SlideShare a Scribd company logo
1 of 36
Download to read offline
Technische Universität München

Secure Embedded Systems
eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge

Kolloquium der Fakultät 5 der Universität Stuttgart
17. Dezember 2013
Prof. Dr.-Ing. Georg Sigl
Lehrstuhl für Sicherheit in der Informationstechnik
Technische Universität München
Fraunhofer Institut für Angewandte und Integrierte Sicherheit AISEC
Technische Universität München

Content

• Attack examples on embedded systems
• Future secure embedded systems

2
Technische Universität München

ATTACKS ON EMBEDDED
SYSTEMS
3
Technische Universität München

Attacks on modern cars

Comprehensive Experimental Analyses of Automotive Attack Surfaces
S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K.
Koscher, A. Czeskis, F. Roesner, T. Kohno. USENIX Security, August 10–12, 2011.
4
Technische Universität München

Attacks on industrial control systems: Stuxnet

http://www.faz.net/aktuell/feuilleton/debatten/digitales-denken/trojaner-stuxnet-der-digitaleerstschlag-ist-erfolgt-1578889.html
5
Technische Universität München

Attacks on industrial control systems

Source: http://www.bhkw-infothek.de/nachrichten/18555/2013-04-15-kritische-sicherheitsluckeermoglicht-fremdzugriff-auf-systemregler-des-vaillant-ecopower-1-0/

6
Technische Universität München

Attacks on smart grid through smart meter

7
Technische Universität München

Attacks on medical devices

Source: http://media.blackhat.com/bh-us-11/Radcliffe/BH_US_11_Radcliffe_Hacking_Medical_Devices_Slides.pdf
8
Technische Universität München

Product Piracy
• Estimated damage in machine
construction industry (source VDMA)
– 7.9 Billon Euro (~4% of revenue)
• Steps of pirates
– HW Component identification
– Software extraction
– Rebuilding hardware
– Cloning software

9
Technische Universität München

Trends increasing the security risks
• Network connection
– ES can be attacked through network
– Insecure system

 remote attacks
 attacked through
unprotected ES
 malware

• Standardization in software
– Operating systems (e.g. Linux)
– Web browsers
• Platform design with software configurability  jail break, tuning
• Concentration of multiple functions (multicore)  separation risk
• Significant Know-How in ES
 product piracy
• Hacker = product owner
 hardware attacks

10
Technische Universität München

Threads in Cyber Physical Systems

Network and
Backgroud Systems

Attacks through
broken embedded systems

Attacks out of Cyberspace

Embedded System

BMBF-FKZ: 01IS13020

11
Technische Universität München

FUTURE SECURE
EMBEDDED SYSTEMS
12
Technische Universität München

Requirements for future secure embedded systems
1.
2.
3.
4.

Security for more than 10 years (target 30 years)
Secure machine to machine communication (M2M)
Protection of embedded systems against manipulation and misuse
Fulfillment of typical non functional requirements, i.e.:
– Real time behavior
– Resource limitations (cost, power)
5. Maintain security despite of increasing complexity
6. Protection of intellectual property
7. Secure software update during operation

13
Technische Universität München

Secure embedded system
M2M

other System on Chip

SIM
ID
Actuator

GSM
Trust
Core 1 OS Core 2

Core i
System on Chip

Core n

IO-interfaces

RAM

Flash

ID
Sensor

Peripherals

Hardware
Security
Module
14
Technische Universität München

Secure embedded system: Chip Identities
M2M

other System on Chip

SIM
ID
Actuator

GSM
Trust
Core 1 OS Core 2

Core i
System on Chip

Core n

IO-interfaces

RAM

Flash

ID
Sensor

Peripherals

Hardware
Security
Module
15
Technische Universität München

IDs for Hardware
• Binding of components
– Authentication
– Integrity checking
• Piracy protection
– Encryption with derived keys
• Methods
– Physical Unclonable Functions
(PUF) : fingerprint of a chip
– Fuses (electric or laser)
– Flash memory

16
Technische Universität München

PUFs as security primitive

„Unique“
Physical Property

+

Measurement
Method

=

Authentication,
Key Generation

PUF
+

=

Physical
Unclonable
Function
17
Technische Universität München

Ring Oscillator PUF (Suh and Devadas, 2007) *

• Ring oscillator frequencies depend on manufacturing variations
• Two ROs are compared to obtain a response bit
* G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key
generation. Design Automation Conference, 2007. DAC ’07. 44th ACM/IEEE, pages 9–14, 2007.

