Secure Embedded Systems

2,315 views
2,002 views

Published on

Der Vortrag zeigt anhand von Beispielen für Angriffe auf eingebettete Systeme, wie sie in vernetzten Systemen heute schon praktiziert werden, wie wichtig Security hier ist.

Aus den Angriffen und einer Prognose über die Weiterentwicklung der System-funktionen werden Sicherheitsanforderungen für eingebettete Systeme der Zukunft abgeleitet. Daraus ergibt sich dann eine Sicherheitsarchitektur für die Systeme mit wichtigen Standardkomponenten als Vertrauensanker. Dazu zählen sogenannte Secure Elements, sichere Identitäten und separierende Betriebssysteme.

Hierzu werden aktuelle Forschungsarbeiten zum Einsatz von Secure Elements im Automobil, Smart Grid und mobilen Endgeräten vorgestellt. Es wird gezeigt, wie sichere Identitäten aus Materialeigenschaften mit Physical Unclonable Functions abgeleitet werden können und wie Betriebssysteme, die Secure Elements und Separierung nutzen, die Sicherheit erhöhen.

Kolloquiumsvortrag von Prof. Georg Sigl, Technische Universität München

Dienstag, 17.12.2013, 16:00 Uhr, Hörsaal 47.03 (Elektrotechnikgebäude, Pfaffenwaldring 47)

Informatik-Forum Stuttgart e.V.

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,315
On SlideShare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
100
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Secure Embedded Systems

