BCDVideo Meltdown Spectre Response

In early January 2018, two major computer processor vulnerabilities were exposed. Dubbed Meltdown and Spectre, nearly every processor built in the last 20 years was left without basic security for its kernel memory – the protected core of an operating system.

Due to the way processors handle speculative execution – how modern processors achieve accelerated performance – a potential attacker can exploit the CPU vulnerabilities to gain access to the extremely sensitive data protected in the kernel memory. This includes passwords, cryptographic keys, and video data.

The Meltdown and Spectre vulnerabilities were especially prevalent on Intel processors and were met with a flurry of firmware and BIOS patches by the large-scale server manufacturers. While the patches were necessary to rapidly remove these critical vulnerabilities, processor-intensive tasks like IP video recording will see a potential slowdown in performance. Video recording places additional stress on the archiver, therefore special consideration is needed versus off-the-shelf IT servers.

Performance Testing Results

System testing was performed to find the expected slowdown after implementing the Meltdown and Spectre firmware and BIOS patches.

Test Configuration:

  • Recording 30 cameras at 150 Mb/s
  • Recording and viewing 15 cameras at 30 Mb/s

Machine Specs:

  • OS – Windows 10 Pro 64-bit
  • Processor – Intel Xeon E5-2620V4
  • Memory – 16 GB

The Meltdown firmware patch was seen to have a negligible effect on system performance – increasing CPU load less than 1%. A more sizeable increase in CPU load was found after testing the BIOS patch for the Spectre vulnerability. Recording devices experienced CPU load increases up to 25-30% – when viewing live or playback video, CPU load nearly doubled.

While the highest CPU load was seen below 50% utilization, systems with higher throughputs may see CPU usage approach 100%.

BCDVideo’s Response & Recommendation

To fully repair the Meltdown and Spectre vulnerabilities, both Windows firmware and the BIOS patches must be applied. Of these two, the BIOS update has a significantly larger impact on CPU load.

All BCDVideo servers are based upon Intel processors. To offset potentially adverse performance due to the necessary firmware and BIOS patching, we will be purpose-building higher performing processor chipsets, and if the situation warrants it, with an additional processor to maintain the exceptional recording performance security integrators and their customers have come to expect.

As always, we recommend following security best practices to keep your systems secure. As with any sensitive data, video surveillance represents an untapped pool of information. Updating default passwords, limiting access to a small number of users, and monitoring all system activity will help keep your video system secure from most threats.

If industry and innovation defined the late 20th century, the beginning of the 21st would be defined by data. Around the world, cities everywhere from London and Singapore to Seat Pleasant, Maryland, embrace broad, data-driven initiatives to transform today’s urban centers into the Smart Cities of tomorrow. This involves universalizing the latest 5G and fiber optic networks, expanding digital […]

Hybrid cloud infrastructures are quickly becoming the preferred cloud strategy in the video surveillance industry as the need for highly scalable and secure solutions that can accommodate the explosive growth in video data becomes increasingly important. With video analytics, A.I., machine learning, and deep learning applications driving the rising demand for more flexible storage solutions, […]

BUFFALO GROVE, Ill., Aug. 31, 2021 – BCD, the global leader in purpose-built video data infrastructure solutions, announced today the hiring of Hassan Makki and Wael Noureddine, both of whom will join the company’s rapidly growing Middle East, Russia, Africa, and Turkey (MERAT) team. Mr. Makki, who is based in the United Arab Emirates, has […]

As BCD expands its local presence throughout the APAC region, we are continuing to develop strategic partnerships with the region’s leading software companies that are seeking purpose-built video data infrastructure solutions to support their demanding applications, as well as the technical expertise to provide guidance on the optimal configurations that maximize the performance of their […]

Strategic hires strengthen BCD’s presence in the Middle East, Russia, Africa and Turkey region.  BUFFALO GROVE, Ill., Aug. 14, 2021 – BCDVideo, the global video data infrastructure leader, announced today the appointment of Fredy Issa as Managing Director of the Middle East, Russia, Africa and Turkey (MERAT) region. With 15 years of security industry experience, […]