Appendix A

Design and Implementation: Modifying

Neumann Architecture

In this chapter, we discuss the design and implementation of an invention of a new

type of computer architecture that is capable of preventing data stored on computers
from being stolen.1
Modified Neumann architecture has shown promising in solving computer secu-
rity problems. The architecture separates the network communication component
from the other parts of computer system with a separate system bus. Data exchange
between the two system buses can only be performed through the bus controller via
a command issued by the computer operator. A secured micro-operating system is
used to guarantee the integrity of communications.
The micro-OS that runs on a microprocessor resides in the “red” zone. It uses
a firmware image that automatically loads to the microprocessor memory during
booting process. A watchdog monitors the system and reset the system whenever a
preset threshold is met. In addition, memory protection and virtualization techniques
are used to enhance runtime security and prevent code injection.
The invention has been prototyped and tested; it was awarded a national high-
tech grant.

A.1 Data Security in Computer Systems

Computers nowadays are very easy to be intruded via network especially through
the Internet. Therefore, information stored on a computer such as SSN, credit cards,
bank accounts, personal privacy information, etc. is vulnerable to computer hackers.

1 The chapter was based on a patent application the book authored files in 2005. The invention

received high recognition by then US Senator Orrin Hatch, a renowned Harvard professor, a
national medal of technology awardee and National Academy of Science member, and top
companies in the private sector.

© The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd. 2021 321
S. P. Wang, Computer Architecture and Organization,
https://doi.org/10.1007/978-981-16-5662-0
322 A Design and Implementation: Modifying Neumann Architecture

Firewalls in some extends can prevent information stored on a computer be

stolen. However, it can only effective in a certain period of time. Some firewalls are
mere software; some others even though use “hardware” to set up a “wall” between
the computer and the outside world; the core components are based on algorithms
or in other word software. On the other hand, a firewall is not designed to be used on
personal computers or handheld devices. So, it cannot guarantee that the information
stored on a computer will never be stolen.

A.1.1 Computer Security

Computer security is to study and to enhance the confidentiality, integrity, and

availability of computer systems (Bishop 2019). Certified information systems
security professionals (CISSP) classifies computer and information security into ten
domains* (Gregg 2019):
• Access control.
• Application development security.
• Business continuity and disaster recovery planning.
• Cryptography.
• Information security governance and risk management.
• Legal, regulation, investigations, and compliance.
• Operations security.
• Physical security.
• Security architecture and design.
• Telecommunications and network security.2
Computer security also can be classified into physical security and technological
security (ISC2 2010). Technological security can be divided into five aspects: appli-
cation security, operating system security, network security, architecture security,
and data security.
However, if the applications running on the web server are not properly designed
to prevent attacks, then hackers may be able to break into the database server from
the web server. One of such attacks is called SQL injection attack.
We are all tired of installing security updates on our computers. This is
an example of operating system security. An operating system (no matter it is
Windows, Mac iOS, or Linux) contains hundreds of millions of lines of source
code. It is very likely that there are bugs and other vulnerabilities. If an attacker has

2 Since 2015, the CISSP has changed to 8 domains. They include: Introduction to Security and

Risk Management, Asset Security, Security Architecture and Engineering, Communication and
Network Security, Identity and Access Management (IAM), Security Assessment and Testing,
Security Operations, and Software Development Security.
A Design and Implementation: Modifying Neumann Architecture 323

very good knowledge about the operating system and discovered the vulnerabilities,
security bleach would happen.
Data security is to guarantee the safety of data stored on a computer system
(Daswani et al. 2007). There are all kind of data on computers, from web browsing
data (cookies, history, etc.) to sensitive data such as passwords, banking information,
or even SSN. Identity theft would happen if those data are not properly protected
(Merkow and Breithaupt 2005).