  1. 1. Technische Universität München Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge Kolloquium der Fakultät 5 der Universität Stuttgart 17. Dezember 2013 Prof. Dr.-Ing. Georg Sigl Lehrstuhl für Sicherheit in der Informationstechnik Technische Universität München Fraunhofer Institut für Angewandte und Integrierte Sicherheit AISEC
  2. 2. Technische Universität München Content • Attack examples on embedded systems • Future secure embedded systems 2
  3. 3. Technische Universität München ATTACKS ON EMBEDDED SYSTEMS 3
  4. 4. Technische Universität München Attacks on modern cars Comprehensive Experimental Analyses of Automotive Attack Surfaces S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno. USENIX Security, August 10–12, 2011. 4
  5. 5. Technische Universität München Attacks on industrial control systems: Stuxnet http://www.faz.net/aktuell/feuilleton/debatten/digitales-denken/trojaner-stuxnet-der-digitaleerstschlag-ist-erfolgt-1578889.html 5
  6. 6. Technische Universität München Attacks on industrial control systems Source: http://www.bhkw-infothek.de/nachrichten/18555/2013-04-15-kritische-sicherheitsluckeermoglicht-fremdzugriff-auf-systemregler-des-vaillant-ecopower-1-0/ 6
  7. 7. Technische Universität München Attacks on smart grid through smart meter 7
  8. 8. Technische Universität München Attacks on medical devices Source: http://media.blackhat.com/bh-us-11/Radcliffe/BH_US_11_Radcliffe_Hacking_Medical_Devices_Slides.pdf 8
  9. 9. Technische Universität München Product Piracy • Estimated damage in machine construction industry (source VDMA) – 7.9 Billon Euro (~4% of revenue) • Steps of pirates – HW Component identification – Software extraction – Rebuilding hardware – Cloning software 9
  10. 10. Technische Universität München Trends increasing the security risks • Network connection – ES can be attacked through network – Insecure system  remote attacks  attacked through unprotected ES  malware • Standardization in software – Operating systems (e.g. Linux) – Web browsers • Platform design with software configurability  jail break, tuning • Concentration of multiple functions (multicore)  separation risk • Significant Know-How in ES  product piracy • Hacker = product owner  hardware attacks 10
  11. 11. Technische Universität München Threads in Cyber Physical Systems Network and Backgroud Systems Attacks through broken embedded systems Attacks out of Cyberspace Embedded System BMBF-FKZ: 01IS13020 11
  12. 12. Technische Universität München FUTURE SECURE EMBEDDED SYSTEMS 12
  13. 13. Technische Universität München Requirements for future secure embedded systems 1. 2. 3. 4. Security for more than 10 years (target 30 years) Secure machine to machine communication (M2M) Protection of embedded systems against manipulation and misuse Fulfillment of typical non functional requirements, i.e.: – Real time behavior – Resource limitations (cost, power) 5. Maintain security despite of increasing complexity 6. Protection of intellectual property 7. Secure software update during operation 13
  14. 14. Technische Universität München Secure embedded system M2M other System on Chip SIM ID Actuator GSM Trust Core 1 OS Core 2 Core i System on Chip Core n IO-interfaces RAM Flash ID Sensor Peripherals Hardware Security Module 14
  15. 15. Technische Universität München Secure embedded system: Chip Identities M2M other System on Chip SIM ID Actuator GSM Trust Core 1 OS Core 2 Core i System on Chip Core n IO-interfaces RAM Flash ID Sensor Peripherals Hardware Security Module 15
  16. 16. Technische Universität München IDs for Hardware • Binding of components – Authentication – Integrity checking • Piracy protection – Encryption with derived keys • Methods – Physical Unclonable Functions (PUF) : fingerprint of a chip – Fuses (electric or laser) – Flash memory 16
  17. 17. Technische Universität München PUFs as security primitive „Unique“ Physical Property + Measurement Method = Authentication, Key Generation PUF + = Physical Unclonable Function 17
  18. 18. Technische Universität München Ring Oscillator PUF (Suh and Devadas, 2007) * • Ring oscillator frequencies depend on manufacturing variations • Two ROs are compared to obtain a response bit * G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key generation. Design Automation Conference, 2007. DAC ’07. 44th ACM/IEEE, pages 9–14, 2007. 18
  19. 19. Technische Universität München SRAM PUF (Guajardo et al., 2007) * • Symmetric circuit balance influenced by manufacturing variations • SRAM cells show a random, but stable value after power-up * J. Guajardo, S. S. Kumar, G. J. Schrijen, and P. Tuyls. FPGA intrinsic PUFs and their use for IP protection. In CHES 2007, volume 4727 of LNCS, pages 63–80. Springer, 2007 19
  20. 20. Technische Universität München Automotive ECUs today and in future Microcontroller Microcontroller NVM RAM Code key CPU Code application PUF key Embedded Flash 65nm √ 40nm √ 28nm ? ??? CPU application Flash Encrypted Code/Data Logic Process + external Flash + Shrinkable + Lower Cost + Higher Performance 20
