts from enthusiast and developers alike!
_____________________________________________________________________________
Continue the conversation regarding chipsets at Cyber Security
X, Register your interest here.
_____________________________________________________________________________