A.1.2 Data Security and Data Bleaches

Privacy is one of the biggest concerns nowadays. Some employers use centralized
monitoring software to monitor employee’s E-mails and other private information.
Google operates under a streamlined privacy policy that enables the Internet’s most
powerful company to dig even deeper into the lives of its more than 1 billion users.
Google will share their users’ data across Gmail, Google Plus, YouTube, and other
products.
Identity theft is a more serious problem which draws attentions recently by the
Congress. Nearly 10 million people were victimized by identity theft in 1 year,
according to Time magazine, the lost reached 5 billion. In early March 2005, the
nation’s largest data miner ChoicePoint with 19 billion data files including driver’s
license, SSN, credit history, birth certificate, real estate deed, and even thumbprint
and DNA was broken into and some 145,000 people’s data was extracted. In Senator
Charles Schumer’s words, “Our system of protecting people’s identity is virtually
nonexistent in this country.” His staff was able to download personal information on
the likes of Dick Cheney and Brad Pitt from a ChoicePoint rival, Westlaw.
In a letter former US Senator Orrin Hatch wrote to the book author in responding
the invention in computer security, Senator Hatch said, “Identity theft is a serious
problem that has drawn much attention recently in Congress. As we know, the
damage caused can go beyond money and privacy and become a real threat to our
national security.”
So far, many current researches or inventions may have some impacts to reduce
the risk of information theft in one way or another. However, those solutions have
not solved the information security problems thoroughly due to the limitation of
the computer architecture they used. There is a problem that exists in John von
Neumann computer architecture model—the foundation of computer architecture.
If this problem is not solved, information stored on a computer will hardly be secure.
The main goal for the invention is to propose a new type of secure computer
system with a microprocessor-based hardware-assist and a micro-OS that can not
only monitor the system security but also enable computers to prevent intruders from
getting data stored in the computer system. In a pending patent, the book author
proposed a new computer architecture model—modified Neumann model. Based
on this new model, the network communication component is separated from the
other parts of a computer system with a separate system bus. All components in
324 A Design and Implementation: Modifying Neumann Architecture

a computer system (except network) reside on another system bus. Data exchange
between those two system buses can only be performed through the bus controller
via a command issued by the computer operator. So, data stored in this computer
(main storage) can only be accessed by the computer operator. In other words, user
data is isolated from outside networks and therefore cannot be accessed even if the
computer is compromised or taken over from outside networks.
In addition to preventing information theft, the system contains a security agent
that can monitor and report any security-related events. The recorded security events
can be transmitted to or viewed by the central monitoring system in real time.
A test bed has been developed, and experiments show that the system is very
promising. The major technology breakthrough is that it can prevent unauthorized
access of any information in a protected computer system. Security is guaranteed as
the system is implemented using the patent pending secure computer architecture
(hardware).
The theme of the research is stated as following:
• Study the widely used John Neumann computer architecture model.
• Modify the Neumann model and proposed a new secure architecture model.
• Complete the technical details and the implementation.
An add-on security board is constructed by using a coprocessor, FPGA, and
other digital circuits together with kernel software. A multiport I/O and a dual-
port memory interface circuits are designed in combing with the add-on circuit
board. The dual-bus system can be switched over one another through another add-
on circuit names bus controller. A micro-OS manages the add-on operations and
monitors the system security. In the following sections, each of the new designs will
be discussed in detail.

A.1.3 Researches in Architecture Security

There are many researches related to the secure computer architecture area.
Largman et al. (2004) proposed “automatically create multiple sequentially or
concurrently and intermittently isolated and/or restricted computing environments
method to prevent viruses, malicious, or even computer or device corruption and
failure.” According to this method, untrusted content is only exposed in the user
processor logic environment in a temporary storage. The question that remains for
this method is how to determine which content is trusted and which is not. There
might be a pre-determination process.
Anderson put “removable trusted (hardware) gateway devices” between each of
the inputs/outputs and the bus to secure the file transmission. As described, the
approval of access the data is dependent on a so-called LOCK. Once the lock is
stolen, intercepted, or hacked, sensitive data is then open to those hackers.
Hewlett-Packard (HP-Compaq 2002) has been working on a new type of secure
platform architecture (SPA). It is a set of software interfaces built on top of HP’s
A Design and Implementation: Modifying Neumann Architecture 325