18
Technische Universität München

SRAM PUF (Guajardo et al., 2007) *

• Symmetric circuit balance influenced by manufacturing variations
• SRAM cells show a random, but stable value after power-up
* J. Guajardo, S. S. Kumar, G. J. Schrijen, and P. Tuyls. FPGA intrinsic PUFs and their use for IP
protection. In CHES 2007, volume 4727 of LNCS, pages 63–80. Springer, 2007

19
Technische Universität München

Automotive ECUs today and in future
Microcontroller

Microcontroller

NVM

RAM

Code
key

CPU

Code

application

PUF
key

Embedded Flash
65nm √
40nm √
28nm ?
???

CPU

application

Flash
Encrypted Code/Data

Logic Process + external Flash
+ Shrinkable
+ Lower Cost
+ Higher Performance
20
Technische Universität München

Alternatives to PUF based key generation
Microcontroller
RAM

• Fuses
– Electrical
• Reliability: weak

Code

key

CPU

application

– Laser
• Size: very large
• Security: Easy to identify and modify

Flash
Encrypted Code/Data

• OTP (one time programmable memory)
– Cost: comparison with PUF technology open
– Security: memory cells easier to detect, extract and modify
– Programming of key during test increases test complexity

21
Technische Universität München

Reliability of PUFs
• Critical parameters:
– Temperature
– Voltage
– Ageing
• Countermeasures:
– Differential measurement
– Redundancy: Selection of reliable bits (1000 PUF Bits  100
Key Bits)
– Proper design: Design and design parameters must consider
the behavior of temperature and voltage variations as well as
ageing (as for any other circuit design)
22
Technische Universität München

Frequency behavior of an oscillator PUF
f

Osc 3
instable
Osc 4

f

Osc 1 good
Osc 2

f

Osc 5
Osc 6
-40°C

25°C

Critical:
uniqueness may
be compromised

150°C
23
Technische Universität München

State of the Art in error correction
Encoded Key Bits

PUF Bits:
- Reliable 1
- Reliable 0
- Unreliable

PUF Response
Block Borders
Helper Data
u =1
index of selected bit 1

u2=?

u3=3

• All error correctors work on fixed block structure:
e.g. IBS (Yu and Devadas, 2010 *)
• Goal: find one white and one black square in each block of four
• Helper data store the indices of selected bits
* M.-D. Yu and S. Devadas, Secure and robust error correction for physical unclonable functions,
IEEE Design & Test of Computers, vol. 27, no. 1, pp. 48-65, 2010

24
Technische Universität München

Differential Sequence Coding *
Encoded Key Bits
PUF Response
Helper Data
- distance
- inversion
•
•
•
•

No fixed block borders
Helper data store distance to next bit and an inversion indicator
Larger blocks of unreliable bits can be skipped
Most efficient error corrector scheme known to date

* M. Hiller, M. Weiner, L. Rodrigues Lima, M- Birkner and G. Sigl. Breaking through Fixed PUF
Block Limitations with Differential Sequence Coding and Convolutional Codes, TrustED, 2013

25
Technische Universität München

Components of a PUF key store
Challenge

Ci
•
•
•
•
•

Physical
System

Response

Error
Correction

S RCi E

Challenge:
Physical System:
Response:
Error Correction:
Hash Function:

Hash
Function

Helper Data
(Public)

Key

H K

Power-On for SRAM, Ring-Oscillator selection
SRAM, Ring-Oscillators
Stream of Bits
Using public helper data to increase reliability
Removes bias in the key bit distribution
26
Technische Universität München

Secure embedded system: Secure Elements
M2M

other System on Chip

SIM
ID
Actuator

GSM
Trust
Core 1 OS Core 2

Core i
System on Chip

Core n

IO-interfaces

RAM

Flash

ID
Sensor

Peripherals

Hardware
Security
Module
27
Technische Universität München

Tasks of Secure Elements
•
•
•
•
•
•
•
•

Key storage
Asymmetric cryptography (signing and encryption)
Session key generation
Random number generation
Access right check
Integrity check
Attestation
Secure data storage

• Resistance against Hardware attacks!

