security is something we don't like but we cant do without it, as embedded systems growing news vulnerabilities are shown, here is some powerful steps to secure an embedded system.
2. AGENDA
What is Security ?
What is an Embedded System ?
Who are the attackers ?
Physical attack
Secure boot technique
Security Requirements
Security basics
Steps to secure embedded system
3. WHAT IS SECURITY ?
• Security is the ability of an entity to protect resources for which
it bears protection responsibility.
• Security, in information technology (IT), is the defense of digital
information and IT assets against internal and external, malicious
and accidental threats.
4. WHAT IS AN EMBEDDED SYSTEM ?
An embedded system is an electronic
product that contains a microprocessor
(one or more) and software to perform
some constituent function within a
larger entity.
5. WHAT IS AN EMBEDDED SYSTEM ?
• An embedded system is a controller programmed and
controlled by a real-time operating system (RTOS) with a
dedicated function within a larger mechanical or electrical
system, often with real-time computing An embedded system
on a plug-in card with processor, memory, power supply, and
external interfaces constraints.
• But how we define “Embedded” ?
– Essentially, if you inherently know there’s a computer in there some place, but
don’t see a keyboard, mouse, and monitor, it’s probably embedded
6. WHY EMBEDDED SYSTEM SECURITY?
“September 2007, Israel jets bombed a suspected nuclear
installation in northeastern Syria. Among the many mysteries
still surrounding that strike was the failure of Syrian radar,
supposedly state of the art, to warn the Syrian military of the
incoming assault. It wasn’t long before military and
technology bloggers concluded that this was an incident of
electronic warfare and not just any kind. Post after post
speculated that the commercial off the-shelf microprocessors
in the Syrian radar might have been purposely fabricated with
a hidden “backdoor” inside. By sending a preprogrammed
code to those chips, an unknown antagonist had disrupted
the chips’ function and temporarily blocked the radar”
Source : IEEE spectrum, 2007.
7. WHY EMBEDDED SYSTEM SECURITY?
• The Stuxnet worm is likely the first
malware to directly target embedded
process control systems.
• Stuxnet infiltrated Siemens process
control systems at nuclear plants by
first subverting the Microsoft Windows
workstations operators use to
configure and monitor the embedded
control electronics
• SCADA networks are controlled by
common PCs
8. WHO ARE THE ATTACKERS ?
The attackers actually fall in three basic
categories
• Amateur hackers (Script kiddies)
A script kiddie or “skiddie” is someone who lacks
programming knowledge and uses existing
software to lunch an attack. Often a script kiddie
will use these programs without even knowing
they work or what they do
9. WHO ARE THE ATTACKERS ?
• Professional hackers
Blackhat
Like all hackers, black hat hackers
usually have extensive knowledge
about breaking into computer
networks and bypassing security
protocols. They are also responsible
for writing malware, which is a
method used to gain access to these
systems.
10. WHO ARE THE ATTACKERS ?
• Professional hackers
Whitehats
White hat hackers are choose to use
their powers for good rather than
evil. Also known as “ethical hackers
white hat hackers can sometimes be
paid employees or contractors working
for companies as security specialists that
attempt to find security holes via
hacking
11. WHO ARE THE ATTACKERS ?
• Professional hackers
Grayhats
As in life, there are gray areas
that are neither black nor
white. Gray hat hackers are a
blend of both black hat and white
hat activities.
12. WHO ARE THE ATTACKERS ?
• State-sponsored hackers
The state-sponsored hackers are
typically black hat, they are paid by
a government to find and obtain
important informations
13. PHYSICAL ATTACK
Physical access
Physical Access is a Problem
• Any time you allow physical access to a
sensor, data processing or network
communications equipment you open up
security vulnerabilities
• There are a number of physical attacks
against computer platforms that simply
can’t be done remotely
– Ranging from simply unplugging power to
sophisticated electromagnetic techniques
such as Differential Power Analysis
14. PHYSICAL ATTACK
• Direct physical access requires the attacker to access the device
physically. However, the attacker might not need any privileges
to access the service of the device
• Techniques to thwart physical access include:
– Adding anti-temper sensor
– Placing the device in anti-temper case
– Using special screws
– Removing debugging interfaces
• All of this can be defeated giving enough time
– Assume that your device will be compromised sooner or later
15. PHYSICAL ATTACK
Side-Channel Attack
• A Side-Channel attack is any attack
based on information gained from
the physical implementation of a
cryptosystem(embedded system).
