introduction to Embedded System Security

for know the ABC of a EmbeddedSystemSecurity
Adel Barkam
Mohammad BaqeriKashani 2015,October
Micro Processor Course / SRTTU

1- M. Tehranipoor and C. Wang, Introduction to Hardware Security and Trust,
Springer, 2011
2- Alexander Biedermann and H. Gregor Molter (Eds.),Design Methodologies for
SecureEmbeddedSystems,springer,2010
3- catherine H.Gebotys ,security in embedded devices , springer 2011
4- david kleidermacher,Mike Kleider macher ,introduction to embedded system security,
ELSEVIER,2012
5- Hajimohseni Sadegh,A Study on HT design and detection methods,Shahed University,2013
6- Keith E. Mayes and Konstantinos Markantonakis , Smart Cards, Tokens, Security and
Applications , springer 2012
7- …
7/27/2016 Introduction to Embedded System Security 2

 What is embedded system?
 Examples of ES.
 What is embedded system security?
 Embedded System Security Vs.
Hardware Security
 Why Embedded System Security ?
 Attacks on embedded system
 Embedded Software Attacks
 Embedded software
 Frimware Vs. OS
 Embedded Hardware Attacks
 Types of Hardware Attacks
 PROBING Attacks
 Side-Channel Attacks
 Types of Side-Channel Attacks
 Power Analayse
 Simple Power Analayse (SPA)
 Diffrential Power Analayse (DPA)
 ElectroMagnetic Analyse
 Timing Analyse
 Fault induction
 Methods of Fault induction
 Any Question?
 Case Study for interested
 Our mission
 The end.

An embedded system is an electronic product that
contains a microprocessor (one or more) and
software to perform some constituent function within a
larger entity.

Embeddedsystem examples are widesly from a RFID tag to satelite!
 in aircraft: - traffic collision avoidance system(TCAS);
- communication, navigation, and surveillance system (CNS);
- electronic flight bag system (EFB)
 in automobile: - infotainment “head-unit,”
- antilock breaking system,
- powertrain engine control unit,
- digital instrument cluster, and ...
 network devices: Switch,Router,AccessPoint,...
 Some devices: - WSN
- Cell Phones
- PDAs
- smart cards
- Household Appliances
- Digital Cameras , ....

 Security:
Security is the ability of an entity to protect resources for which it
bears protection responsibility.
 Embedded system security:
Embedded system Security is the ability of an embedded system to
protect resources for which it bears protection responsibility.

“September 2007, Israeli jets bombed a suspected nuclear installation in northeastern Syria.
Among the many mysteries still surrounding that strike was the failure of Syrian radar, supposedly
state of the art, to warn the Syrian military of the incoming assault. It wasn’t long before military
and technology bloggers concluded that this was an incident ofelectronic warfare and not just any
kind. Post after post speculated that the commercial offthe-shelf microprocessors in the Syrian
radar might have been purposely fabricated with a
hidden “backdoor” inside. By sending a preprogrammed code to those chips, an unknown
antagonist had disrupted the chips’ function and temporarily blocked the radar”
Source : IEEE spectrum, 2007.

 A hidden 'back door' in a computer chip could allow cyber-criminals a way to
override and control computer systems on Boeing 787s
-- dailymail.co.uk , 30th May 2012
Computer Chip in a Commercial Jet Compromised

 The Stuxnet worm is likely the first malware to directly target embedded
process control systems.
 Stuxnet infiltrated Siemens process control systems
at nuclear plants by first subverting the
MicrosoftWindows workstations operators
use to configure and monitor the
embedded controlelectronics
 SCADA networks are
controlled by common PCs

 Embedded Software Attack
 Embedded Hardware Attack

 Embedded software is computer software, written to control
machines or devices.
 Embedded Software Component :
 Firmware
 OS
 Program or Script

 Firmware:
For any device( printer, scanner, digital camera, etc.) to start running, It
should have an initial program to run when it is powered up/booted.
It is also called as bootstrap program, BIOS. It is mounted on ROM(a
non-volatile memory, whose contents are permanent). Firmware locates the
operating system's kernel and loads it into primary memory(RAM) at the
time of startup. assembly or C/C++.
 Operating System:
A complete software stack that manages Embedded's hardware and sets up
an environment for the applications to run. In other words, an operating
system performs the designated task of the device. Kernel is at the bottom
of this software stack and keeps running as long as your device is up and
running. When I say Operating system managing the hardware, It is
actually Kernel that manages any requests to hardware
resources(CPU,memory,input,output).

 There is a lot of embedded OS,
 typically a real-time operating system(RTOS).
 LynxOS, VxWorks, BeRTOS, ThreadX, to Windows CE or Linux
(with patched kernel).
 Others OS: OpenWrt, PikeOS, eCos, Fusion RTOS, Nucleus RTOS,
RTEMS, INTEGRITY, uC/OS, QNX, FreeBSD ,Tiny OS , and OSE.