28
Technische Universität München

Secure Element in a vehicle
• In BMBF Project SEIS (Sicherheit in eingebetteten IP-basierten
Systemen) AISEC integrated a Secure Element in a car.
Internet
Gateway

OEM
Server

Secure Element
29
Technische Universität München

Secure Element in Smart Meter
The BSI Protection Profile
requests a Secure Element in the
Smart Meter Gateway.

Secure
Element

Source: Protection Profile für das Gateway eines Smart Metering Systems; http://www.bsi.bund.de
30
Technische Universität München

Secure Smart Meter
• Java 3.0 Secure Element in Smart Meter
– All security functions enclosed
– Communication end point
• Gateway
– Memory (encrypted)
– Display
– Communication channels
• Advantages:
– High Security through Hardware
Secure Element
– Easier certification

31
Technische Universität München

Secure Elements in mobile phones
3 Secure Elements

• SIM

• Security Chip

• Secure SD Card

32
Technische Universität München

Secure embedded system: Secure Software
M2M

other System on Chip

SIM
ID
Actuator

GSM
Trust
Core 1 OS Core 2

Core i
System on Chip

Core n

IO-interfaces

RAM

Flash

ID
Sensor

Peripherals

Hardware
Security
Module
33
Technische Universität München

Trusted OS

• Trusted execution environment in the system controller
• Virtualisiation for application separation
• Integration of a hardware secure elements as trust anchor
34
Technische Universität München

Trusted OS: Linux Containers (Trust|Me)
Idea: Sandboxed Android using container-based isolation
–

Remote device administration
–

–

Remote access using ssh and other Linux utilities

Storage
–
–

Transparent file encryption (device or file based)

–
–

Filesystem snapshots and recovery
File integrity protection using Linux Security Modules (LSM)

Network
–

–

Transparent tunneling using Virtual Private Networks (VPN)

Graphical User Interface (GUI)
–

Secure display (indicated by LED) and secure input (hardware buttons)

–

Secure PIN entry used to unlock SE in microSD card (key storage)
35
Technische Universität München

Thank You
georg.sigl@aisec.fraunhofer.de
sigl@tum.de

36

More Related Content

What's hot

Application Security
Application SecurityApplication Security
Application Securityflorinc
 
Secure code practices
Secure code practicesSecure code practices
Secure code practicesHina Rawal
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701Amit Pathak
 
Red team and blue team in ethical hacking
Red team and blue team in ethical hackingRed team and blue team in ethical hacking
Red team and blue team in ethical hackingVikram Khanna
 
Level Up! - Practical Windows Privilege Escalation
Level Up! - Practical Windows Privilege EscalationLevel Up! - Practical Windows Privilege Escalation
Level Up! - Practical Windows Privilege Escalationjakx_
 
Design of security architecture in Information Technology
Design of security architecture in Information TechnologyDesign of security architecture in Information Technology
Design of security architecture in Information Technologytrainersenthil14
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouKevin Fealey
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onSplunk
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyPopescu Petre
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on itWSO2
 

What's hot (20)

Application Security
Application SecurityApplication Security
Application Security
 
Secure code practices
Secure code practicesSecure code practices
Secure code practices
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
 
Career in cyber security
Career in  cyber securityCareer in  cyber security
Career in cyber security
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
 
Software security
Software securitySoftware security
Software security
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701
 
Red team and blue team in ethical hacking
Red team and blue team in ethical hackingRed team and blue team in ethical hacking
Red team and blue team in ethical hacking
 