Itanium-based product line. SPA will enable operating systems and device drivers to
run as unprivileged tasks and will allow services to be authenticated and identified.
The problem that exists in the SPA is that, as the company described, it uses a set
of software interfaces to authenticate and identify the tasks. Once the system is
compromised, SPA will not be able to function well.
Sean Smith and Steve Weingart (1999) developed a prototype using a high-
performance, programmable secure coprocessor. It is a type of software, Hardware,
and cryptographic architecture (Suh et al. 2005). This architecture addressed some
issues especially how to secure programs running on coprocessors and system
recovery. In term of secure information and data, there are lots of works that need
to be done.
Recently, MIT researchers proposed secure processors that enable new appli-
cations by ensuring private and authentic program execution even in the face of
physical attack.
So far, many current researches may have some impacts to reduce the risk of
information theft in one way or another. However, those solutions have not solved
the information security problems thoroughly due to the limitation of the computer
architecture they used. We have found that there is a problem that exists in John von
Neumann computer architecture model—the foundation of computer architecture. If
this problem is not solved, information stored on a computer will hardly be secure.

A.2 Single-Bus View of Neumann Architecture

Neumann architecture is the foundation of modern computer systems. It is a single

bus, stored program computer architecture that consists of a CPU, memory, I/O,
and storage. The CPU is composed of a control unit (CU) and arithmetic logical
unit (ALU) (von Neumann 1945). Almost all modern computers are Neumann
computers which are characterized as a single system bus (control, data, address)
with all circuits attached to it.

A.2.1 John von Neumann Computer Architecture

John von Neumann wrote First Draft of a Report on the EDVAC in which he outlined
the architecture of a stored-program computer. He proposed a concept that has
characterized mainstream computer architecture since 1945. Figure A.1 shows the
Neumann model.
A “system bus” representation of the Neumann model is shown in Fig. A.2. This
is just another view of the Neumann model, with the introduction of the concept of
direct memory access (DMA).
326 A Design and Implementation: Modifying Neumann Architecture

Fig. A.1 Block diagram of John von Neumann’s computer architecture model

Fig. A.2 A “system bus” representation of the Neumann model. It is equivalent to Fig. A.1 with
the introduction of DMA

A.2.2 Modified Neumann Computer Architecture

Since the 1990s, computer networks especially the Internet has been widespread
around the world. Computers are no longer only being used to compute as a
standalone machine. The feature of information exchange through network is a
vital component in today’s computers. Unfortunately, John von Neumann was not
able to foresee this change. One can argue that we can consider network as part
of input/output device which is already included in the Neumann model. However,
the network interface is so important that it is not appropriate to classify it as in the
general I/O device category. Furthermore, an I/O device in Neumann model refers to
those devices such as a keyboard, a display, a printer, etc. which are used for direct
interact with the computers. Now, the way people use a computer is quite different
than that of 70 years ago. So, a modification of Neumann’s computer architecture
model is necessary to reflect this change. Figure A.3 shows the modified Neumann
model. In Fig. A.3, a network unit (interface) is added to the computer system bus so
that the I/O unit only deals with input and output devices such as keyboard, mouse,
display, etc. Separating network unit from the general I/O offers great advantages.
A Design and Implementation: Modifying Neumann Architecture 327

Fig. A.3 Modified Neumann computer architecture model. Here network interface is added to the
Neumann model and is separated from the general input and output devices

A.2.3 Problems Exist in the Neumann Model

As we all know, Newton’s three law and theory of gravitation make essentially
identical predictions as long as the strength of the gravitational field is weak, which
is our usual experience. It was so dominant that no one would dare doubt until
Einstein predicts that the direction of light propagation should be changed in a
gravitational field. This discovery modified the Newton’s law and made the modern
theory of gravitation possible.
The Neumann model is so dominant that no one dare to challenge it since its birth
in 1945. However, if we look into the Neumann model from security perspective,
we could find out that it does have some drawbacks.
In the Neumann model, CPUs, memory, I/O, external storage, and network
interface are all connected to one single system bus which includes control bus,
data bus, and address bus. Once intruders break into the system from any network
locations, they can totally take over the computer system and do whatever they want.
For the Neumann model, the concept of CPU is a centralized control and
arithmetic unit. Even though nowadays a computer with multiprocessors is very
common, however those processors are merely coordinated together by software to
perform one task or a series of tasks. In other words, they share the same system
bus. Intruders can take over the whole system once they break into the system from
any network ports.

