Cyber attacks on embedded systems are on the rise. Embedded systems control numerous commonly used devices, including tablets, medical devices, industrial instrumentation, automobiles, and more. For embedded system security, you can use a number of techniques to reduce vulnerabilities and provide protection against threats against embedded devices.
Believing that embedded systems fell below the radar of serious hackers led to waves of attacks. Hackers can exploit these systems to steal intellectual property, copy designs, gain access to proprietary information about companies and their customers, utilize them as platforms to propagate further attacks, and even cause real world physical damage and harm to humans. Utilizing proper techniques, you can make your embedded system more secure and fight back against aggressive hack attempts.
The following are a number of embedded system security techniques in use today. With upfront planning in the requirements definition phase and then following through with implementation during product design, embedded systems can be made far more secure.
- Utilize a tamper-resistant enclosure around the design. Physical and electronic features, such as deadman switches or anti-tamper meshes, can be added to the enclosure that detect opening of the enclosure, or perhaps other intrusions such as drilling. These features can connect to circuitry that recognizes and reacts to the tamper. Board hardware then can react with countermeasures, such as resetting the system or erase passwords, codes, and other critical information.
- Implement circuitry distributed around the circuit board whose operation changes or responds to tamper. For example, a microcontroller placed on the circuit board can connect to various signals that are routed strategically around critical areas. If a hacker tries to access the signals by cutting the board, the operation of the signal changes (it likely is cut off and stops operating), triggering a tamper detection event and reaction.
- Utilize secure boot features of the microprocessor to authenticate firmware prior to execution. Prior to the start of boot image execution, the processor verifies that the boot image has been signed with a predetermined cryptographic key that is stored within the processor or other secure storage mechanism. An image without the proper key signature is considered improper and is not executed.
- Enable a Trusted Execution Environment (TEE) within the embedded system’s microprocessor. For example, ARM processors utilize TrustZone technology, where the processor and its peripheral set can be divided into secure and non-secure regions. The secure region utilizes encryption, authentication, security keys, and digital rights management features. The combination of secure boot and TrustZone implements a root and chain of trust that is resistant to rogue images being loaded and executed.
- Employ cryptography to encrypt and secure data being communicated. For example, strong encryption methods such as WPA-2 can be used for Wi-Fi transmission of data.
- Store data and other critical information in secure storage memories. This may be accomplished be encrypting data within the microprocessor or other encryption engine prior to writing to the memory (and decrypting the data after being read). Where possible, data may be stored within the processor itself, minimizing data transmission around the circuit board and avoiding probe attacks.
- Hardware accelerated cryptography engines perform computationally intensive cryptographic calculations far more efficiently than general purpose CPUs. This enhances cryptographic security be allowing more calculations per second and enables longer key generation. Many microprocessors include hardware cryptographic engines. For example, the NXP i.MX 6 enables SHA-256 hashing and AES keys up to 256 bits.
- Hardware random number generators can ensure strong and truly random data encryption keys and protect against protocol replay. Random numbers generated from software algorithms, while meeting statistical requirements for randomness, can be reconstructed once the algorithm is known and allow for a valid data transmission to be replayed, or repeated. Most current generation microprocessors have hardware random number generators.
- Secure real-time clocks provide reliable tamper-protected time sources. This is critical for applications that require accurate time stamps, such as billing for utilities, sensor data collection, point of sale terminals, medical devices, and more. Secure real time clocks are provided within some microprocessors and within standalone integrated circuits, and guard against unauthorized time changes, whether from malicious code or ESD/noise events.
- Secure debugging features protect an embedded system from attack via common debug mechanisms such as JTAG or Android Debug Bridge (ADB). The hardware being debugged must be capable of enabling debug port access via a unique and predetermined code or key. Leaving a debug port unprotected allows a hacker to observe program execution, read registers or memory locations, and even insert hostile code or change register/memory contents.
- For embedded system security, be careful when using the network for loading fixes to bugs, as well as remote updates. Hackers often use this to install code that gives them visibility to traffic going into and out of the system. The problem is that once the code is installed at the heart of the system, detection and removal are nearly impossible. The reason is that the code now controls commands for updates and detection. Controlling the update mechanism through a system such as SECO USA Device Manager provides the users total control of the update process.
Optimally, embedded system security must be planned at the requirements phase of any product design. This is required for the intentional selection of a processor with the appropriate security features and to implement hardware level detection. In some cases, it may be possible to update embedded system software to enable and utilize existing features that enhance security, such as encryption and authentication engines.
SECO USA specializes in the design of embedded systems and single board computers that are deployed in military, medical, and industrial applications, all areas where security is imperative for health, safety, and confidentiality. Our SecuritySmart suite of security technologies enables ground-up protection of embedded systems from hackers. Contact us to learn how SECO USA can secure your application.