Embedded System Security

Professor Patrick McDaniel

Charles Sestito

Fall 2015

Page

Embedded System

• Microprocessor used as a component in a device

and is designed for a specific control function

within a device

‣ Used In:

• Cell Phones

• Household appliances

• Camera

• And more

Page

Requirements

• Low cost

• Fast

• Fit within hardware and software constraints

• Size (must be small)

• Reliable

• Reactive

• Real-time

Page

Attacks on systems

• Many different types of attacks

‣ Embedded Software Attacks

‣ Physical Attacks

‣ Logical Attacks

‣ Timing Analysis

‣ Power Analysis

‣ Fault Induction

‣ Electromagnetic Analysis

Page

Embedded Software Attack

• Three factors that contribute to security risks in

embedded software

‣ Complexity

‣ Extensibility

‣ Connectivity

Page

Complexity

• Software is complicated

• The more complex the code, the more possibly

bugs and vulnerabilities

• Unsafe programming language

‣ C++ is very common

Page

Extensibility

• Modern systems are designed to be extended

‣ Updates

‣ Extensions

• Loadable device driver and modules must be

accounted for

Page

Connectivity

• Some embedded systems are being connected to

the internet

‣ Even more so with IoT

• Possible small failures could lead to security

breaches

• Attacker can use series of automated attacks

Page

Physical Attack

• Eavesdropping

‣ Probes listen in on inter-component communications

• Micro-probing

‣ Use normal communication interface and abuse security

vulnerabilities

‣ De-packaging

Page

De-Packaging

• Use fuming acid to dissolve resin covering silicon

of a chip package

• Recontruct the layout using a systematic

combination of microscopy and invasive removal

of covering layers

‣ Internals of the chip can be inferred

‣ Can obtain ALU, ROM cells, instruction decode, and

more in detailed view with this technique

• Microprobe to observe interfaces between

components

Page

Logical Attack

• Send messages to device, observe response

• Trick device into revealing the key

• Exploits design flaws

Page

Timing Analysis

• Keys can be determined by analyzing small

variations in the time required to perform

cryptographic computations

Page

Power Analysis

• Operating current drawn by hardware is correlated

to computations being performed

• In most IC’s, logic gates and losses due to

parasitic capacitance are major contributors to

power consumption

• Two types

‣ Single power analysis

‣ Differential Power analysis

Page

Fault Induction

• Security isn’t only software dependant

‣ Hardware failing to make proper computations is a

security vulnerability

• RSA implementation can be compromised if any

computation errors

Page

Electromagnetic Analysis

• Documented since the 80’s

• Measures electromagnetic radiation emitted by

device to reveal sensitive information

• Success deployment requires knowledge of chip

layour

• Two types

‣ Simpler EMA (SEMA)

‣ Differential EMA (DEMA)

Page

Design challenged

• Processing Gap

• Battery Gap

• Flexibility

• Tamper Resistance

• Assurance Gap

• Cost

Page

Processing Gap

• Some systems are not capable of keeping up with

computational demands of security processing

‣ Increase data rates and complexity of security protocols

• Processing gap is obvious in systems which need

to process high data rates

‣ Network routers, firewalls, web servers

Page

Battery Gap

• Battery capacity increases at an average of 5-8%

per year

• Security processing energy requirements outpace

the increase in battery capacitance

‣ Leads to battery gap

Page

Flexibility

• Embedded systems often required to execute

multiple and diverse security protocols

• Need to be able to support

‣ Multiple security

‣ Interoperability in different environments

‣ Security processing in different layers of the network

protocol stack

Page

Tamper Resistance

• Attacks due to malicious software

‣ Most common

• Viruses

• Trojan Horses

‣ Can exploit OS vulnerabilites

‣ Disrupt normal functioning

Page

Assurance Gap

• Truly reliable systems are much more difficult to

build

• Reliable systems must be able to handle wide

range of situations

• Secure systems should be able to operate despite

attacks

• Increase in complexity makes it more difficult to

realize if something was overlooked

Page

Cost

• Fundamental factor that influences the security

architecture

• Increase in security leads to increase in cost

• Designer’s responsibility to balance security cost

Page

Security Levels

• Level 1

‣ Requires minimal physical protections

• Level 2

‣ Requires addition of tamper-evident mechanisms

• Seal or enclosure

• Level 3

‣ Stronger detection and response mechanisms

• Level 4

‣ Mandates environmental failure protection and testing

Page

Countermeausres

Page

Software Security

• Best approach is to think about security early on

• Software security should be applied at various

levels

‣ Requirements level

‣ Design level

‣ Code level

Page

Physical Attacks

• Hard to use because of chip size, smaller = better

• Expensive compared to other attacks

Page

Logic Attacks

• Logical attack countermeasures

‣ Ensure privacy and integrity sensitive code and data

‣ Determine that it is safe from a security standpoint to

execute a program

‣ Identify and remove software bugs and design flaws

Page

Timing Analysis

• Obvious countermeasures don’t work

‣ Quantizing total time

‣ Adding random delays

• Message blinding can be used with RSA

• Make all computations the exact same time

• Other public=ley cryptosystems

Page

Power Analysis

• Run other circuits simultaneously

‣ Doesn’t prevent attack but attacker needs more samples

• Effective countermeasures are mathematically

rigorous and non-intuitive

• Effective countermeasure remain expensive and

challenging

Page

Fault Induction

• RSA implementations can check their answers by

performing a public-key operation

• Many cryptographic devices include an assortment

of glitch sensors

‣ Detect condition likely to cause computation errors

Page

Work Cited

• Adapted from Dr. Mohammad Tehranipoor slides