A.3 A Dual-Bus Solution

The main idea for this invention was to propose a new computer architecture that
enables computers to prevent intruders from getting data stored in the computer
system. Based on the modified Neumann model, the network communication
component is separated from the other parts of a computer system with a separate
system bus. All components in the computer system (except network) are run on
another system bus. Data exchange between those two system buses can only
328 A Design and Implementation: Modifying Neumann Architecture

be performed through the bus controller via a command issued by the computer
operator. So, data stored on this computer (main storage) can only be accessed by
the computer operator. In other words, user data is isolated from outside networks
and therefore cannot be accessed even if the computer is compromised or taken over
from outside network.
A computer platform constructed in accordance with the principles of the
present invention is intrusion-free, information and data secure computer system.
It comprises:
• Two zones (red zone and green zone) with two separated system buses.
• The network interface is only attached on one bus in red zone.
• Each bus has its own CPU and private memory.
• Main (protected) external storage is attached only on one bus in green zone.
• One cache storage (temporary external storage or dual-port external storage) is
connected to both internal system buses via a bus controller.
• A bus controller connects two internal system buses between the red zone and
green zone.
• Input and output devices such as keyboard, mouse, display, etc.
In Fig. A.3, a network interface is added to the Neumann model. Even though a
network interface can be considered as an input/output device, adding this interface
to the system bus and separating it from other parts (even the general I/O port)
has many advantages. The modification made it possible for this invention to
isolate network from other parts within a computer system, while data can still be
transmitted through the network.
Figure A.4 depicts a functional block diagram of such intrusion-free, information
and data secure computer system architecture (Wang 2005). Normally the computer
is in the state of green zone where all computation works are performed. In green
zone, network is disabled. When data transmission is needed, the bus controller
(BC) switches to red zone where another CPU is taken over the job. In red zone,

Fig. A.4 Block diagram of intrusion-free computer architecture. User data is stored on the main
storage which will never expose to the network (Color)
A Design and Implementation: Modifying Neumann Architecture 329

there is no external storage, all data is stored on cache storage via the bus controller.
The bus controller is managed by the computer operator or delegates (programs)
assigned by the computer operator. A switch (SW) is used to switch I/O devices to
the active bus.
Looking from network side (outside), this intrusion-free, information, and data
secure computer has one or more CPUs, internal memory, input/output devices such
as a keyboard and a mouse, network ports (Ethernet or wireless), and cache storage.
Because the red zone only deals with the network communication, suppose a hacker
break into the system from the Internet, what the hacker will see is just the temporary
data on the cache storage and maybe some of the system data. It is impossible for
the intruder to see data on the main (protected) storage.

A.4 Bus Controller

Figure A.5 is the block diagram of the bus controller. Bus A in green zone can access
the cache storage only if the EN 1 signal is enabled. Similarly, the bus B from the
red zone can access the cache storage only if the EN 2 signal is enabled. Notice that
EN 1 and EN 2 are controlled by the computer operator. Intruders cannot make any
enable actions without directly operating the computer.

Fig. A.5 Block diagram of bus controller that connects two buses and a cache (dual-port) storage
device for data exchange between the red zone and green zone
330 A Design and Implementation: Modifying Neumann Architecture