Introduction to ICS/SCADA security
Introduction to ICS/SCADA securityIntroduction to ICS/SCADA security
Introduction to ICS/SCADA security
 
Level Up! - Practical Windows Privilege Escalation
Level Up! - Practical Windows Privilege EscalationLevel Up! - Practical Windows Privilege Escalation
Level Up! - Practical Windows Privilege Escalation
 
Design of security architecture in Information Technology
Design of security architecture in Information TechnologyDesign of security architecture in Information Technology
Design of security architecture in Information Technology
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
Static Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and YouStatic Analysis Security Testing for Dummies... and You
Static Analysis Security Testing for Dummies... and You
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on it
 
Windows Forensic 101
Windows Forensic 101Windows Forensic 101
Windows Forensic 101
 

Viewers also liked

Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
Securing embedded systems (for share)
Securing embedded systems (for share)Securing embedded systems (for share)
Securing embedded systems (for share)AndrewRJamieson
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System SecurityAdel Barkam
 
ppt on embedded system
ppt on embedded systemppt on embedded system
ppt on embedded systemmanish katara
 
Embedded Security and the IoT
Embedded Security and the IoTEmbedded Security and the IoT
Embedded Security and the IoTteam-WIBU
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT:  Powered by KasperskyNext Generation Embedded Systems Security for IOT:  Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by KasperskyL. Duke Golden
 
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of ThingsEnabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Thingsteam-WIBU
 
Embedded based home security system
Embedded based home security systemEmbedded based home security system
Embedded based home security systemNIT srinagar
 
ppt on Smart antennas
ppt on Smart antennasppt on Smart antennas
ppt on Smart antennasRitesh Kumar
 
Steganography Project
Steganography Project Steganography Project
Steganography Project Jitu Choudhary
 
Pmi pmp-resume template-7
Pmi pmp-resume template-7Pmi pmp-resume template-7
Pmi pmp-resume template-7mission_vishvas
 
Journey to sef development
Journey to sef developmentJourney to sef development
Journey to sef developmentM R Jhalawad
 
Vishvas resume template-13
Vishvas resume template-13Vishvas resume template-13
Vishvas resume template-13mission_vishvas
 
Pmi pmbok-resume template-10
Pmi pmbok-resume template-10Pmi pmbok-resume template-10
Pmi pmbok-resume template-10mission_vishvas
 
Resume template 18-cmmaao-pmi
Resume template 18-cmmaao-pmiResume template 18-cmmaao-pmi
Resume template 18-cmmaao-pmimission_vishvas
 
Vishvas resume template-19
Vishvas resume template-19Vishvas resume template-19
Vishvas resume template-19mission_vishvas
 

Viewers also liked (20)

Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
 
Securing embedded systems (for share)
Securing embedded systems (for share)Securing embedded systems (for share)
Securing embedded systems (for share)
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System Security
 
ppt on embedded system
ppt on embedded systemppt on embedded system
ppt on embedded system
 
Embedded Security and the IoT
Embedded Security and the IoTEmbedded Security and the IoT
Embedded Security and the IoT
 
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
Next Generation Embedded Systems Security for IOT:  Powered by KasperskyNext Generation Embedded Systems Security for IOT:  Powered by Kaspersky
Next Generation Embedded Systems Security for IOT: Powered by Kaspersky
 
Embedded System Basics
Embedded System BasicsEmbedded System Basics
Embedded System Basics
 
Enabling embedded security for the Internet of Things
Enabling embedded security for the Internet of ThingsEnabling embedded security for the Internet of Things
Enabling embedded security for the Internet of Things
 
Embedded based home security system
Embedded based home security systemEmbedded based home security system
Embedded based home security system
 
ppt on Smart antennas
ppt on Smart antennasppt on Smart antennas
ppt on Smart antennas
 
Steganography Project
Steganography Project Steganography Project
Steganography Project
 
Polytronics
PolytronicsPolytronics
Polytronics
 
Resume template 1
Resume template 1Resume template 1
Resume template 1
 
Pmi pmp-resume template-7
Pmi pmp-resume template-7Pmi pmp-resume template-7
Pmi pmp-resume template-7
 
