Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Networked Home Appliances and Vulnerabilities.  by Yukihisa Horibe

1,463 views

Published on

A decade has passed since the introduction of network enabled home appliances into the market. Every year these appliances advance in functionality and inter device integrations, such as the integration with cell phones/smart phones , service servers/ cloud services and more. This has lead to a significant increase in the information and value that the network enabled house hold appliances handle. Under such circumstances a vulnerability in the house hold appliance could be leveraged to gain access to other devices and information. In this presentation I will present whether such risks can be actualised and the changes of functionality and vulnerabilities in network enabled house hold appliances,looking at those changes from a user's and developer'sperspective.

Yukihisa Horibe

Panasonic Corporation Analysis Cente
Panasonic PSIRT member.
Over 10 years of experience in vulnerability research and risk analysis regarding networked household appliances and embedded systems.

Published in: Technology
  • Be the first to comment

Networked Home Appliances and Vulnerabilities.  by Yukihisa Horibe

  1. 1. Networked Home Appliances and Vulnerabilities. Panasonic Corporation Analysis Center Yukihisa Horibe
  2. 2. Profile 堀部 千壽(Yukihisa Horibe) 2 Panasonic Corporation Analysis Center Panasonic-PSIRT Member Focusing on improving security for networked home appliances Vulnerability assessment of house hold appliances and embedded systems Vulnerability assessment of home service servers Table top analysis of networks including house hold appliances. Over 10 years of experience in security evaluation related work
  3. 3. Agenda 3 Changes in the feature of connected CE products The risks to connect Performance and trends in the Vulnerability Assessment for connected CE products Security functions required for CE products in the time of IoT Closing
  4. 4. Agenda 4 Changes in the feature of connected CE products The risks to connect Performance and trends in the Vulnerability Assessment for connected CE products Security functions required for CE products in the time of IoT Closing
  5. 5. Evolving Home Appliances. 5  Remote Control  Media Server HDD Recorder  Image Upload  Wifi Data Transfer Digital Camera/Video Cam  CDDB Audio System  Browser  Media Player  Smartphone like apps  Browser  Media Player  Smartphone like apps Digital TVDigital TV  Browser  Media Player  Smartphone like apps Digital TV Door Chimes  Notification  Communications  Measurements data transfer Scales Device Integration Smartphone Integration Cloud Integration  Monitoring  Power Control  On Demand Control HEMS  Monitorin  Remote Control Air Conditioner
  6. 6. Historical Overview of Function and Data Information of Networked Home Appliances(~2005:Growth Period) 6 Internet(Household) Cellphones Digital TV Recorders Cooking Appliances 201220102008200620042002 ADSL mova 3G Browser Remote operations Status Notifications
  7. 7. Historical Overview of Function and Data Information of Networked Home Appliances(~2005:Growth Period) 7 Internet (Household) Cellphones Digital TV Recorders Cooking Appliances 201220102008200620042002 ADSL mova 3G Browsers Remote Operation Status Notifications ID/Password Recording Information email address Status Info on operations Access History Most of the functions are contained within each appliance and the information they handle is limited.
  8. 8. Historical Overview of Function and Data Information of Networked Home Appliances(2005~2010:Evolution Phase) 8 Internet(Household) Cellphone Digital TV Recorder Audio System/Music Digital Camera/Camcorders Cooking Appliances Home Related 201220102008200620042002 ADSL FTTH(Optical Fiber) mova 3G Browser Remote Operations CDDB Appliance Integration (DLNA) VOD Status notifications Security: Status Monitoring Door Chime:Visitor Notification HEMS Image Upload
  9. 9. Historical Overview of Function and Data Information of Networked Home Appliances(2005~2010:Evolution Phase) 9 Internet (Household) Cellphones Digital TV Recorder Audio Systems/Music Digital Camera/Camcorder Cooking Appliance Home Related 201220102008200620042002 ADSL FTTH(Fiber Optic) mova 3G ブラウザ 宅外操作 CDDB Device Integration (DLNA) VOD 状態通知 Security Status Monitoring Door Chime Visitor Notifications HEMS Image upload CD Ownership List Payment Info Viewing History “at home” info Operational Info of each appliance Image Information Blog/UL Service Account Visitor Info email Address Content Ownership Info Device Ownership Info Operational Info of each device Power usage info With the increase in server/inter-device integration the importance of information also grew