A.4.1 Working Mechanism of the Bus Controller

Computer operators can automatically enable the data access to the cache storage.
To automatically enable the data access to the cache storage, an operator set default
to bus A (green zone) so that data can be accessed directly from/to the cache storage.
When network communication is needed such as launching an Internet explorer, the
EN 2 is automatically enabled so that bus B is connected and bus A is disconnected
from the system so that main storage is isolated from the system.
A multiport interface is used to switch the keyboard/mouse and display devices
between those two buses either automatically. For automatic switching, the switch-
ing process is synchronized with the bus controller.
Combining the cache storage or temporary external storage with the bus con-
troller forms the dual-port storage which can be accessed by two computer system
buses. It is different from so-called dual-port external storage devices which, for
example, have one USB port and one FireWare port. In that case you can only attach
one port at a time. Attaching two ports simultaneously would damage the system.
When the cache storage is attached onto bus A in green zone, the files are
displayed, and then the trusted files are ready to be copied to the main storage.
After the operation, the cache storage is erased (Wang and Ledley 2006). User data
can then be copied to the cache storage if network transmission is further required.
When the cache storage is switched to the bus B in red zone, the data is displayed
and is ready to be transmitted. Data download from network or Internet can then be
stored on the cache storage. All data have to pass through the bus controller which
is controlled by the computer operator.

A.4.2 Coprocessor Board

The coprocessor board contains a coprocessor, an field programmable gate array

(FPGA), flash memory, multiport memory interface, multiport I/O interface, a bus
controller, and kernel program that enable the add-on board. The kernel program
also coordinates the communication between the add-on board and the current
computer system.
FPGA solutions from Lattice deliver unique features, high performance, and
excellent value for FPGA designs. LatticeXP FPGA devices utilize a combination
of non-volatile FLASH cells and SRAM technology to deliver a single-chip
solution supporting “instant-on” startup and infinite re-configurability. A non-
volatile FLASH cell array distributed within the LatticeXP FPGA device stores
the device configuration. At power-up the configuration is transferred from FLASH
memory to configuration SRAM in less than 1 ms providing an instant-on FPGA. In
addition, LatticeXP FPGA devices provide security by eliminating the need for an
external configuration bit-stream and by providing non-volatile security features.
Non-volatile, reprogrammable FPGAs are well suited for implementing system
logic for this project.
A Design and Implementation: Modifying Neumann Architecture 331

The LatticeXP architecture contains an array of logic blocks surrounded by

programmable I/O cells (PIC). Interspersed between the rows of logic blocks are
rows of sysMEM TM embedded block RAM (EBR).
On the left and right sides of the PFU array, there are non-volatile memory
blocks. In configuration mode, this nonvolatile memory is programmed via the
IEEE 1149.1 TAP port or the sysCONFIG TM peripheral port. On power up,
the configuration data is transferred from the non-volatile memory blocks to
the configuration SRAM. With this technology, expensive external configuration
memories are not required, and designs are secured from unauthorized read-back.
This transfer of data from non-volatile memory to configuration SRAM via wide
busses happens in microseconds, providing an “instant-on” capability that allows
easy interfacing in many applications.
There are two kinds of logic blocks, the programmable functional unit (PFU)
and programmable functional unit without RAM/ROM (PFF). The PFU contains
the building blocks for logic, arithmetic, RAM, ROM, and register functions. The
PFF block contains building blocks for logic, arithmetic, and ROM functions.
Both PFU and PFF blocks are optimized for flexibility, allowing complex designs
to be implemented quickly and efficiently. Logic blocks are arranged in a two-
dimensional array. Only one type of block is used per row. The PFU blocks are used
on the outside rows. The rest of the core consists of rows of PFF blocks interspersed
with rows of PFU blocks. For every three rows of PFF blocks there is a row of PFU
blocks.
Each PIC block encompasses two PIOs (PIO pairs) with their respective sysIO
interfaces. PIO pairs on the left and right edges of the device can be configured
as LVDS transmit/receive pairs. sysMEM EBRs are large dedicated fast memory
blocks. They can be configured as RAM or ROM. The PFU, PFF, PIC, and EBR
blocks are arranged in a two-dimensional grid with rows and columns. The blocks
are connected with many vertical and horizontal routing channel resources. The
place and route software tool automatically allocate these routing resources.
At the end of the rows containing the sysMEM blocks are the sysCLOCK
phase locked loop (PLL) blocks. These PLLs have multiply, divide, and phase
shifting capability, they are used to manage the phase relationship of the clocks.
The LatticeXP architecture provides up to four PLLs per device.
Every device in the family has a JTAG port with internal logic analyzer
(ispTRACY) capability. The sysCONFIG port allows for serial or parallel device
configuration. The LatticeXP devices are available for operation from 3.3 V, 2.5 V,
1.8 V, and 1.2 V power supplies, providing easy integration into the overall sys-
tem.
• PFU and PFF blocks The core of the LatticeXP devices consists of PFU and
PFF blocks. The PFUs can be programmed to perform logic, arithmetic, dis-
tributed RAM, and distributed ROM functions. PFF blocks can be programmed
to perform logic, arithmetic, and ROM functions. Except where necessary, the
remainder of the data sheet will use the term PFU to refer to both PFU and PFF
blocks. Each PFU block consists of four interconnected slices, numbered 0–3 as
332 A Design and Implementation: Modifying Neumann Architecture

