Apple shares security guides for each new release of its operating systems, and it updates them every year. Today it shared its 2021 Platform Security guide that examines all of its platforms. There’s also a web page dedicated to it.
2021 Platform Security
The guide [PDF] is organized into sections covering: Hardware security and biometrics, system security, encryption and data protection, app security, services security, network security, developer kits, secure device management, and security certifications and programs.
Here are a couple of new bits involving Apple’s M1 processor:
Starting with A14 and the M1, the Secure Neural Engine is implemented as a secure mode in the Application Processor’s Neural Engine. A dedicated hardware security controller switches between Application Processor and Secure Enclave tasks, resetting Neural Engine state on each transition to keep Face ID data secure. A dedicated engine applies memory encryption, authentication, and access control. At the same time, it uses a separate cryptographic key and memory range to limit the Secure Neural Engine to authorized memory regions.
Custom shortcuts are versatile—they’re similar to scripts or programs. When downloading shortcuts from the internet, the user is warned that the shortcut hasn’t been reviewed by Apple and is given the opportunity to inspect the shortcut. To protect against malicious shortcuts, updated malware definitions are downloaded to identify malicious shortcuts at runtime.