Journey to sef development
Journey to sef developmentJourney to sef development
Journey to sef development
 
ПУБЛІЧНА ШКОЛА
ПУБЛІЧНА ШКОЛАПУБЛІЧНА ШКОЛА
ПУБЛІЧНА ШКОЛА
 
Vishvas resume template-13
Vishvas resume template-13Vishvas resume template-13
Vishvas resume template-13
 
Pmi pmbok-resume template-10
Pmi pmbok-resume template-10Pmi pmbok-resume template-10
Pmi pmbok-resume template-10
 
Resume template 18-cmmaao-pmi
Resume template 18-cmmaao-pmiResume template 18-cmmaao-pmi
Resume template 18-cmmaao-pmi
 
Vishvas resume template-19
Vishvas resume template-19Vishvas resume template-19
Vishvas resume template-19
 

Similar to Secure Embedded Systems

Webinar: Potencializando a Indústria 4.0 com tecnologias ST
Webinar: Potencializando a Indústria 4.0 com tecnologias STWebinar: Potencializando a Indústria 4.0 com tecnologias ST
Webinar: Potencializando a Indústria 4.0 com tecnologias STEmbarcados
 
MIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityMIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityCharles Guillemet
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meetingfcleary
 
Vishwanath rakesh ece 561
Vishwanath rakesh ece 561Vishwanath rakesh ece 561
Vishwanath rakesh ece 561RAKESH_CSU
 
System-level Threats: Dangerous Assumptions in modern Product Security
System-level Threats: Dangerous Assumptions in modern Product SecuritySystem-level Threats: Dangerous Assumptions in modern Product Security
System-level Threats: Dangerous Assumptions in modern Product SecurityCristofaro Mune
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsEric Larcheveque
 
Will future vehicles be secure?
Will future vehicles be secure?Will future vehicles be secure?
Will future vehicles be secure?Alan Tatourian
 
Cps security bitsworkshopdec15.2012 (1)
Cps security bitsworkshopdec15.2012 (1)Cps security bitsworkshopdec15.2012 (1)
Cps security bitsworkshopdec15.2012 (1)shanshicn
 
CPSSecurityBITSWorkshopDec15.2012 (1).pptx
CPSSecurityBITSWorkshopDec15.2012 (1).pptxCPSSecurityBITSWorkshopDec15.2012 (1).pptx
CPSSecurityBITSWorkshopDec15.2012 (1).pptxMahendraShukla27
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Ahmed Mohamed Mahmoud
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
1 es introduction
1 es introduction1 es introduction
1 es introductionchethana hs
 
Sicurezza Industrie4.0 - E M Tieghi templ Assintel_short
Sicurezza Industrie4.0 - E M Tieghi templ Assintel_shortSicurezza Industrie4.0 - E M Tieghi templ Assintel_short
Sicurezza Industrie4.0 - E M Tieghi templ Assintel_shortEnzo M. Tieghi
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systemsAlan Tatourian
 
STSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and servicesSTSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and servicesSylvie Boube-Politano
 
[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical Device[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical DeviceICS
 

Similar to Secure Embedded Systems (20)

Webinar: Potencializando a Indústria 4.0 com tecnologias ST
Webinar: Potencializando a Indústria 4.0 com tecnologias STWebinar: Potencializando a Indústria 4.0 com tecnologias ST
Webinar: Potencializando a Indústria 4.0 com tecnologias ST
 
MIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets SecurityMIT Bitcoin Expo 2018 - Hardware Wallets Security
MIT Bitcoin Expo 2018 - Hardware Wallets Security
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
 
Wsanacip tampres cluster meeting
Wsanacip tampres cluster meetingWsanacip tampres cluster meeting
Wsanacip tampres cluster meeting
 
Vishwanath rakesh ece 561
Vishwanath rakesh ece 561Vishwanath rakesh ece 561
Vishwanath rakesh ece 561
 
System-level Threats: Dangerous Assumptions in modern Product Security
System-level Threats: Dangerous Assumptions in modern Product SecuritySystem-level Threats: Dangerous Assumptions in modern Product Security
System-level Threats: Dangerous Assumptions in modern Product Security
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutions
 
Will future vehicles be secure?
Will future vehicles be secure?Will future vehicles be secure?
Will future vehicles be secure?
 