Fig. A.6 PFU diagram

shown in Fig. A.6. All the interconnections to and from PFU blocks are from
routing. There are 53 inputs and 25 outputs associated with each PFU block.
• Slice Each slice contains two LUT4 lookup tables feeding two registers
(programmed to be in FF or Latch mode) and some associated logic that allows
the LUTs to be combined to perform functions such as LUT5, LUT6, LUT7,
and LUT8. There is control logic to perform set/reset functions (programmable
as synchronous/asynchronous), clock select, chip-select, and wider RAM/ROM
functions. Figure A.7 shows an overview of the internal logic of the slice.
The registers in the slice can be configured for positive/negative and edge/level
clocks.
There are 14 input signals, 13 signals from routing, and 1 from the carry-chain
(from adjacent slice or PFU). There are seven outputs, six to routing, and one to
carry-chain (to adjacent PFU).

A.5 Dual-Port Storage

Computer memory and storage are mostly single-port. This means that they can
only be attached to one processor. Dual-port storage is a type of external memory
which can be accessed by two processors simultaneously without worrying about
the read/write conflicts.
Motorola’s MPC 8260 is a chip that contains a 64-bit PowerPC microprocessor
and a versatile communications processor module (CPM). The MPC 8260 is used in
a wide array of applications, especially those in the communications and networking
A Design and Implementation: Modifying Neumann Architecture 333

Fig. A.7 Slice diagram

markets. Examples include remote access servers, regional office routers, cellular
base stations, and SONET transmission controllers.
A Lattice’s ispGDX2 TM generic digital crosspoint switch is used as a multiport
interface. The ispGDX2 device can interface the MPC 8260 with an external master
and a number of slaves including SDRAM and FLASH. The control logic for the
SDRAM and FLASH is built in a CPLD which is used to interface the MPC 8260
to the ispGDX2 device and to control the read/write to the memory. This function
can be implemented in Lattice CPLDs.
The PowerPC core of the 8260 (the PowerPC 603e) can be replaced by other
processors or ASIC. The memory controller within the MPC 8260 is utilized in this
design. Figure A.8 shows the diagram using MPC 8260 with the multiport interface.
Figure A.9 shows in detail the function, internal logic, and cross-connections
that the ispGDX2 performs in the design. This section includes the signal list
and descriptions of all signals used in this design and also provide a functional
description of the design.
334 A Design and Implementation: Modifying Neumann Architecture

Fig. A.8 Diagram of ispGDX2 multiport interface

Fig. A.9 Detailed functional block diagram

A.6 Micro-Operating System

Software design involves with controlling and monitoring the communication

between two zones. A micro-operating system is designed. It runs on a micro-
processor that resides in the “red” zone. The micro-OS uses a firmware image
A Design and Implementation: Modifying Neumann Architecture 335

that automatically loads to the microprocessor memory during booting process. A

watchdog monitors the system and reset the system whenever a preset threshold
is met. In addition, memory protection and virtualization techniques are used to
enhance runtime security and prevent code injection.

