Mar 2, 2012 ... Embedded systems are growing in popularity due to: ▻ Technology ... a system.
▷ In respect to security, embedded designs are different from.
Introduction
Device attacks
Embedded Systems Security Device Attacks Embedded Parallel Computing Seminar, SS12
Viktor Vasilev and Amirfarzad Azidhak H¨ ogskolan Halmstad
March 2, 2012
Conclusion
Introduction
Device attacks
Conclusion
Embedded systems trends I
Embedded systems are growing in popularity due to: I I
I
Technology improvements and seamless integration. Quality of life benefits for example medical devices, mobile communication and entertainment. Cost cuts due to automation in buildings, factories, etc.
I
Mobile appliances have evolved very fast in the last years. They capture the whole identity and purchasing power of the owner.
I
Up until recently there has been relatively low attention to security except for security- or mission-critical systems. Security is much needed:
I
I I I
Anti-theft protection, identification. Access control in banking, media. Protection of intellectual property.
Introduction
Device attacks
Conclusion
Security concerns
I
Complexity and availability has been on the rise, raising security concerns.
I
Constant pressure to lower device costs influence design, implementation and testing times.
I
Aside from technical challenges, the human factor also plays a big role in securing a system.
I
In respect to security, embedded designs are different from general purpose systems: I I
They are resource constraint. They are easily physically accessible to the attacker.
Introduction
Device attacks
Security considerations
Embedded systems involve many layers of complexity making it impossible to have a single security abstraction layer that shields the whole design from attacks. I
Hardware
I
Software
I
Algorithms
I
Communication
I
Interaction
Conclusion
Introduction
Device attacks
Device attacks
I
Device attacks aim at accessing control functions.
I
Embedded devices are subject to many restrictions which together contribute to their vulnerability to attacks: I I I I I
I
Low power. Limited computational power. Limited memory. Limited connectivity and communication rate. Used in untrusted environment.
The system balances between the required security level and the available resources (“good enough security”).
Conclusion
Introduction
Device attacks
Attack types Invasive and non-invasive attacks. I
Software I I I
I
Physical I I I
I
Code injection Exploiting algorithm weaknesses Availability attacks Micro-probing and reverse engineering Eavesdropping Component replacement
Side-channel I I
Time/Power analysis Fault behavior analysis
Conclusion
Introduction
Device attacks
Software attacks
Exploit security weaknesses in the device’s protocols, algorithms and software implementations. I
Code injection I I
I
Exploiting algorithm weaknesses I
I
Caused by processing invalid data. Can lead to arbitrary code execution. Especially effective against cryptographic algorithms (for example RC4, MD5 collisions)
Availability attacks I I
Denial-of-service Response time
Conclusion
Introduction
Device attacks
Conclusion
Software defense Must be integrated in the software design cycle. I
In a perfect world security is present at all software development levels: requirements, design, architecture, code.
Figure: Software design cycle [KLMR04] I
There is a risk of overly focusing on functionality and ignoring security.
I
Networking enabled systems are especially vulnerable.
Introduction
Device attacks
Case study: availability attacks
Especially important in mission-critical and medical devices. I
Military, social-safety and vehicular systems.
I
Implantable medical devices (IMD) such as defibrillators.
I
Security can also cause trouble: override protection by medical personnel.
I
Zero-power authentication used in IMDs to prevent unauthorized access. I
I
Harvest RF energy from external source to power a crypto protocol to authenticate requests. Defends against power drain.
Conclusion
Introduction
Device attacks
Conclusion
Physical attacks Also called invasive, they use physical intrusion and manipulation to interfere with normal device function. I
Micro-probing/reverse engineering I I
I
Eavesdropping I
I
I
Direct access to the chip surface. Communication monitoring, manipulation and interference. Signal processing and machine learning classifiers to detect and decode signals. Useful for devices that use vibration or sound for communication.
Component replacement I
Instrumentation or interfacing with attacker controlled hardware.
Introduction
Device attacks
Conclusion
Physical defense
I
Can be expensive to perform, very difficult for modern chips, leave tamper evidence.
I
Hard to counter, as they offer almost unlimited access to the chips.
I
Tamper resistant hardware: I I I I
Metal layers with sensors. Memory access protection. ASICs, FPGAs and custom ICs. Asynchronous designs, internal clocks.
