Table of Contents
Advertisement
Threat
Solution
Data being sent to ports
Channel switching is controlled by the front
by means of faulty or
panel buttons only with all keyboard hotkey
subverted keyboards or
or mouse switching capabilities removed
mice causing the channel
from the design.
to switch and sending
data in turn to each port.
Data transfer by means of
USB ports support keyboard and mouse
common storage.
(and card reader for AdderView Secure
Plus) connections only. The product does
not enable a USB memory stick or disk
drive to be shared between computers.
Unidirectional signalling protects against
data transfer across the switch.
Timing analysis attacks.
If a connection exists between a computer
and a shared microprocessor system, it
is potentially possible to determine what
may be happening on the micro by timing
the responses to repeated requests that
the micro must service. For example, if
a high data bit takes longer to transmit
through the system than a low bit it may
be possible to detect the pattern of data
flowing between other ports by attempting
to time the responses to otherwise normal
requests. In the AdderView Secure, each
port has a dedicated processor that only
has input signals from the rest of the
system. These input signals are only active
when the port is selected. Consequently a
timing analysis attack from one computer
would yield no information about data
flowing to another computer.
Threat
Solution
Forced malfunctions due
It is potentially possible to create forced
to overloaded signalling.
malfunctions by constantly and quickly
sending a stream of valid requests (such as
the request to update the keyboard lights).
A well known example of an undesirable
KVM malfunction is a "crazy mouse"
which was quite common with early KVM
switches and was caused by data loss on
PS/2 systems with the result that the mouse
darted around the screen randomly clicking
and opening windows. The unidirectional
design of the AdderView Secure ensures
that the influence of signalling on one port
cannot flow past the data diodes. This
means that overload signalling on one port
will not affect the operation of another
port. USB signalling is not susceptible to the
failure mechanism that caused the crazy
mouse on PS/2 systems.
The user selects the wrong
Only one simple method of selecting
port.
computers is provided. The selected port
is clearly and unambiguously indicated on
the front panel by means of coloured lights
adjacent to each key switch. For high levels
of security, the screens of high and low
security computers should be arranged to
look visibly different in general appearance.
Signalling by means of
Each port is independently powered by its
shorting the power supply
USB port. Shorting the power supply on
or loading the power
one port will not cause the power on other
supply.
ports to be switched off.
Tampering with the
The switch is designed to enable tamper
switch.
proof seals to be fitted over the counter-
sunk screws.
5
Advertisement
Table of Contents
