Security Development History
A Longstanding Commitment to Security
Intel’s commitment to security has never been stronger. We invest in unparalleled people, processes, and products, integrating security in the ways we work and everything we work on.
Intel has invested in security since our early days as a silicon manufacturer. We began exploring security development lifecycle (SDL) practices in the late 1990s. SDL uses extensive research to inform the development process, integrating security and privacy principles at every stage. Hardware security took on renewed importance in 2017, based on revolutionary security findings felt across the industry. Intel introduces new security features in each platform release to address the evolving cybersecurity landscape.
Intel incident response follows coordinated vulnerability disclosure practices to release findings and mitigations together. Our experts drive a security-first mindset, including collaboration with researchers and leading academic institutions.
Here’s an overview of Intel’s security journey, starting in the 1990s with the dawn of connected computing.
1990s
Internet accessibility grows, as does the spread of malware;, Wi-Fi is born, Security and privacy awareness increase
Intel evolves from processors to a full-fledge platform company with an increased emphasis on formal security research.
Security Milestones
- Crypto team formed in Intel Labs
- Hardware random number generation in CPU debuts with the Intel Pentium III, a first step in hardware-enhanced encryption technology
- Intel introduces LANDESK for desktop management
- Modernization of Basic Input/Output System (BIOS) firmware with a common codebase for increased security
- Intel drives formation of Desktop Management Task Force (DMTF) for the first open PC system and security management specification: Desktop Management Interface (DMI)
2000s
Intel® Centrino® made wireless ubiquitous. Social media explodes. Emergence of self-propagating malware ("worms").
Intel’s expanding product portfolio results in the introduction of new security practices.
Security Milestones
- Intel begins wide-scale use of Security Development Lifecycle (SDL) practices
- Intel forms the Product Security Incident Response Team (PSIRT)
- Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) developed to integrate AES encryption into processors, bringing performance improvements for disk encryption and internet communication
- Intel® Virtualization Technology (Intel® VT) introduces virtualization capabilities to mass-market servers
- Intel® Key Protection Technology helps ensure that private keys remain protected in hardware
- Trusted Computing Group (TCG) is formed with Intel as a founding member
- Intel® Trusted Execution Technology (Intel® TXT) initially delivered on Intel vPro® platforms
2010-2017
Connectivity increases, from massive data centers to the Internet of Things (IoT). New attack surfaces introduce new security concerns.
Intel transformed to a platform company spanning all levels of the stacks and evolving with the ever changing technology landscape. Our focus on security keeps pace with investments in people, practices, and products.
Security Milestones
- Intel Security Architecture Forum (SAFE) is formed, providing security architecture reviews for Intel product teams
- Platform security technology for Confidential Computing is enhanced with the launch of Intel® Software Guard Extensions (Intel® SGX)
- Penetration testing and processor fuzzing bring modern security methods to hardware validation
- Internal SDL tooling launched with central source of security requirements, templates, training, and project tracking
- Intel® Hardware Shield and Microsoft's Secured-core PC initiatives combine hardware, firmware, and software to build more secure client platforms
- SDL Essentials knowledge base launched for software and firmware developers
- Intel® Secure Key launched on 3rd generation Intel® Core™ processors
- Intel® Boot Guard validates and authenticates firmware at boot, strengthening hardware root-of-trust
- Intel® Platform Trust Technology (Intel® PTT) enables integrated root-of-trust concepts compatible with Trusted Platform Module (TPM) standards
2018-Today
Transient execution attack causes a mindset shift across the industry. Global COVID pandemic increases remote work. New cyberattacks emerge. Intel security pledge first and IPAS formed.
With increased focus on hardware security, Intel steps up to lead industry response, driving unprecedented collaboration and establishing coordinated disclosure principles.
Security Milestones
- The first mitigations are released to address Spectre and Meltdown side-channel disclosures
- The Intel Security-First Pledge is introduced (and refreshed in 2021)
- The Intel Product Assurance and Security (IPAS) group forms to centralize security development and oversight
- Introduced Intel® Threat Detection Technology (Intel® TDT) to help protect against advanced persistent threats by using silicon-level telemetry
- Launch of Intel® Total Memory Encryption (Intel® TME) and Intel® Control-Flow Enforcement Technology (Intel® CET)
- Introduces SDL Essentials for hardware, spanning Intel® Core™, Intel® Xeon®, and Intel Atom® processors
- nhanced security capabilities introduced in 11th Gen Intel® Core™ Processors, 12th Gen Intel® Core™ Processors, and 3rd Gen Intel® Xeon Scalable processors