 The software in an embedded system is a source of security
vulnerability.
 Firmware or OS vulnerabilities.
 Three factors which make security risks in software
 Complexity
 Extensibility
 Connectivity

 Complexity
 Software is complicated
 More lines of code
▪ Increases possibility of bugs and security vulnerabilities
 Unsafe programming languages being used
 C and C++ are most common

 Extensibility
 Modern software systems are designed to be
extended
 Updates
 Extensions
 Loadable device drivers and modules

 Connectivity
 Embedded systems are being connected to the Internet
 Possible for small failures to occur leading to security
breaches
 Attacker no longer needs physically access to system
▪ Use a series of automated attacks

 Monitoring attack
 Manipulation attack
 Substitution attack
 Replay attack
 Modification attack
 Spoofing attack

 Eavesdropping
 Use of probes to eavesdrop on inter-component communications
 Micro-probing
 Use normal communication interface and abuse security vulnerabilities

 De-packaging is done by
using fuming acid
A Smart Card Chip Surface
with Readily Identifiable Features

 Once de-packaged, the next step is layout
reconstruction
 During reconstruction internals of chip and be
inferred
 Micro-probing can be used to observe values on
buses

 Reverse engineering can target the internal design.
 An attacker can find potential weaknesses in the chip.
 In modern smart cards, various features used to inhibit reverse
engineering are implemented using glue logic.

 Classic cryptography views the secure problems with
mathematical abstractions
 Recently, many of the security protocols have
been attacked through physical attacks
 Exploit weaknesses in the cryptographic system hardware implementation aimed to
recover the secret parameters
 Modern cryptography is based on Kerckhoffs's -> assumption
all of the data required to operate a chip is entirely hidden in
the key

 A Side-Channel attack is any attack based on
information gained from the physical implementation
of a cryptosystem(embedded system).

 Power Consumption:
Logic circuits typically consume differing amounts of power
based on their input data.
 Electro-Magnetic:
EM emissions, particularly via near-field inductive and
capacitive coupling, can also modulate othe signals on the die.
 Optical:
The optical properties of silicon can be modulated by
altering the voltage or current in the silicon.
 Timing and Delay:
Timing attacks exploit data-dependent
differences in calculation time in cryptographic algorithms.
 Acoustic :
The acoustic emissions are the result of the
piezoelectric properties of ceramic capacitors

 Simple side-channel attacks
directly map the results from a small number of traces of the
side channel to the operation of DUA
 Differential side-channel attacks
exploit the correlation between the data values being processed and the
side-channel leakage
 Template side-channel attacks

 attacker studies the power consumption of a cryptographic hardware
device (such as a smart card, tamper-resistant "black box", or integrated
circuit).

 Variations in power consumption occur as the device
performs different operations.
 different instructions performed by a microprocessor will have
differing power consumption. As a result, in a power trace
from a smart card performing a DES encryption, the sixteen
rounds can be seen clearly.

• Input: 64 bits (a block)
• Li/Ri– left/right half of the input block
for iteration i (32 bits) – subject to
substitution S and permutation P (cf. Fig 2-8–
text)
• K - user-supplied key
• Ki - round key:
– 56 bits used +8 unused
(unused for E but often used for error checking)
• Output: 64 bits (a block)
• Note: Ri becomes L(i+1)
• All basic op’s are simple logical ops
– Left shift / XOR
[Fig. – cf. J. Leiwo]
K1
K16
Input
Input Permutation
L0 R0
S
P
K
R1L1
L16 R16
Final Permutation
Output7/27/2016 Introduction to Embedded System Security 32

 The upper trace – entire encryption, including the
initial phase, 16 DES rounds, and the initial
permutation
 The lower trace – detailed view of the second and
third rounds

 Similarly, squaring and multiplication operations in RSA
implementations can often be distinguished, enabling an adversary
to compute the secret key.
 if the magnitude of the variations in power consumption are small,
standard digital oscilloscopes can easily show the data-induced variations.
 This example of RSA in smart card, key is : 00 111

 A side-channel attack which involves statistically
analyzing power consumption.
 attack exploits biases varying power consumption of
microprocessors operations using secret keys.
 DPA attacks have signal processing and error
correction properties which can extract secrets from
measurements.

 Step 1- data collection:
 Step2- data analyse:

Green *7

 Developers are great interest to reduce the time
implementation
 Running time of a crypto processor can be used as an
information channel
 The idea was proposed by Kocher
 These kind of attacks generally require a large amount of
samples of timings.

 Statistical analysis Time of encrypting data
processing
 SNR will be effective in successfully
 These probabilities are then used to guess a
key.

 Ex. Of timing analysis for RSA decryption by kocher’s
observation

 Mess with environmental conditions to induce fault in
execution; e.g.,
 clock frequency
 voltage
 temperature
 May require de-packaging, but is not always tamper-
evident

 Card Tears
 Physical
 putting a 0 or 1 on a databus line
 Glitching (late 1990s)
 causing one or more flipflops or instruction jumps
 affect EEPROM & ROM

 Insert computational fault
 Null key (exploiting two keys being combined in the
wrong way)
 Wrong crypto result (Differential Fault Analysis –
DFA)

 Fpga security
 IP protection
 BBP security
 Jtag security ,USB security
 Hardware trojan
 IC security & Trust
 …

 Research About this subjects
 Training this subjects
 Formation of a embedded security team in srttu
 >> See Hacking with Heat!!!

introduction to Embedded System Security

introduction to Embedded System Security

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (7)

Similar to introduction to Embedded System Security

Similar to introduction to Embedded System Security (20)

Recently uploaded

Recently uploaded (20)

introduction to Embedded System Security