Last week saw the public announcement of two serious vulnerabilities, Meltdown and Spectre. These are serious flaws that exploit the behaviour of the CPU rather than software, which makes them both very pervasive and difficult to address.
We have analyzed Cydar EV, including the cloud hosting platform on which it runs (Amazon Web Services), and we believe that Meltdown and Spectre will not compromise patient data or prevent correct operation, for the following reasons:
- We use dedicated instances in the Cydar Vault, meaning that personally identifiable information is never processed on a machine that may also be used by other Amazon customers. This is done explicitly to avoid the risk of information leaks via vulnerabilities such as Meltdown and Spectre.
- The particular virtualization technology we use on AWS — Xen HVM (Hardware Virtual Machine) — is not susceptible to hypervisor escape via Meltdown.
- Cydar EV does not download new code to run after initial deployment, meaning that the sandbox escape that Spectre enables does not present a risk.
We are, of course, actively monitoring the situation as it develops, and are applying OS patches and other mitigations as a precaution. As Cydar EV is purely cloud software, this can be done without disruption to customers, who can continue to use the system as normal.
Meltdown and Spectre are almost unprecedented in their breadth and severity. The ramifications will be felt for a long while, and the nature of the vulnerabilities mean that comprehensive fixes are a long way away. In the meantime, we’ll continue to strive to make Cydar EV secure by design to address both known and unknown threats, and actively monitor the security landscape so that we can react quickly when necessary. Running in the cloud gives us the agility we need to do that.