  21. 21. Technische Universität München Alternatives to PUF based key generation Microcontroller RAM • Fuses – Electrical • Reliability: weak Code key CPU application – Laser • Size: very large • Security: Easy to identify and modify Flash Encrypted Code/Data • OTP (one time programmable memory) – Cost: comparison with PUF technology open – Security: memory cells easier to detect, extract and modify – Programming of key during test increases test complexity 21
  22. 22. Technische Universität München Reliability of PUFs • Critical parameters: – Temperature – Voltage – Ageing • Countermeasures: – Differential measurement – Redundancy: Selection of reliable bits (1000 PUF Bits  100 Key Bits) – Proper design: Design and design parameters must consider the behavior of temperature and voltage variations as well as ageing (as for any other circuit design) 22
  23. 23. Technische Universität München Frequency behavior of an oscillator PUF f Osc 3 instable Osc 4 f Osc 1 good Osc 2 f Osc 5 Osc 6 -40°C 25°C Critical: uniqueness may be compromised 150°C 23
  24. 24. Technische Universität München State of the Art in error correction Encoded Key Bits PUF Bits: - Reliable 1 - Reliable 0 - Unreliable PUF Response Block Borders Helper Data u =1 index of selected bit 1 u2=? u3=3 • All error correctors work on fixed block structure: e.g. IBS (Yu and Devadas, 2010 *) • Goal: find one white and one black square in each block of four • Helper data store the indices of selected bits * M.-D. Yu and S. Devadas, Secure and robust error correction for physical unclonable functions, IEEE Design & Test of Computers, vol. 27, no. 1, pp. 48-65, 2010 24
  25. 25. Technische Universität München Differential Sequence Coding * Encoded Key Bits PUF Response Helper Data - distance - inversion • • • • No fixed block borders Helper data store distance to next bit and an inversion indicator Larger blocks of unreliable bits can be skipped Most efficient error corrector scheme known to date * M. Hiller, M. Weiner, L. Rodrigues Lima, M- Birkner and G. Sigl. Breaking through Fixed PUF Block Limitations with Differential Sequence Coding and Convolutional Codes, TrustED, 2013 25
  26. 26. Technische Universität München Components of a PUF key store Challenge Ci • • • • • Physical System Response Error Correction S RCi E Challenge: Physical System: Response: Error Correction: Hash Function: Hash Function Helper Data (Public) Key H K Power-On for SRAM, Ring-Oscillator selection SRAM, Ring-Oscillators Stream of Bits Using public helper data to increase reliability Removes bias in the key bit distribution 26
  27. 27. Technische Universität München Secure embedded system: Secure Elements M2M other System on Chip SIM ID Actuator GSM Trust Core 1 OS Core 2 Core i System on Chip Core n IO-interfaces RAM Flash ID Sensor Peripherals Hardware Security Module 27
  28. 28. Technische Universität München Tasks of Secure Elements • • • • • • • • Key storage Asymmetric cryptography (signing and encryption) Session key generation Random number generation Access right check Integrity check Attestation Secure data storage • Resistance against Hardware attacks! 28
  29. 29. Technische Universität München Secure Element in a vehicle • In BMBF Project SEIS (Sicherheit in eingebetteten IP-basierten Systemen) AISEC integrated a Secure Element in a car. Internet Gateway OEM Server Secure Element 29
  30. 30. Technische Universität München Secure Element in Smart Meter The BSI Protection Profile requests a Secure Element in the Smart Meter Gateway. Secure Element Source: Protection Profile für das Gateway eines Smart Metering Systems; http://www.bsi.bund.de 30
  31. 31. Technische Universität München Secure Smart Meter • Java 3.0 Secure Element in Smart Meter – All security functions enclosed – Communication end point • Gateway – Memory (encrypted) – Display – Communication channels • Advantages: – High Security through Hardware Secure Element – Easier certification 31
  32. 32. Technische Universität München Secure Elements in mobile phones 3 Secure Elements • SIM • Security Chip • Secure SD Card 32
  33. 33. Technische Universität München Secure embedded system: Secure Software M2M other System on Chip SIM ID Actuator GSM Trust Core 1 OS Core 2 Core i System on Chip Core n IO-interfaces RAM Flash ID Sensor Peripherals Hardware Security Module 33
  34. 34. Technische Universität München Trusted OS • Trusted execution environment in the system controller • Virtualisiation for application separation • Integration of a hardware secure elements as trust anchor 34
  35. 35. Technische Universität München Trusted OS: Linux Containers (Trust|Me) Idea: Sandboxed Android using container-based isolation – Remote device administration – – Remote access using ssh and other Linux utilities Storage – – Transparent file encryption (device or file based) – – Filesystem snapshots and recovery File integrity protection using Linux Security Modules (LSM) Network – – Transparent tunneling using Virtual Private Networks (VPN) Graphical User Interface (GUI) – Secure display (indicated by LED) and secure input (hardware buttons) – Secure PIN entry used to unlock SE in microSD card (key storage) 35
  36. 36. Technische Universität München Thank You georg.sigl@aisec.fraunhofer.de sigl@tum.de 36

×