A.7 Putting Together

A prototype computer based on the newly proposed secure computer architecture

has been built (Fig. A.10). Preliminary tests show that it meets the design goals. The
Windows firewall was intentionally removed, and all security updates were declined
in order to test the data security on this computer system. Several intrusion tools
have been used to the tests including Key Loggers, Spyware, Spyware cookies,
Trojans, Worms, Virus, etc. The system has also undergone a series of tests by
senior security professionals and “white hat” attackers. So far, no data bleaches
have been found. The initial experiments prove that the proposed secure computer
architecture model can enhance the computer security. And hopefully it can be
adopted to modern personal computers.
Further research may result in the possibility of extending the scope of this
architecture from personal computers to server systems. In order to make the system
to be widely used in the market, software developing and hardware improvements

Fig. A.10 Prototype of a computer system based on the modified Neumann architecture
336 A Design and Implementation: Modifying Neumann Architecture

are needed to make the system not only prevent intruder from getting information
but also monitor the system security and capture and report any security-related
events.

A.8 Summary

In this chapter, we discussed a design of a secure computer architecture. A prototype

computer was built based on this architecture. Experiments show that it meets the
design goals to guarantee the data security even by turning off the Windows firewall
and removing and all security updates. The prototype was tested under several
intrusion and exploitation tools. There has been no incident to indicate that it had
been compromised by hacking into the system using tools such as Key Loggers,
Spyware, Spyware cookies, Trojans, Worms, etc. The system was also tested by
inviting some senior security personnel (white-hat attackers) to “attack” the system
remotely. The results proved that the proposed secure architecture machine can
enhance the computer security and therefore can be easily adopted to modern
personal computers.
Further research will improve the architecture and find the possibility to extend
its scope from personal computers to server systems. In order to make the system
to be widely used in the market, the research team is developing software that can
make the system not only prevent intruder from getting information but also monitor
the system security and capture and report any security-related events.

Exercises

A.1 What are the similarities and differences between the study of computer
security, information security, data security, and network security?
A.2 What are the eight domains for information system security defined by CISSP?
A.3 An attacker breaks into an information system by modifying data through the
web application. What type of the attack is?
A.4 Modern computers have many buses such as ISA, EISA, PCI, AGP, USB,
SATA, SCSI, etc. Why we still consider these computers as single-bus
computers?
A.5 Many people consider network interface is essentially an I/O device. Explain
why to separate the network interface from the general I/O devices is better in
studying computer security?
A.6 The dual-bus computer discussed in this chapter use two (main) buses. What
will happen if those two buses want to access the CPU or memory at the same
time? How to prevent it from happening?
A Design and Implementation: Modifying Neumann Architecture 337

A.7 A dual-port memory is defined such that two processors can be attached to the
memory together. A control bit is used to enable one processor to access the
memory while disabling the other. Draw a diagram of such implementation.

References

Bishop, M. (2019). Computer security: Art and science (2nd ed.). Boston: Addison-Wesley.
Daswani, N., Kern, C., & Kesavan, A. (2007). Foundations of security: What every programmer
needs to know. New York: Springer.
Gregg, M. (2019). CISSP exam cram (4th ed.). San Antonio: Pearson.
HP-Compaq Sets Platform Security (2002). eWeek.
ISC2 (2010). Fundamentals of information systems security. Bolingbrook: Jones and Bartlett
Learning LLC.
Largman, K., More, A. B., & Blair, J. (2004). Computer system architecture and method
providing operating-system independent virus-, hacker-, and cyber-terror-immune processing
environments. U.S. patent: US 2004-0236874, USPTO.
Merkow, M., & Breithaupt, J. (2005). Information security: Principles and practices. San Antonio:
Pearson Education Inc.
Smith, S. W., & Weingart, S. (1999). Building a high-performance, programmable secure
coprocessor. Computer Networks, 31, 831–860.
Suh, G. E., O’Donnell, C. W., Sachdev, I., & Devadas, S. (2005). Design and implementation of
the AEGIS single-chip secure processor using physical random functions. In Proceedings of
32nd International Symposium on Computer Architecture (ISCA’05) (pp. 25–36).
von Neumann, J. (1945). First Draft of a Report on the EDVAC. Philadelphia: Moore School of
Electrical Engineering, University of Pennsylvania.
Wang, S. (2005). Intrusion-free secure computer architecture for information and data security.
U.S. patent application.
Wang S., & Ledley, R. S. (2006). Connputer-a framework of intrusion-free secure computer archi-
tecture. In WORLDCOMP International Conference on Security and Management (SAM’06).