embedded security and the iot
TRANSCRIPT
Embedded Security and the IoT
Embedded Security and the IoT ̶Challenges, Trends and Solutions
Marcellus BuchheitPresident and [email protected]
Page 1/14
Security Challenge: Internet
Security Challenge: Open System Architecture
Solution: Code Integrity
Technical Implementation Details
Contact
Page 2/14
Agenda
Embedded Security and the IoT
Embedded Security and the IoT
┐ Embedded System can be directly attacked via Internet Principle protection: Firewalls etc.
┐ Execution Code updates can be polluted Redirected code source:
Hacker’s malicious code looks like new code update Execution Code modified during download process Firewalls can protect but are difficult
to manage by operation people┐ Weakness in code can be used to infiltrate malicious code
Example: Weak Internet access parameter validation Buffer Overruns
Security Challenge “Internet Connection”
Page 3/14
Embedded Security and the IoT
┐ Hacker has same information available as developer┐ Hacker can use powerful development/analysis tools
Debugger, Disassembler, Source-Reverser etc.┐ Hacker knows execution code binary structure
Direct modification on the executable file: Static Attack┐ Hacker knows memory and process architecture
Inserting of malicious code into the process space: Dynamic Attack
Security Challenge “Open Systems”
Page 4/14
Embedded Security and the IoT
Embedded System
Page 5/14
Code Integrity: The Principle
Development
Encrypt Code
EXE0000TEXT11DATA022CODE3355RES44ASM0000PICT1111DATA8844CODE77DATA33TEXT9999TEXT88RES66ASM
Application x
EXE3A9C21C8DF31E734933D2818D875CF66045D814A56C29148A3981C369A1793F175E3979235F165B84C841B8
Application x
PrivateKey
PublicKey
Certificate
CodeSignature
Decrypt Code
LicenseKey
LicenseKey
CodeSignature
VerifyCode
Grant Code Execution
yes/no
Embedded Security and the IoT Page 6/14
┐ Execution Code is authenticated: Can only be created by developer, no other source possible Cannot be modified during delivery or on embedded system
┐ Execution Code is encrypted: Cannot be easily reverse engineered by hacker, competitor
etc.
Code Integrity: The Results
Embedded Security and the IoT Page 7/14
Code Integrity: New Challenges
┐ Who verifies the Verifier? Hacker could remove the Code Verifier and force Code Execution Grant Hacker can then start his own malicious code
Embedded System
EXE3A9C21C8DF31E734933D2818D875CF66045D814A56C29148A3981C369A1793F175E3979235F165B84C841B8
Application x
Certificate Decrypt Code
LicenseKey
CodeSignature
VerifyCode
Grant Code Execution
yes/no
┐ Solution: Code Verifier in the loader must be verified as well ┐ Finally the whole boot process including OS must be verified
Embedded Security and the IoT
Page 8/14
ExProtector: Automatic Protection Process
Prot
ecte
d Ex
ecut
able
/ Li
brar
y
Orig
inal
Exe
cuta
ble
/ Lib
rary
Header
Original Code
Header
Credentials(Hash, Signature, …)
ExProtector
Keys for EncryptionKeys for Code Signing
Typically no source modification necessary
Encrypted Code
Embedded Security and the IoT
Page 9/14
ExProtector: Keys and Credentials
Prot
ecte
d Ex
ecut
able
/ Li
brar
y
Orig
inal
Exe
cuta
ble
/ Lib
rary
Header
Original Code
Header
Credentials(Hash, Signature, …)
ExProtector
Keys for EncryptionKeys for Code Signing
Encrypted Code
AES Key (FSB)
ECC Private Key
Certificate(s)
Encrypted Random AES Key
Firm Code and Product Code
Hash
Signature
Certificate(s)
Embedded Security and the IoT
Page 10/14
ExProtector: Protection During ExecutionPr
otec
ted
Exec
utab
le /
Libr
ary Header
Credentials(Hash, Signature, …)
Encrypted Code ExEngine
Public Root KeyLicense with Firm Code and Product Code
Mem
ory
of E
mbe
dded
Dev
iceHeader
Decrypted Code(“Original Code”)
Credentials(Hash, Signature, …)
AdditionalSecurity:
Watchdog against
Memory modification
Embedded Security and the IoT
Page 11/14
ExProtector: Integration into Loader
Operating System(for ExProtector)
ExEngine(ExProtector
Runtime)
CodeMeter Embedded Driver
Operating System(without modification)
Engineering
Original Loader
Root Public Key
Modified Loader
Check
Embedded Security and the IoT
Page 12/14
Forward and Backward Check
ProtectedApplication
Loader Load
Credentials(Hash, Signature, …)
Credentials(Hash, Signature, …)
Time
Start
Check
ApplicationCertificate
LoaderCertificate
Embedded Security and the IoT
Page 13/14
Secure Boot: Cascaded Security Chain
Application / Driver etc.
Operating System (VxWorks, …)
Boot Loader (UEFI, …)
Hardware / Pre-Boot Loader
Check
Load
Load
Load
Check
Check Start
Start
Start Check
Check
Check
Embedded Security and the IoT
Company┐ Wibu-Systems USA Inc. www.wibuusa.com
┐ US subsidiary ofWibu-Systems AG in Germany www.wibu.com
Speaker┐ Marcellus Buchheit,
President and CEO
┐ [email protected]┐ www.linkedin.com/in/mabuus
More Information
Page 14/14