CPU security flaws: DENSO devices are secure

This article is brought to you by Retail Technology Review: CPU security flaws: DENSO devices are secure.

Security researchers recently uncovered the massive processor flaws called Meltdown and Spectre. They affect almost all modern CPUs and allow hackers and malware to gain unauthorized access to memory areas of the CPU. As a result, contents such as passwords, login data, and other sensitive information are at risk to be stolen.

Due to the current situation, DENSO, part of the Toyota group and inventor of the QR code, has examined extensively all devices in their popular BHT series – with good news: None of their handhelds is equipped with the affected CPUs. Hence, the DENSO handhelds are not affected by Meltdown and Spectre.

Sina Haupt, Marketing Assistant of the DENSO Auto-ID Business Unit, says: "Just as the news about the security flaws broke out, our technical engineers tirelessly went and checked all our existing handhelds. Some of our customers were worried that our devices might be affected. We are glad that we can give them the all clear now."

The security flaws of the processors allow access to the memory. This, in turn, gives room to more than a dozen possible attacks, according to the security researchers. "For this, however, the devices that are to be attacked must have a very specific type of architecture", explains Thomas Kurpjuweit, Technical Product Engineer at the DENSO Auto-ID Business Unit.

The basic requirement to use the security flaws is the so-called out-of-order execution: In this process, the CPU does not necessarily follow commands as intended by the program code, but automatically optimizes the operations when carried out. That way, some commands can be executed at the same time, and the performance speed can be increased.

In contrast to out-of-order execution, there is in-order execution, in which the commands are strictly implemented according to the program protocol. It is precisely this contrast that makes the DENSO data collection devices secure: They all work with in-order execution. This means, the core features that make it possible to exploit the security flaws are not even built into the handhelds of the mobile data collection experts from DENSO.

"Reliable and tested CPUs are integrated into all our products, making them efficient and power-saving – and above all secure," explains Kurpjuweit. When planning and developing new handhelds and scanners, DENSO defines that the data collection device must not only be state-of-the-art but also stable and durable.

"When purchasing new scanners and handhelds, the user-device relationship must be the main focus," stresses Haupt. "Our units incorporate good and tested CPUs that meet the exact requirements that are critically important to our customers, for example from retail and logistics."

DENSO has been working with many of their clients for more than 20 years, and they always receive positive feedback. The IT decider of a supermarket chain sums it up perfectly: "To me, sensitive data entry is a matter of trust. We have been using DENSO for two decades and nothing is going to change that."