Embedded System Security Professor Patrick McDaniel Charles Sestito - PowerPoint PPT Presentation

Embedded System Security Professor Patrick McDaniel Charles Sestito Fall 2015

Embedded System • Microprocessor used as a component in a device and is designed for a specific control function within a device ‣ Used In: • Cell Phones • Household appliances • Camera • And more Page

Requirements • Low cost • Fast • Fit within hardware and software constraints • Size (must be small) • Reliable • Reactive • Real-time Page

Attacks on systems • Many different types of attacks ‣ Embedded Software Attacks ‣ Physical Attacks ‣ Logical Attacks ‣ Timing Analysis ‣ Power Analysis ‣ Fault Induction ‣ Electromagnetic Analysis Page

Embedded Software Attack • Three factors that contribute to security risks in embedded software ‣ Complexity ‣ Extensibility ‣ Connectivity Page

Complexity • Software is complicated • The more complex the code, the more possibly bugs and vulnerabilities • Unsafe programming language ‣ C++ is very common Page

Extensibility • Modern systems are designed to be extended ‣ Updates ‣ Extensions • Loadable device driver and modules must be accounted for Page

Connectivity • Some embedded systems are being connected to the internet ‣ Even more so with IoT • Possible small failures could lead to security breaches • Attacker can use series of automated attacks Page

Physical Attack • Eavesdropping ‣ Probes listen in on inter-component communications • Micro-probing ‣ Use normal communication interface and abuse security vulnerabilities ‣ De-packaging Page

De-Packaging • Use fuming acid to dissolve resin covering silicon of a chip package • Recontruct the layout using a systematic combination of microscopy and invasive removal of covering layers ‣ Internals of the chip can be inferred ‣ Can obtain ALU, ROM cells, instruction decode, and more in detailed view with this technique • Microprobe to observe interfaces between components Page

Logical Attack • Send messages to device, observe response • Trick device into revealing the key • Exploits design flaws Page

Timing Analysis • Keys can be determined by analyzing small variations in the time required to perform cryptographic computations Page

Power Analysis • Operating current drawn by hardware is correlated to computations being performed • In most IC’s, logic gates and losses due to parasitic capacitance are major contributors to power consumption • Two types ‣ Single power analysis ‣ Differential Power analysis Page

Fault Induction • Security isn’t only software dependant ‣ Hardware failing to make proper computations is a security vulnerability • RSA implementation can be compromised if any computation errors Page

Electromagnetic Analysis • Documented since the 80’s • Measures electromagnetic radiation emitted by device to reveal sensitive information • Success deployment requires knowledge of chip layour • Two types ‣ Simpler EMA (SEMA) ‣ Differential EMA (DEMA) Page

Design challenged • Processing Gap • Battery Gap • Flexibility • Tamper Resistance • Assurance Gap • Cost Page

Processing Gap • Some systems are not capable of keeping up with computational demands of security processing ‣ Increase data rates and complexity of security protocols • Processing gap is obvious in systems which need to process high data rates ‣ Network routers, firewalls, web servers Page

Battery Gap • Battery capacity increases at an average of 5-8% per year • Security processing energy requirements outpace the increase in battery capacitance ‣ Leads to battery gap Page

Flexibility • Embedded systems often required to execute multiple and diverse security protocols • Need to be able to support ‣ Multiple security ‣ Interoperability in different environments ‣ Security processing in different layers of the network protocol stack Page

Tamper Resistance • Attacks due to malicious software ‣ Most common • Viruses • Trojan Horses ‣ Can exploit OS vulnerabilites ‣ Disrupt normal functioning Page

Assurance Gap • Truly reliable systems are much more difficult to build • Reliable systems must be able to handle wide range of situations • Secure systems should be able to operate despite attacks • Increase in complexity makes it more difficult to realize if something was overlooked Page

Cost • Fundamental factor that influences the security architecture • Increase in security leads to increase in cost • Designer’s responsibility to balance security cost Page

Security Levels • Level 1 ‣ Requires minimal physical protections • Level 2 ‣ Requires addition of tamper-evident mechanisms • Seal or enclosure • Level 3 ‣ Stronger detection and response mechanisms • Level 4 ‣ Mandates environmental failure protection and testing Page

Countermeausres Page

Software Security • Best approach is to think about security early on • Software security should be applied at various levels ‣ Requirements level ‣ Design level ‣ Code level Page

Physical Attacks • Hard to use because of chip size, smaller = better • Expensive compared to other attacks Page

Logic Attacks • Logical attack countermeasures ‣ Ensure privacy and integrity sensitive code and data ‣ Determine that it is safe from a security standpoint to execute a program ‣ Identify and remove software bugs and design flaws Page

Timing Analysis • Obvious countermeasures don’t work ‣ Quantizing total time ‣ Adding random delays • Message blinding can be used with RSA • Make all computations the exact same time • Other public=ley cryptosystems Page

Power Analysis • Run other circuits simultaneously ‣ Doesn’t prevent attack but attacker needs more samples • Effective countermeasures are mathematically rigorous and non-intuitive • Effective countermeasure remain expensive and challenging Page

Fault Induction • RSA implementations can check their answers by performing a public-key operation • Many cryptographic devices include an assortment of glitch sensors ‣ Detect condition likely to cause computation errors Page

Work Cited • Adapted from Dr. Mohammad Tehranipoor slides Page