This virulent cryptoworm infected systems, using an exploit code for a patched SMB vulnerability. The UK, Spain, Russia, the Ukraine and Taiwan were among the numerous countries to suffer - with vital data (including confidential medical records) being held to ransom. Later that year, one of the United States’ largest credit bureaus, Equifax, was embroiled in an attack and over 143 million American citizens’ identities were subsequently stolen. More recently, the computers of a key US Navy contractor were hacked and sensitive submarine warfare plans leaked.
Cyberattacks clearly have the potential to disrupt systems that are involved in defence, healthcare, finance, power grids, traffic control, banking and basically any aspect of our daily lives that you care to think about. What is more alarming is that both the frequency and the strength of these attacks only seem to be increasing.
Embedded systems are susceptible to numerous threats and developers need to find ways to arm themselves accordingly. Key issues that must be addressed include all of the following - counterfeiting, reverse engineering, malware injection or firmware substitution, eavesdropping, identity theft, unauthorised network connection and unauthorised re-use.
Security Developments in Embedded Systems
Embedded engineers need to start taking an integrated approach to system design in which the security features are a fundamental part of the overall system functionality. As such, security should be attended to at the very beginning of the development cycle, and not just deemed to be an after-thought of secondary importance. The security tactics implemented should encompass both software and hardware.
Traditionally software is the first line of defence against unauthorised access. Here mechanisms like use of passwords, encryption and authentication are the most commonplace. However, sophisticated hackers are finding new ways to strike network systems and subsystems. Among the techniques employed are attacking the boot up process if it cannot be secured and authenticated. Once the attack has successfully breached the system, deposited malware can then lay dormant in the boot ROM for a long time.
Advanced microcontroller units (MCUs) now boast security features that will mitigate various forms of hacker attack. These include built-in secure and strong cryptographic/authentication engines, key management, tamper detection and prevention, protection of external memory and encryption/decryption of communication protocols.
Several elaborate schemes are now being utilised by chip makers to safeguard the security keys from hacking or being tampered with in some other way. For example, on-chip tamper-detection/protection mechanisms can shield devices from invasive probing. Cryptographic engines can help the system to keep stored data safe through encryption. In addition, the system may use a private bus for the communication of security data or keys. A number of strategies have also been employed to safeguard the contents of external memory, such as secured execute-in-place directly from the external memory reserve, without loading data into the processor’s embedded memory or decrypt-on-the-fly - which allows applications to run on the main processor and off-site storage while still maintaining full confidentiality.
Regarding networking security, both wireless and wireline network communications can potentially be intercepted. In fact, some communication protocols have well known security vulnerabilities that hackers have managed to exploit. Highly secure communication protocols often involve an overhead of encrypting and decrypting the communication stream in addition to verifying the authenticity of the sender and receiver. In these cases, there will be a performance penalty to be paid in exchange for stronger security. This trade-off may be avoided or, at least minimised, though integrating hardware-based accelerators for the cryptographic algorithms as part of the communication protocol. Then the trade-off, instead of being between performance and security, is between cost and security.
Examples of How MCUs Implement Security Features to Fight Back
As discussed earlier, some MCUs incorporate hardware encryption accelerators to perform security functions without impacting overall system performance. One example is the Texas Instruments TM4C129E Crypto Connected LaunchPad™ - which is a 120MHz, ARM Cortex-M4F-based microcontroller board, designed for secure cloud connection, building/factory automation, smart grid and industrial controls. The TM4C129E 32-bit MCU at the heart of this board includes three core security features. These are the data encryption standard (DES) accelerator, the advanced encryption standard (AES) security modules and the secure hash algorithm.
Figure 1: Texas Instruments’ TM4C129E LaunchPad.
The DES accelerator module provides hardware accelerated data encryption and decryption functions. It can run either the single DES or the triple DES (3DES) algorithm and supports electronic codebook (ECB), cipher block chaining (CBC) and cipher feedback (CFB) modes of operation in order to deliver advanced on-chip security capabilities. The AES symmetric cipher module uses either a 128-bit, 192-bit, or 256-bit key in hardware for both encryption and decryption purposes. The secure hash algorithm includes the hash message authentication code (HMAC) operation using a key of 64Bytes. This will authenticate messages or data files. Altogether, these three features enable security key management, encryption/decryption and data file authentication to be performed by the chip.
The Maxim MAXQ1061 DeepCover secure cryptographic controller IC implements tamper detection and secure boot functions. The multiple tamper detection features ensure the security ongoing of information contained within the chip. Its private key management safeguards against unauthorised access occurring, while on-chip key generation is based upon a random number generator and certificate verification. Without verification, the TLS handshake cannot be performed, thereby preventing hackers from communicating with the chip. Additionally, the 128-bit AES engine supports AES-GCM (SP 800-38D compliant) and AES-ECB (SP 800-A compliant) modes. This standards compliance increases the level of security of the chip. Finally, secure boot up is enforced via signature verification mechanisms. A hacker will not be able to access the host processor’s data without a signature. Target applications for the MAXQ1061 include IoT nodes, connected embedded devices, industrial networking and network appliances.
Microchip’s ATECC608A family of hardware accelerator ICs will process security algorithms ten times to a thousand times faster than conventional software running on standard microprocessors. These algorithms include complete asymmetric (public/private) key cryptographic signature solutions based upon elliptic curve cryptography (ECC) and the elliptic curve digital signature algorithm (ECDSA) protocol. Additionally, they comply with the NIST standard P256 prime curve and support the complete key life cycle from high quality private key generation to public key verification. Secure boot functionality is provided thanks to ECDSA code signature validation and optional stored digest/signature. As a result, malware will not be able to alter any boot information which is vital to the system.
Figure 2: Microchip’s ICs.
Conclusion
Embedded processor security is a multi-layered and highly complex issue. With the pervasive growth of IoT and the almost total ubiquity of embedded systems, sophisticated security attacks pose serious challenges for developers to deal with. Fortunately, the advances currently being made in MCU design mean that many security functions and operations can be performed on these devices. Even better, with built-in accelerators or co-processors, these operations can often be performed without needing to slow down the system’s performance.