ECE 424 ECE 424 Embedded Systems Embedded Systems

DesignDesign

Embedded System SecurityChapter 14

Ning Weng

Is your System SecureIs your System Secure

2

Security Requirements from User prospectiveSecurity Requirements from User prospective

3From: Security as a New Dimension in embedded system Design By Paul Kocher, Ruby Lee, Gary McGraw, Anand Ragunathan and Srivaths Ravi

4

Basic Security Function o Confidentiality

• Only authorized user can accesso Integrity

• Information should not be altered in any unintended way.o Authentication

• Data sent and received by appropriate parties rather than masqueraders

User Identificationo embedded system should be restricted to a selected set of

authorized users Secure Network Access

o Access to a network or a service has to be provided only if the device is authorized.

5

Availabilityo protection against disruption of service Secure StorageoSecuring information in the embedded system’s storage devices, external or internal to the system Content Security oProtect the rights of the digital content used in the system. Tamper ResistanceoIt should maintain the security requirements when the device falls into the hands of malicious parties, and can be physically or logically probed

Consequence of People, Process and TechnologyConsequence of People, Process and Technology

6

Factors Security Measures Attack

PeopleTraining users about security risks and common pitfalls

Phishing attack

ProcessMake rules and procedure more complicated

Attacker tries to lock out user accounts and send phishing messages with false instruction to re-enable accounts.

TechnologyRegular update and apply of security-related patches

Software with an exploitable weakness is targeted and attacked

OutlineOutline Introduction Security Concepts and Building Blocks Major Security Attacks Conclusion

7

Encryption and CryptographyEncryption and Cryptographyo Encryption: process of transforming information (referred to

as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing a private key. • Ex: Single-Key encryption

•

• Generate a Key that only user knows. Crypto algorithm like GPG translates the key into numerical form that is used to randomize the bits in the file, that needs to be encrypted and makes the file inaccessible to user without password.

8

Asymmetric-Key Cryptography (RSA)Asymmetric-Key Cryptography (RSA)

9

User generates key pair, consists of Private key and Public Key. Private key is a secret and known only to owner Public key is for anyone who wants to send message to the owner, they

encrypt with public key and user can open it using private key. Private key and public key are mathematically related. RSA features to put signature along with encryption, so that user can

authenticate the sender by decrypting using public key of sender. Problem with RSA is exchange of Public key. Certificate Authorities solves the problem of exchange of keys.

• Also known Secure Sockets Layer (SSL)• It is an application-level security protocol, built in web browsers. • TLS enables web security with following rules

o Public- Key encryption is used to authenticate clients and server.o Single-Key encryption is used to secure communication between

two applications.o Cryptographic signatures are used to ensure message integrity.o Certificates and Certificate authorities are used to associate names

with public keys in trusted manner.• TLS works with handshake and concludes by creating a secure

communication channel.• Lets go through the example how handshake works and creates

the secure channel with http://mail.google.com

10

Transport Layer Security (TLS)Transport Layer Security (TLS)

11

Secure Shell(SSH)Secure Shell(SSH)

12

It is a network protocol for secure data communication, remote shell services or command execution in Linux or Unix systems. It is primarily used to enable secure remote connections. Once SSH is installed private and public keys are created. First time when user establishing connection, the public key for the remote mechine will be appended to ~/.ssh/known_host file. Once the client machine has authenticated and gotten public key, it can use it to encrypt communication. SSH also allows to log in with public key but user must create their key pair by executing

o ssh-keygen –t rsa

13

Ex: Connecting to Remote Server

14

Key generation:

15

Private Key and Public Key

Security Architecture for IP: IPSecSecurity Architecture for IP: IPSec

16

Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session.  All protocols based on TCP and UDP inherit the security benefits of IPSec. Can access server securely within company’s network. Also provides secure access to remote employees and machines. Two operating mode supported by IPSec

o Transport ModeOnly the payload of the IP packet is usually encrypted. Used for host-to-host communications.

o Tunnel ModeThe entire IP packet is encrypted and/or authenticated. It is then encapsulated into a new IP packet with a new IP header. Used to create virtual private networks for network-to-network communications 

Two factor AuthenticationTwo factor Authentication

17

Two-factor authentication is an approach to authentication which requires the presentation of "two or more" of the three authentication "factors" ("something the user knows like password", "something the user has private keys paired with public keys", and "something the user is, like finger prints, iris pattern"). It is an attempt to increase the difficulty involved with defrauding authentication schemes.

OutlineOutline Introduction Security Concepts and Building Blocks Major Security Attacks Conclusion

18

Buffer OverflowIt is a stack based buffer overflow, or buffer over-run, is an anomaly where

a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety.

o Ex:

o Trouble with this code is it takes no steps to determine buffer destination.

o Attacker may take advantage in one of several ways:• By overwriting a local variable that is near the buffer in

memory on the stack to change the behavior of the program which may benefit the attacker.

• By overwriting the return address in a stack frame. Once the function returns, execution will resume at the return address as specified by the attacker, usually a user input filled buffer.