Introduction
Device attacks
Tamper protection levels
Figure: Source [Sko]
Conclusion
Introduction
Device attacks
Tamper protection levels cont’d
Conclusion
Introduction
Device attacks
Tamper protection levels cont’d 2
Conclusion
Introduction
Device attacks
Case study: Reverse engineering I
I
Understanding the function of a particular device allows to change its output and for example bypass security checks. Difficult to perform on modern chips.
Conclusion
Introduction
Device attacks
Case study: Reverse engineering cont’d Data can possibly be extracted directly from the memory chip. I I
NOR ROMs directly visible after top metal layer removal. VTROM bits exposed through selective etching.
Conclusion
Introduction
Device attacks
Conclusion
Case study: eavesdropping attacks
Intercepting the communication between an Implantable Cardioverter Defibrillator (ICD) and a commercial programmer [HHBR+ 08]. I
Uses easily accessible off-the-shelf technology: I
I
Hardware: Recording osciloscope and Universal Software Radio Peripheral. Software: Matlab, Perl, Python, C++, GNU Radio.
I
Reverse engineering of the communication protocol.
I
Obtain private patient data and history, intercept telemetry (ECG) data.
Introduction
Device attacks
Case study: eavesdropping attacks cont’d Off-the-shelf equipment used in the attack.
Conclusion
Introduction
Device attacks
Conclusion
Side-channel attacks
I
Involves observation of external device parameters to obtain information.
I
Monitoring of analog power supply, interface connections and EM radiation.
I
Time/Power analysis I
I
Variation in time duration or power consumption of computations causes information leakage.
Fault behavior analysis I I
Attacks the implementation, not the algorithm. Especially relevant in cryptography calculations.
Introduction
Device attacks
Conclusion
Side-channel defense
I
Prevent input/output correlation.
I
Software solutions don’t always work: I
I
I
(Obvious) adding random delays or quantizing function execution time make harder, but don’t prevent time analysis. (Non-obvious) using non-trivial mathematical approaches may require patent licensing, non-intuitive.
Additional hardware and sensors may be used to detect computation glitches.
Introduction
Device attacks
Case study: Power analysis Differential power analysis used to determine secret keys from complex noisy power consumption measurements.
Figure: Power consumption traces during an attack [KLMR04]
Conclusion
Introduction
Device attacks
Case study: Fault behavior analysis Optical fault injection attack. I Uses a laser attached to a microscope to induce faults into device operation. I Control board controls laser pulses. I Doesn’t scale down to individual transistors, but works with chips down to 90nm technology.
Figure: Test board, setup and control board [KLMR04]
Conclusion
Introduction
Device attacks
Take-away message and conclusion
I
Absolute protection can not be achieved.
I
Embedded systems have unique constraints: power, computation, memory, communication.
I
Fundamental trade-off between security, usability and cost.
I
Attacks are evolving and becoming more complicated and frequent; defense research and development must keep up.
Conclusion
Introduction
The end
Thank you!
Device attacks
Conclusion
Introduction
Device attacks
Conclusion
Bibliography I
Wolfgang Granzer, Fritz Praus, and Wolfgang Kastner. Security in Building Automation Systems. IEEE Transactions on Industrial Electronics, 57(11):3622–3630, November 2010. D. Halperin, T.S. Heydt-Benjamin, B. Ransford, S.S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W.H. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Security and Privacy, 2008. SP 2008. IEEE Symposium on, pages 129 –142, may 2008.
Introduction
Device attacks
Conclusion
Bibliography II Paul Kocher, Ruby Lee, Gary McGraw, and Anand Raghunathan. Security as a new dimension in embedded system design. In Proceedings of the 41st annual Design Automation Conference, DAC ’04, pages 753–760, New York, NY, USA, 2004. ACM. Moderator-Ravi, Srivaths. Srivaths Ravi, Anand Raghunathan, Paul Kocher, and Sunil Hattangady. Security in embedded systems: Design challenges. ACM Trans. Embed. Comput. Syst., 3:461–491, August 2004. Dr Sergei Skorobogato. Physical attacks on tamper resistance: Progress and lessons.
Introduction
Bibliography III
Device attacks
Conclusion