Cps security bitsworkshopdec15.2012 (1)
Cps security bitsworkshopdec15.2012 (1)Cps security bitsworkshopdec15.2012 (1)
Cps security bitsworkshopdec15.2012 (1)
 
CPSSecurityBITSWorkshopDec15.2012 (1).pptx
CPSSecurityBITSWorkshopDec15.2012 (1).pptxCPSSecurityBITSWorkshopDec15.2012 (1).pptx
CPSSecurityBITSWorkshopDec15.2012 (1).pptx
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
1 es introduction
1 es introduction1 es introduction
1 es introduction
 
Sicurezza Industrie4.0 - E M Tieghi templ Assintel_short
Sicurezza Industrie4.0 - E M Tieghi templ Assintel_shortSicurezza Industrie4.0 - E M Tieghi templ Assintel_short
Sicurezza Industrie4.0 - E M Tieghi templ Assintel_short
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
 
Industrial networks safety & security - e+h june 2018 ben murphy
Industrial networks safety & security - e+h june 2018   ben murphyIndustrial networks safety & security - e+h june 2018   ben murphy
Industrial networks safety & security - e+h june 2018 ben murphy
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
Safe and secure autonomous systems
Safe and secure autonomous systemsSafe and secure autonomous systems
Safe and secure autonomous systems
 
STSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and servicesSTSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and services
 
[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical Device[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical Device
 

Recently uploaded

Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Patrick Viafore
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastUXDXConf
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!Memoori
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform EngineeringMarcus Vechiato
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe中 央社
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfFIDO Alliance
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101vincent683379
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsLeah Henrickson
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimaginedpanagenda
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsStefano
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyUXDXConf
 

Recently uploaded (20)

Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!State of the Smart Building Startup Landscape 2024!
State of the Smart Building Startup Landscape 2024!
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 