• By overwriting a function pointer, or exception handler, which is subsequently executed.

19

SQL Injectiono SQL is the language for relational database, where information is represented

by tables with columns that refer to one another in order to express relationships between the data.

o Websites and web applications uses database to store user logins and associated data.

o Ex: Web applications retrieve user information from database as shown below

o Resulting SQL statement destroys information and also may insert new user, write new files to web directories or modify user information. 20

Denial of Service (DOS)o It attacks availability of resource.o 3 categories of DOS

• Resource Exhaustion• Resource interruption• Active interference

o Resource Exhaustion would prevent valid users from accessing the software, and it could potentially have an impact on the surrounding environment.

o Resource interruption , a target is rendered ineffective by interrupting access to a key resources or service. Ex: If DNS service is interrupted, many remote systems become unreachable.

o Active interference is if a attacker knows destination IP address and ports used by target machine and forge illegitimate packets that appear to come from Dest IP address, attacker can shut down TCP connections by sending TCP/RESET packet.

Social Engineering and Phishingo It is the context of security, is understood to mean the art

of manipulating people into performing actions or divulging confidential information .

21

Software in embedded systems is a major source of security vulnerabilities. The requirements level: Security requirements must cover both overt functional security (e.g., the use of applied cryptography) and emergent characteristics. The design and architecture level: A system must be coherent and present a unified security architecture that takes into account security principles (such as the principle of least privilege) The code level: Static analysis tools — tools that scan source code for common vulnerabilities — can discover implementation bugs at the code level.

Counter Measures against Software attacks

22

From: Security as a New Dimension in embedded system Design By Paul Kocher, Ruby Lee, Gary McGraw, Anand Ragunathan and Srivaths Ravi23

FirewallsFirewalls

Firewall is a device or software layer that filters out packet based on a set of rules that define which packet can be allowed through and which should be dropped.

Firewalls operate beneath the operating system networking stack. It is low enough in packet processing sequence that drops decision can be made before assigning the system resource and avoid SYN flood attacks.

Firewall operates with chain of sequence of rules.

If the packet matches rules defined above it is accepted. Else it is evaluated against the next rule.

24

FirewallsFirewalls Five default chains

INPUT, OUTPUT, FORWARD, PREROUTING, POSTROUTING

25

Servers and LogsServers and Logs

To make system more secure it is always a good habit to maintain Logs of the system activity.

List of logs Embedded system should probably maintaino Failed Login attemptso Web Server and database access logso Firewall logs

26

Hardware AttacksHardware Attacks

The design of secure hardware is often overlooked in the product development life cycle, leaving many devices vulnerable to hacker attacks.

The critical components in your circuit needs to be protected Critical components may include specific algorithms, device

identifiers, digital media, cryptographic keys, complete product firmware, or other product-specific data.

Some the major hardware attacks are ono Emission and immunityo Board levelo Memory Deviceso Power supply

27

MemoryMemory

Most memory is insecureo Can be read with standard device programmer

Difficult to securely and totally erase data from RAM and non-volatile memoryo Remnants may exist and be retrievable from devices long after power is

removed

SRAM-based FPGAs most vulnerable to attacko Must load configuration from external memoryo Bit stream can be monitored to retrieve data

28

Memory counter measures Memory counter measures

Protect against I/O scan attackso Attacker cycles through all possible combinations of inputs to determine

outputso Use unused pins to detect probing

Security fuses and boot-block protectiono Enabled for "write-once" access to a memory area or to prevent full read

back Implement if available

Advanced memory management consists of using an FPGA or other circuitry to perform hardware-based bounds checking by monitoring the address bus or buses. By doing so, one can restrict read/write access to defined memory.

29

Power SupplyPower Supply

30

Using a low-dropout linear regulator or DC-DC converter will help ensure that the circuitry in the product receives power within its expected range, regardless of an improper voltage supplied at the input. Such circuitry can obviously be bypassed if the attacker has access to the board. In SPA (Simple Power Analysis),DPA(Differential Power Analysis) an attacker directly observes a system's power consumption, which varies based on the operation that the microprocessor is performing. Using SPA and DPA attacker can easily guess cryptographic keys.

Power attack Counter MeasuresPower attack Counter Measures

31

Define minimum and maximum operating limitso Ex: Comparators, watchdogs, supervisory circuits

Do not rely on end user to supply a voltage within recommended operating conditions

o Implement linear regulator or DC-DC converter

SecuritySecurity• Reasons: Information value and inexpensive to

duplicate, store and transfer• Attacks: Malicious and misuse

Ning Weng ECE 424 32

Courtesy of Trusted Computing Group

OutlineOutline Introduction Security Concepts and Building Blocks Major Security Attacks Conclusion

33

ConclusionConclusion

34

Hardware is now more accessible to hackers than ever before. Both software and hardware security is important.Simplest attacks known for decades still workUse at least basic security .New skills and techniques continually beingdeveloped and shared.Determine what to protect, why you are protecting it, and who you are protecting against Nothing is 100% secure, but being an engineer make the best of it.