With the growing popularity of embedded systems, concerns about security and privacy of these systems have risen dramatically in a short period of time. While operating systems like Windows and MacOS have well-known antivirus solutions that are constantly updated with new virus definitions, the ubiquity and modularity of embedded systems makes them more difficult to secure.
In a world that increasingly relies on embedded systems, security threats can result in serious damage in the best cases and utter chaos in the worst. In Poland, a 14-year-old high school student spent weeks trespassing at a train yard, gathering information that he used to convert a TV remote controller into a control device for the track points. The youth, now facing juvenile disciplinary hearings, caused 4 trains to derail and injured 12 in the process.
Your embedded systems application may not carry the inherent risks of one used to operate a train yard, but it's still important to know and understand the security risks associated with embedded systems and how to mitigate them. This article explains some of the most current security risks associated with embedded systems and how you can address them in your own devices. We'll also look at some of the security concerns in embedded systems around the world and how their architects are working to keep them secure.
It's important to understand first and foremost that no system is entirely secure. Given sufficient time, resources, and information, a sophisticated hacker or team of hackers can break into any system. In view of that, it's difficult to define what security measures are appropriate - how can you decide when you'll be vulnerable in any case?
The best approach is to conduct a risk assessment for your embedded system that asks several key questions - does my system need to be protected? What are the risks associated with a successful attack on the system? Who might want to attack the system? It's important to not only define the reasons you're protecting the system but also who you're protecting it from. If you're building a system that processes credit card data, you'll treat security threats differently than if the system were to operate a washing machine, for example.
This analysis will help you understand how to implement layers of security within your embedded systems and which layers are most important for mitigating attacks.
It is useful to create a classification system for different types of embedded systems attacks in order to understand the threats you could face and how they may manifest. Whether you're building an embedded system to secure your home against intruders, to control manufacturing or industrial equipment, or to facilitate banking transactions, it's important to recognize potential attackers and customize your security measures to keep them out.
The Clever Outsider - Many hacks and computer attacks are perpetrated by clever outsiders like the Polish high school student mentioned in the introduction. These hackers are intelligent, but their methods are often unsophisticated. They are often pranksters, looking to exploit system vulnerabilities to stroke their own egos - not to actualize any material gain.
How could a school student do some damage on such a low budget? A TV remote control is a device that emits infrared signals - it requires a receiver on the other end in order to function. If the train tracks are already controlled by infrared, the only thing left is to monitor the signals used and reverse-engineer them so they can be sent via the TV remote instead of via the secured track controls.
The Knowledgeable Insider - Sophisticated embedded systems attacks often come from knowledgeable insiders. These attackers use more specialized methods - they often have advanced technical knowledge that can be used to manipulate embedded systems the way they want. These attacks are often done with real malicious intent - to get access to financial or credit card information that can be sold to fraudsters.
These types of attacks are becoming especially common as embedded systems cement their place in our society. In the past, criminals would stage attacks against computers to try and obtain critical data. Now, it's easier to attack routers and intercept data packets where they're most vulnerable. In fact, a researcher from Kaspersky Labs found that 4.5 million routers in Brazil fell victim to a silent DNS attack in 2011 whose goal was to steal financial data. Sky News reported in 2013 that of the 89,000 reported car break-ins, around half resulted from hacking the vehicle's computer systems.
The Funded Organization - Major cyber attacks on embedded systems can be conducted by funded organizations with large teams and virtually unlimited budgets to get the job done. It's unlikely that you'll be a victim of this type of security breach, but these attacks exemplify just how resourceful big organizations can be when it comes to achieving their aims in the domain of cybersecurity.
Stuxnet, a malicious computer worm, was programmed jointly by American and Israeli programmers to facilitate an attack that destroyed 20% of the nuclear centrifuges used in Iran's nuclear program. Stuxnet infected the computers used to run the centrifuges, exploiting four zero-day flaws and causing the fast-spinning machines to tear themselves apart. An attack of this magnitude could involve 15-20 programmers working together for years.
Embedded systems, like the computers we use each day, are vulnerable to security threats from several different vectors. It's important to implement multiple kinds of security in layers that keep attackers from penetrating your devices and manipulating them for nefarious purposes. Let's briefly summarize each layer of security and how it functions:
Systems-Engineering Security - Implementing security features at the systems-engineering level is an effective means of preventing hackers from interacting with your software. This includes applications like firewalls, secure network communication protocols, proper authentication of data sources, and data encryption. These measures regulate interaction between your software and the outside environment, making it more difficult for attackers to access the system. They are especially important for devices that connect to the internet and could potentially be accessed remotely.
Hardware Security - Hardware security can be implemented in several ways. This level of protection uses physical barriers to prevent attackers from accessing, dismantling, or reverse-engineering your devices. Hardened steel enclosures for your connected devices, along with locks and tight airflow channels are all deterrents against attackers trying to dismantle your devices. Some device enclosures are so secure that opening the device would render it inoperable.
Software Security - Software security is the least-implemented layer of embedded systems security, especially for systems that don't connect to the internet. Poor programming, flaws, and bugs can lead to security vulnerabilities, so it's important to follow best practices when writing the software for your system. For starters, remember to remove any functions or debug routines that are not necessary in the final product. These may unintentionally provide attackers with extra information that can be used to manipulate the device.
The nature of your connected devices will affect how you implement these systems to optimize security against any attacks that you anticipate.
If you've been left with more questions than answers when it comes to security for your devices, you're not alone. Connected devices and the Internet of Things are expanding opportunities for hackers faster than they can be addressed, and keeping up with current threats is a constant struggle. Thankfully, we've saved our two most important pieces of advice for the end of this article so you can take them with you everywhere.
First, make sure you consider security throughout product development. Don't plan to implement security later, as this almost never happens, and you'll leave yourself open to the most basic attacks from "clever outsiders".
Second, ensure that the cost of penetrating your security system is greater than the benefit. If organized criminals and professional hackers can't profit from breaching your security features, it's much less likely that your security system will come under attack. Added security measures, especially those at the software level, like data encryption, increase the barrier to entry for attacks against your devices.
We hope this resource broadens your understanding of embedded systems security and serves as a starting point for ensuring security in your own connected devices.