  10. 10. Historical Overview of Function and Data Information of Networked Home Appliances(2010~:Mature Phase) 10 Internet(Household) Cellphone DigitalTV Recorder Audio System/Music Digital Camera/Cammcorder Health Care Appliances Cooking Appliances Home Related 201220102008200620042002 ADSL FTTH(Fiber Optic) mova 3G smartphone Browser Remote Operations CDDB Device Integration (DLNA) VOD Status Notifications Security Status Monitoring Door Chimes Visitor Notification applications HEMS Smartphone Integration AC Remote Operations Image Upload
  11. 11. Historical Overview of Function and Data Information of Networked Home Appliances(2010~:Mature Phase) 11 Internet(Household) Cellphone Digital TV Recorder Audio System/Music Digital Camera/Cammcorder Health Care Appliances Cooking Appliances Home related 201220102008200620042002 ADSL FTTH(Fiber Optic) mova 3G Smart Phones Browser Remote Operation CDDB 機器連携 (DLNA) VOD Status Notification Security Status Monitoring ドアホン 来客通知 Apps HEMS Smartphone Integration AC Remote Operation Image Upload Payment Info Purchase History Address/Name Blog/SNS Account Physical Info Service Account Operation Info Service Account
  12. 12. Historical Overview of Function and Data Information of Networked Home Appliances(2010~:Mature Phase) 12 Internet(Household) Cellphones Digital TV Recorder Audio System/Music Digital Camera/Camcorder Health Care Appliances Cooking Appliance Home Related 201220102008200620042002 ADSL FTTH(光回線) GSM(cHTML) 広帯域CDMA(HTML/Java) Smartphone ブラウザ 宅外操作 CDDB 機器連携 (DLNA) VOD 状態通知 Security Operational Info ドアホン 来客通知 Apps HEMS スマホ 連携 エアコン 遠隔操作 画像アップロード Cloud Integration allows the information linkage to include everything including smartphones. ID/Passworr Recording history Email Address Device Operation Info Access History CD Ownership List Payment Info Viewing History Vacancy Info Operational Info of each device Image Info Blog/UL Service account info Visitor Info Email address Content Ownership Device Ownership Operational Info of each device. Power Usage Info Payment Info Purchase History 住所氏名 ブログ/SNSアカウント Physical Information Service Account Operation Info Service Account Cloud Integration Address Book Video/Image Account info
  13. 13. The Evolution of Networked Home Appliances Functionality and Information (Near Future) House hold(Audio Visual, Home , Cosmetic) PC, Game terminal,Information terminal Smartphone, Cellphones, Land lines Housing Equipment(Single Family,complexes) 13 Inside the home connecting
  14. 14. The Evolution of Networked Home Appliances Functionality and Information (Near Future) Home Appliances(Audio Visual,House hold,Cosmetic) PC,Game Terminal,Information Terminals Smartphone,Cellphones,Landlines Housing Equipment( Single Family, Complexes) Medical Devices (Individual , Institutional) Public Services(Municipal offices, schools) Public Transportations(Bus、Trains) Cars/Automotive equipment Infrastructure(Power、Gas、Water) Retail(Large scale, individual) 14 Is the era when household appliances , home and public,commercial services are all connected near? Everything is connected Inside the home connecting
  15. 15. Agenda 15 Changes in the feature of connected CE products The risks to connect Performance and trends in the Vulnerability Assessment for connected CE products Security functions required for CE products in the time of IoT Closing
  16. 16. Risks of Home Appliances Having Network Capabilities The possibility of unauthorized access via the network Many devices have global IPs assigned. Possibility of attacks leveraging vulnerabilities in home appliances. Attack by forcing a download of malware Targeted attacks leveraging XSS/CSRF 16 Using search engines you can find sites that hint they are home appliances. Fake Firmware or Contents
  17. 17. CVE-2008-3482 (2008) Network Camera made by Panasonic , Reflected XSS vulnerability Defect in escaping routine of the display on the error page Defcon17 (2009) CSRF vulnerability in household network camera by Panasonic Many vulnerabilities were disclosed for household routers and other embedded web systems. Reported vulnerabilities on CE category: Panasonic case 17 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000037.html http://www.blackhat.com/presentations/bh-usa-09/BOJINOV/BHUSA09-Bojinov-EmbeddedMgmt-PAPER.pdf
