A Microphchip That Can Stop Cyber Attacks

A new computer processor architecture developed at the University of Michigan (U-M) could assist in a future where computers proactively defend against cyber threats, rendering the current electronic security model of bugs and patches obsolete. 

The chip, called Morpheus, blocks potential attacks by encrypting and randomly reshuffling key bits of its own code and data 20 times per second. 

According to the team at U-M, this processor is faster than a human hacker and a thousand times faster than even the fastest electronic hacking techniques.

“Today’s approach of eliminating security bugs one by one is a losing game,” said Todd Austin, U-M professor of computer science and engineering. “People are constantly writing code, and as long as there is new code, there will be new bugs and security vulnerabilities.”

Also the developer of the system, Austin added: “With Morpheus, even if a hacker finds a bug, the information needed to exploit it vanishes 50 milliseconds later. It’s perhaps the closest thing to a future-proof secure system.” Austin and his colleagues have demonstrated a DARPA-funded prototype processor that successfully defended against every known variant of control-flow attack, one of hackers’ most dangerous and widely used techniques.

The researchers said the technology could be used in a variety of applications, from laptops and PCs to Internet of Things (IoT) devices, where simple and reliable security will be increasingly critical.

“We’ve all seen how damaging an attack can be when it hits a computer that’s sitting on your desk,” he said. “But attacks on the computer in your car, in your smart lock or even in your body could place users at even greater risk.”

Austin said that the system embeds security into its hardware, instead of using software to patch known code vulnerabilities. Such an application makes vulnerabilities impossible to pin down and exploit by constantly randomising critical programme assets in a process known as “churn”, he added.

“Imagine trying to solve a Rubik’s Cube that rearranges itself every time you blink,” Austin said. “That’s what hackers are up against with Morpheus. It makes the computer an unsolvable puzzle.”

The chip, however, is transparent to software developers and end-users as the technology focuses on randomising bits of data known as “undefined semantics”. Undefined semantics refers to the “nooks and crannies” of the computer architecture: for example, the location, format and content of programme code are undefined semantics.

According to the team, this randomisation of data is part of a processor’s most basic machinery, and legitimate programmers don’t generally interact with this process. However, hackers can reverse-engineer them to uncover vulnerabilities in a system and launch an attack.

The chip’s churn rate can be adjusted up or down to strike the right balance between maximising security and minimising resource consumption.

Austin explained that a churn rate of once every 50 milliseconds was chosen for the demonstration processor. This is because it’s several thousand times faster than the fastest electronic hacking techniques, but only slows the performance by around 1 per cent.

The computer processor architecture also features an attack detector. This searches for impending cyber threats and increases the churn rate if the system senses than an attack is imminent. Austin and colleagues presented the chip and research paper in April 2019 at the ACM International Conference on Architectural Support for Programming Languages and Operating Systems.

Engineering&Technology

You Might Also Read: 

Wanted: A New Microchip For The AI Era:

MIT Develops A Hack-Proof RFID Chip:

« Using Identity Access Management
Snowden Explains Why The CIA Is On Instagram »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Tiro Security

Tiro Security

Tiro Security is a boutique company specializing in information security and IT audit recruitment and solutions.

Dcoya

Dcoya

Dcoya's complete security awareness training program gives you out-of-the-box compliance with PCI-DSS, HIPAA, SOX and ISO regulations.

Crossmatch

Crossmatch

Crossmatch is a world leader in risk-based composite authentication and biometric identity management.

Bolton Labs

Bolton Labs

Bolton Labs is a leading provider cybersecurity services, tools, and analysis for MSPs and organizations who want to scale their security offerings.

Me Learning

Me Learning

Me Learning provides engaging, informative and clearly explained learning materials for complex and challenging professional environments in areas including GDPR and Information Governance.

Cask Government Services

Cask Government Services

Cask Government Services focuses on program management, cybersecurity, logistics, business analysis and engineering services for Federal, State and Local Government.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

Root9B (R9B)

Root9B (R9B)

R9B offers advanced cybersecurity products, services, and training to enhance the way organizations protect their networks.

Amadeus Capital Partners

Amadeus Capital Partners

Amadeus Capital Partners offers over 20 years’ experience in technology investment. Our areas of focus include AI & machine learning and cyber security.

BlueHalo

BlueHalo

BlueHalo is purpose-built to provide industry capabilities in the domains of Space Superiority and Directed Energy, Missile Defense and C4ISR, and Cyber and Intelligence.

Cynomi

Cynomi

Cynomi is a leading strategic cybersecurity operations platform that automates cybersecurity knowledge and expertise to empower teams with little to no in-house expertise.

Difenda

Difenda

Difenda Shield is a fully integrated and modular cybersecurity suite that gives your organization the agility it needs to implement a world-class cybersecurity system.

Capgemini

Capgemini

Capgemini is one of the world's foremost providers of consulting, technology and outsourcing services. Areas of expertise include Cybersecurity.

risk3sixty

risk3sixty

Risk3sixty are information and cyber risk management craftsmen helping build business-first security and compliance programs.

Pulsar Security

Pulsar Security

Pulsar Security is a team of highly skilled, offensive cybersecurity professionals with the industry's most esteemed credentials and advanced real-world experience.

Noma Security

Noma Security

Noma Security's mission is Application Security for the Entire Data & AI Lifecycle.