Secure Embedded Systems

  • 1. Technische Universität München Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge Kolloquium der Fakultät 5 der Universität Stuttgart 17. Dezember 2013 Prof. Dr.-Ing. Georg Sigl Lehrstuhl für Sicherheit in der Informationstechnik Technische Universität München Fraunhofer Institut für Angewandte und Integrierte Sicherheit AISEC
  • 2. Technische Universität München Content • Attack examples on embedded systems • Future secure embedded systems 2
  • 4. Technische Universität München Attacks on modern cars Comprehensive Experimental Analyses of Automotive Attack Surfaces S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno. USENIX Security, August 10–12, 2011. 4
  • 5. Technische Universität München Attacks on industrial control systems: Stuxnet http://www.faz.net/aktuell/feuilleton/debatten/digitales-denken/trojaner-stuxnet-der-digitaleerstschlag-ist-erfolgt-1578889.html 5
  • 6. Technische Universität München Attacks on industrial control systems Source: http://www.bhkw-infothek.de/nachrichten/18555/2013-04-15-kritische-sicherheitsluckeermoglicht-fremdzugriff-auf-systemregler-des-vaillant-ecopower-1-0/ 6
  • 7. Technische Universität München Attacks on smart grid through smart meter 7
  • 8. Technische Universität München Attacks on medical devices Source: http://media.blackhat.com/bh-us-11/Radcliffe/BH_US_11_Radcliffe_Hacking_Medical_Devices_Slides.pdf 8
  • 9. Technische Universität München Product Piracy • Estimated damage in machine construction industry (source VDMA) – 7.9 Billon Euro (~4% of revenue) • Steps of pirates – HW Component identification – Software extraction – Rebuilding hardware – Cloning software 9
  • 10. Technische Universität München Trends increasing the security risks • Network connection – ES can be attacked through network – Insecure system  remote attacks  attacked through unprotected ES  malware • Standardization in software – Operating systems (e.g. Linux) – Web browsers • Platform design with software configurability  jail break, tuning • Concentration of multiple functions (multicore)  separation risk • Significant Know-How in ES  product piracy • Hacker = product owner  hardware attacks 10
  • 11. Technische Universität München Threads in Cyber Physical Systems Network and Backgroud Systems Attacks through broken embedded systems Attacks out of Cyberspace Embedded System BMBF-FKZ: 01IS13020 11
  • 12. Technische Universität München FUTURE SECURE EMBEDDED SYSTEMS 12
  • 13. Technische Universität München Requirements for future secure embedded systems 1. 2. 3. 4. Security for more than 10 years (target 30 years) Secure machine to machine communication (M2M) Protection of embedded systems against manipulation and misuse Fulfillment of typical non functional requirements, i.e.: – Real time behavior – Resource limitations (cost, power) 5. Maintain security despite of increasing complexity 6. Protection of intellectual property 7. Secure software update during operation 13
  • 14. Technische Universität München Secure embedded system M2M other System on Chip SIM ID Actuator GSM Trust Core 1 OS Core 2 Core i System on Chip Core n IO-interfaces RAM Flash ID Sensor Peripherals Hardware Security Module 14
  • 15. Technische Universität München Secure embedded system: Chip Identities M2M other System on Chip SIM ID Actuator GSM Trust Core 1 OS Core 2 Core i System on Chip Core n IO-interfaces RAM Flash ID Sensor Peripherals Hardware Security Module 15
  • 16. Technische Universität München IDs for Hardware • Binding of components – Authentication – Integrity checking • Piracy protection – Encryption with derived keys • Methods – Physical Unclonable Functions (PUF) : fingerprint of a chip – Fuses (electric or laser) – Flash memory 16
  • 17. Technische Universität München PUFs as security primitive „Unique“ Physical Property + Measurement Method = Authentication, Key Generation PUF + = Physical Unclonable Function 17
  • 18. Technische Universität München Ring Oscillator PUF (Suh and Devadas, 2007) * • Ring oscillator frequencies depend on manufacturing variations • Two ROs are compared to obtain a response bit * G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key generation. Design Automation Conference, 2007. DAC ’07. 44th ACM/IEEE, pages 9–14, 2007. 18
  • 19. Technische Universität München SRAM PUF (Guajardo et al., 2007) * • Symmetric circuit balance influenced by manufacturing variations • SRAM cells show a random, but stable value after power-up * J. Guajardo, S. S. Kumar, G. J. Schrijen, and P. Tuyls. FPGA intrinsic PUFs and their use for IP protection. In CHES 2007, volume 4727 of LNCS, pages 63–80. Springer, 2007 19
  • 20. Technische Universität München Automotive ECUs today and in future Microcontroller Microcontroller NVM RAM Code key CPU Code application PUF key Embedded Flash 65nm √ 40nm √ 28nm ? ??? CPU application Flash Encrypted Code/Data Logic Process + external Flash + Shrinkable + Lower Cost + Higher Performance 20