16. PHYSICAL ATTACK
Power Analyze Attack
• attacker studies the power
consumption of a
cryptographic hardware
device (such as a smart
card, tamper-resistant
"black box", or integrated
circuit).
17. SECURE BOOT TECHNIQUES
Firmware:
For any device( printer, scanner, digital
camera, etc.) to start running, It should
have an initial program to run when it is
powered up/booted. It is also called as
bootstrap program, BIOS. It is mounted
on ROM(a non-volatile memory, whose
contents are permanent). Firmware
locates the operating system's kernel and
loads it into primary memory(RAM) at
the time of startup. assembly or C/C++.
18. SECURE BOOT TECHNIQUES
• There is typically a window of vulnerability for any system
during the boot sequence
– Fortunately, there are now techniques to address this
• There are several approaches to ensuring that the computer
boots with known-good software images
– Most of this rely on the availability of security hardware such as
smart card or trusted Platform Module (TPM)
19. SECURITY REQUIREMENTS
• Confidentiality
– This is probably one of the easiest characteristics of security to
understand
– The goal of confidentiality is simply that no unauthorized
individuals can read the data you want protected
– Confidentiality is often associated with privacy
• But, we can achieve privacy without encryption
20. SECURITY REQUIREMENTS
Integrity
• verifies the correctness and ensures that stored and transmitted
sensitive data is protected against corruption.
• Integrity encompasses a couple of different concepts
– System integrity
– Message integrity
• System integrity can be addressed initially by ensuring a secure
boot cycle
• Message integrity is a somewhat different matter
– We need to concern ourselves that the message was delivered intact
– And, we need to ensure that the message wasn’t modified
21. SECURITY REQUIREMENTS
• Authentication
– Authentication is the act of verifying a claim of identity . When
John Doe goes into a bank to make a withdrawal, he tells the bank
teller he is John Doe, a claim of identity, the bank teller asks to see
a photo ID, so he hands the teller his driver’s license. The bank
teller checks the license to make sure it has John Doe printed on it
and compares the photograph on the license against the person
claiming to be John Doe . If the photo and name match the
person, then the teller has Authenticated that John Doe is who he
claimed to be. Similarly, by entering the correct password, the
user is providing evidence that he is the person the username
belong to.
22. SECURITY REQUIREMENTS
• Authentication
– There are three different type of information that can be used for
authentication
• Something you know : things such as a PIN, Password
• Something you have : such as a smart cart
• Something you are : biometrics, fingerprints, voice prints
– Strong authentication requires providing more than one type of
authentication
23. SECURITY REQUIREMENTS
• Authorization
– after a person, program or computer has successfully been
identified and authenticated then it must be determined what
informational resources they are permitted to access and what
actions they will be allowed to perform (run, view, create, delete,
or change). This is called authorization. Authorization to access
information and other computing services begins with
administrative policies and procedures.
24. SECURITY BASICS
• Disable services / exclude tools / minimize attack surface
• Use writable storage only when you must
• Regular updates, automatic updates! Signed updates
• Mandatory access control (SELinux)
• Increase complexity in system, increase level of efforts to
secure it
25. STEPS TO SECURE EMBEDDED SYSTEM
• Physical Security for Embedded Devices
– Remove any debugging interfaces
• Blow the e-fuses, if available, to prevent access to internal registers or
storage
– Place the unit in a tamper-resistant case
• Use potting, special screws, etc.
– Assume the device will be compromised physically
26. STEPS TO SECURE EMBEDDED SYSTEM
• Data Security on Embedded Devices
– Implement a secure boot mechanism
– Eliminate all non-essential services and software
– Periodic auditing of installed software
– Monitor and install software updates for the system regularly
– Two-factor authentication for accessing the system
27. STEPS TO SECURE EMBEDDED SYSTEM
• Network Security
– Know what devices are on your network
• Periodically re-inventory to detect new devices
– Implement IPv4 and IPv6 firewall policies
– Plan for periodic updates to your networking equipment firmware
– Close all non-essential ports and network services
• can devices with tools like nmap, SATAN, SAINT, etc.
– Use VPNs for extended-term communications link requirements
– Consider hiring penetration testers periodically
28. CONCLUSION
• “The art of war teaches us to rely not on the likelihood of the
enemy’s not coming, but on our own readiness to receive
him; not on the chance of his not attacking, but rather on
the fact that we have made our position unassailable”