  18. 18. Reported vulnerabilities on CE category: example of other case 18 Year Product Outline Manufacturer 2004 Video recorder Accessible without authentication (springboard) Japan 2008 NAS CSRF (remote data deletion) Japan 2010 Digital camera Arbitrary code execution from SD card Japan 2011 MFP Authentication bypass and more Japan & overseas 2012 Digital TV DoS Japan 2012 Many Devices Arbitrary code execution by UPnP vulnerability Japan & overseas 2013 Digital TV DoS & restart by malformed packets Japan & overseas 2013 Smart phone Intrusion of malware through power cable Japan & overseas 2013 Digital TV Authority seizure & remote control by illegal application Overseas 2013 Lighting system Force unable to turn on Overseas 2013 Home GW Vulnerability in authentication, CSRF and more (electric lock unlock by malicious third party) Overseas 2013 Toilet Hard-Coded Bluetooth PIN Vulnerability Japan With the advancement of function, the reports of vulnerability have been increasing after 2012
  19. 19. Agenda 19 Changes in the feature of connected CE products The risks to connect Performance and trends in the Vulnerability Assessment for connected CE products Security functions required for CE products in the time of IoT Closing
  20. 20. Vulnerability Eradication Efforts at Panasonic 20 Base Knowledge (Awareness/Education) Base foundation of knowledge regarding product security Two pillars supporting Product Security Minimize Risk Incident Response Minimize Risk Incident Response Product Security Improving security of products including house hold appliances is an important requirement for Panasonic Network Home Appliances, Embedded Systems, Services
  21. 21. Response based on product lifecycles. 21 ShippingProduct Lifecycle Contamination Prevention (Avoid building vulnerabilities into) Inspection/Removal (Detect vulnerability and remove) Maintain/Improve (Response after shipping) Response Table Top Risk Analysis (Vulnerability Analysis) Security Design ・Secure Coding ・Static Analysis ・Vulnerability analysis (Security Inspection) ・Incident response The need to respond throughout the product lifecycles Sale/ServiceTestImplementDesignPlan Disposal Minimize Risks Incident Response
  22. 22. Response based on product lifecycles. 22 ShippingProduct Lifecycle Contamination Prevention (Avoid building vulnerabilities into) Inspection/Removal (Detect vulnerability and remove) Maintain/Improve (Response after shipping) Response Table Top Risk Analysis (Vulnerability Analysis) Security Design ・Secure Coding ・Static Analysis ・Vulnerability analysis (Security Inspection) ・Incident response The need to respond throughout the product lifecycles Sale/ServiceTestImplementDesignPlan Disposal Minimize Risks Incident Response
  23. 23. Vulnerability Analysis for Panasonic House hold appliances and embedded systems 23 The number and details for the vulnerability are for vulnerabilities found “pre shipping” The detected vulnerabilities were patched prior to shipping These vulnerabilities do not exist in current products available in the general market. Actual results I will present
  24. 24. Vulnerability assessments for Panasonic house hold appliances and embedded systems 24
  25. 25. Vulnerability assessments for Panasonic house hold appliances and embedded systems 25
  26. 26. Trend of vulnerability : Rise period(2003-05) of Connected CE products 26
  27. 27. Trend of vulnerability : Early progressive period(2006-08)of Connected CE products 27
  28. 28. Trend of vulnerability : late progressive period(2009-10)of Connected CE products 28
  29. 29. Trend of vulnerability : Mature stage(2011-13)of Connected CE products 29
  30. 30. Agenda 30 Changes in the feature of connected CE products The risks to connect Performance and trends in the Vulnerability Assessment for connected CE products Security functions required for CE products in the time of IoT Closing