  • 21. Technische Universität München Alternatives to PUF based key generation Microcontroller RAM • Fuses – Electrical • Reliability: weak Code key CPU application – Laser • Size: very large • Security: Easy to identify and modify Flash Encrypted Code/Data • OTP (one time programmable memory) – Cost: comparison with PUF technology open – Security: memory cells easier to detect, extract and modify – Programming of key during test increases test complexity 21
  • 22. Technische Universität München Reliability of PUFs • Critical parameters: – Temperature – Voltage – Ageing • Countermeasures: – Differential measurement – Redundancy: Selection of reliable bits (1000 PUF Bits  100 Key Bits) – Proper design: Design and design parameters must consider the behavior of temperature and voltage variations as well as ageing (as for any other circuit design) 22
  • 23. Technische Universität München Frequency behavior of an oscillator PUF f Osc 3 instable Osc 4 f Osc 1 good Osc 2 f Osc 5 Osc 6 -40°C 25°C Critical: uniqueness may be compromised 150°C 23
  • 24. Technische Universität München State of the Art in error correction Encoded Key Bits PUF Bits: - Reliable 1 - Reliable 0 - Unreliable PUF Response Block Borders Helper Data u =1 index of selected bit 1 u2=? u3=3 • All error correctors work on fixed block structure: e.g. IBS (Yu and Devadas, 2010 *) • Goal: find one white and one black square in each block of four • Helper data store the indices of selected bits * M.-D. Yu and S. Devadas, Secure and robust error correction for physical unclonable functions, IEEE Design & Test of Computers, vol. 27, no. 1, pp. 48-65, 2010 24
  • 25. Technische Universität München Differential Sequence Coding * Encoded Key Bits PUF Response Helper Data - distance - inversion • • • • No fixed block borders Helper data store distance to next bit and an inversion indicator Larger blocks of unreliable bits can be skipped Most efficient error corrector scheme known to date * M. Hiller, M. Weiner, L. Rodrigues Lima, M- Birkner and G. Sigl. Breaking through Fixed PUF Block Limitations with Differential Sequence Coding and Convolutional Codes, TrustED, 2013 25
  • 26. Technische Universität München Components of a PUF key store Challenge Ci • • • • • Physical System Response Error Correction S RCi E Challenge: Physical System: Response: Error Correction: Hash Function: Hash Function Helper Data (Public) Key H K Power-On for SRAM, Ring-Oscillator selection SRAM, Ring-Oscillators Stream of Bits Using public helper data to increase reliability Removes bias in the key bit distribution 26
  • 27. Technische Universität München Secure embedded system: Secure Elements M2M other System on Chip SIM ID Actuator GSM Trust Core 1 OS Core 2 Core i System on Chip Core n IO-interfaces RAM Flash ID Sensor Peripherals Hardware Security Module 27
  • 28. Technische Universität München Tasks of Secure Elements • • • • • • • • Key storage Asymmetric cryptography (signing and encryption) Session key generation Random number generation Access right check Integrity check Attestation Secure data storage • Resistance against Hardware attacks! 28
  • 29. Technische Universität München Secure Element in a vehicle • In BMBF Project SEIS (Sicherheit in eingebetteten IP-basierten Systemen) AISEC integrated a Secure Element in a car. Internet Gateway OEM Server Secure Element 29
  • 30. Technische Universität München Secure Element in Smart Meter The BSI Protection Profile requests a Secure Element in the Smart Meter Gateway. Secure Element Source: Protection Profile für das Gateway eines Smart Metering Systems; http://www.bsi.bund.de 30
  • 31. Technische Universität München Secure Smart Meter • Java 3.0 Secure Element in Smart Meter – All security functions enclosed – Communication end point • Gateway – Memory (encrypted) – Display – Communication channels • Advantages: – High Security through Hardware Secure Element – Easier certification 31
  • 32. Technische Universität München Secure Elements in mobile phones 3 Secure Elements • SIM • Security Chip • Secure SD Card 32
  • 33. Technische Universität München Secure embedded system: Secure Software M2M other System on Chip SIM ID Actuator GSM Trust Core 1 OS Core 2 Core i System on Chip Core n IO-interfaces RAM Flash ID Sensor Peripherals Hardware Security Module 33
  • 34. Technische Universität München Trusted OS • Trusted execution environment in the system controller • Virtualisiation for application separation • Integration of a hardware secure elements as trust anchor 34
  • 35. Technische Universität München Trusted OS: Linux Containers (Trust|Me) Idea: Sandboxed Android using container-based isolation – Remote device administration – – Remote access using ssh and other Linux utilities Storage – – Transparent file encryption (device or file based) – – Filesystem snapshots and recovery File integrity protection using Linux Security Modules (LSM) Network – – Transparent tunneling using Virtual Private Networks (VPN) Graphical User Interface (GUI) – Secure display (indicated by LED) and secure input (hardware buttons) – Secure PIN entry used to unlock SE in microSD card (key storage) 35
  • 36. Technische Universität München Thank You georg.sigl@aisec.fraunhofer.de sigl@tum.de 36