  31. 31. Historical Overview of Function and Data Information of Networked Home Appliances(2010~:Mature Phase) 31 Internet(Household) Cellphones Digital TV Recorder Audio System/Music Digital Camera/Camcorder Health Care Appliances Cooking Appliance Home Related 201220102008200620042002 ADSL FTTH(光回線) GSM(cHTML) 広帯域CDMA(HTML/Java) Smartphone ブラウザ 宅外操作 CDDB 機器連携 (DLNA) VOD 状態通知 Security Operational Info ドアホン 来客通知 Apps HEMS スマホ 連携 エアコン 遠隔操作 画像アップロード Cloud Integration allows the information linkage to include everything including smartphones. ID/Passworr Recording history Email Address Device Operation Info Access History CD Ownership List Payment Info Viewing History Vacancy Info Operational Info of each device Image Info Blog/UL Service account info Visitor Info Email address Content Ownership Device Ownership Operational Info of each device. Power Usage Info Payment Info Purchase History 住所氏名 ブログ/SNSアカウント Physical Information Service Account Operation Info Service Account Cloud Integration Address Book Video/Image Account info
  32. 32. The Evolution of Networked Home Appliances Functionality and Information (Near Future) Home Appliances(Audio Visual,House hold,Cosmetic) PC,Game Terminal,Information Terminals Smartphone,Cellphones,Landlines Housing Equipment( Single Family, Complexes) Medical Devices (Individual , Institutional) Public Services(Municipal offices, schools) Public Transportations(Bus、Trains) Cars/Automotive equipment Infrastructure(Power、Gas、Water) Retail(Large scale, individual) 32 Is the era when household appliances , home and public,commercial services are all connected near? Everything is connected Inside the home connecting
  33. 33. Future prediction Spread to the whole of human life Rapid increase of device Connect to the various industries 33
  34. 34. Spread to the whole of human life 34 Risk of Serious accident Higher reliability Fire due to incorrect control of CE product Invalidation of electric lock security Accident and runaway of automotive Connect to various device of various manufacturer We want to guarantee at least minimum level security Will you need the standard like Industry standard ? it is not the problem of one company Entire House, Linkage to automotive, home security and gas app… Information assets = life of customer The minimum level security ?
  35. 35. Spread to the whole of human life 35 The risk due to share of authentication information Adoption of SSO is also being investigated in CE products Influence of vulnerability will spread to other services that share authentication information it is not the problem of one provider or one vendor Constantly connected communications, share of authentication information Useful … Authentication provider CE Smart phone application Web service Automotive HEMS game CE Share of authentication information What must we do to make product secure ? SNS application
  36. 36. Rapid increase of device 36 Lighting, switch, sensor, electric socket, etc. Maintenance of various and huge amount of devices After vulnerability is reported, software must be updated Lighting, sensor, electric socket…update all ? How to update ? Service engineers ? Automatic update ? Disclaimer of firmware update Lifetime of CE product is long (over 10 years) Up to when ? The update method, the period to continue to care security ?
  37. 37. Connect to the various industries 37 Diversification of I/F, protocol ECHONET Lite, CAN, DLNA… Bluetooth, NFC, TransferJet, ZigBee, Z-Wave… Original communication protocol, 920MHz… Security verification technology must catch up Only knowledge of the IP network is not enough Knowledge other than the IP network is necessary Knowledge of Non-IT engineers will be needed Think tank beyond the type of industry? Diversification of I/F of the linkage to infrastructure, automotive and healthcare, security technology catch up The structure which takes in knowledge of various fields?
  38. 38. Agenda 38 Changes in the feature of connected CE products The risks to connect Performance and trends in the Vulnerability Assessment for connected CE products Security functions required for CE products in the time of IoT Closing
  39. 39. Closing 39 Several billion of IoT(Internet of Things) will be connected It is difficult to guarantee security by one company The approach beyond the industry/type of industry /position must be needed Unite for the IoT security ! Internet Store Social infrastructure Public Service Housing equipment Automotive in-car device Smart phone Information device PC Connected CE product
  40. 40. Contact 41 Analysis Center Panasonic Corporation http://www2.panasonic.co.jp/aec/ns/index.html Sorry, Japanese Only… Panasonic-PSIRT http://panasonic.co.jp/info/psirt/en/ product-security@gg.jp.panasonic.com

×