Embedded Systems Security

Front Cover; Dedication; Embedded Systems Security: Practical Methods for Safe and Secure Softwareand Systems Development; Copyright; Contents; Foreword; Preface; About this Book; Audience; Organization; Approach; Acknowledgements; Chapter 1 -- Introduction to Embedded Systems Security; 1.1What is Security?; 1.2What is an Embedded System?; 1.3Embedded Security Trends; 1.4Security Policies; 1.5Security Threats; 1.6Wrap-up; 1.7Key Points; 1.8 Bibliography and Notes; Chapter 2 -- Systems Software Considerations; 2.1The Role of the Operating System; 2.2Multiple Independent Levels of Security.

The ultimate resource for making embedded systems reliable, safe, and secure Embedded Systems Security provides: A broad understanding of security principles, concerns, and technologies Proven techniques for the efficient development of safe and secure embedded software A study of the system architectures, operating systems and hypervisors, networking, storage, and cryptographic issues that must be considered when designing secure embedded systems Nuggets of practical advice and numerous case studies throughout Written by leading authorities in the field with 65 years of embedded security experience: one of the original developers of the world’s only Common Criteria EAL 6+ security certified software product and a lead designer of NSA certified cryptographic systems. This book is indispensable for embedded systems and security professionals, new and experienced. An important contribution to the understanding of the security of embedded systems. The Kleidermachers are experts in their field. As the Internet of things becomes reality, this book helps business and technology management as well as engineers understand the importance of "security from scratch." This book, with its examples and key points, can help bring more secure, robust systems to the market. Dr. Joerg Borchert, Vice President, Chip Card & Security, Infineon Technologies North America Corp.; President and Chairman, Trusted Computing Group Embedded Systems Security provides real-world examples of risk and exploitation; most importantly the book offers clear insight into methods used to counter vulnerabilities to build true, native security into technology. Adriel Desautels, President and CTO, Netragard, LLC. Security of embedded systems is more important than ever. The growth in networking is just one reason. However, many embedded systems developers have insufficient knowledge of how to achieve security in their systems. David Kleidermacher, a world-renowned expert in this field, shares in this book his knowledge and long experience with other engineers. A very important book at the right time. Prof. Dr.-Ing. Matthias Sturm, Leipzig University of Applied Sciences; Chairman, Embedded World Conference steering board Gain an understanding of the operating systems, microprocessors, and network security critical issues that must be considered when designing secure embedded systems Contains nuggets of practical and simple advice on critical issues highlighted throughout the text Short and to –the- point real case studies included to demonstrate embedded systems security in practice

The great strides made over the past decade in the complexity and network functionality of embedded systems have significantly enhanced their attractiveness for use in critical applications such as medical devices and military communications. However, this expansion into critical areas has presented embedded engineers with a serious new problem: their designs are now being targeted by the same malicious attackers whose predations have plagued traditional systems for years. Rising concerns about data security in embedded devices are leading engineers to pay more attention to security assurance in their designs than ever before. This is particularly challenging due to embedded devices’ inherent resource constraints such as limited power and memory. Therefore, traditional security solutions must be customized to fit their profile, and entirely new security concepts must be explored. However, there are few resources available to help engineers understand how to implement security measures within the unique embedded context. This new book from embedded security expert Timothy Stapko is the first to provide engineers with a comprehensive guide to this pivotal topic. From a brief review of basic security concepts, through clear explanations of complex issues such as choosing the best cryptographic algorithms for embedded utilization, the reader is provided with all the information needed to successfully produce safe, secure embedded devices. The ONLY book dedicated to a comprehensive coverage of embedded security! Covers both hardware- and software-based embedded security solutions for preventing and dealing with attacks Application case studies support practical explanations of all key topics, including network protocols, wireless and cellular communications, languages (Java and C/++), compilers, web-based interfaces, cryptography, and an entire section on SSL

Although security is prevalent in PCs, wireless communications and other systems today, it is expected to become increasingly important and widespread in many embedded devices. For some time, typical embedded system designers have been dealing with tremendous challenges in performance, power, price and reliability. However now they must additionally deal with definition of security requirements, security design and implementation. Given the limited number of security engineers in the market, large background of cryptography with which these standards are based upon, and difficulty of ensuring the implementation will also be secure from attacks, security design remains a challenge. This book provides the foundations for understanding embedded security design, outlining various aspects of security in devices ranging from typical wireless devices such as PDAs through to contactless smartcards to satellites.

Most innovations in the car industry are based on software and electronics, and IT will soon constitute the major production cost factor. It seems almost certain that embedded IT security will be crucial for the next generation of applications. Yet whereas software safety has become a relatively well-established field, the protection of automotive IT systems against manipulation or intrusion has only recently started to emerge. Lemke, Paar, and Wolf collect in this volume a state-of-the-art overview on all aspects relevant for IT security in automotive applications. After an introductory chapter written by the editors themselves, the contributions from experienced experts of different disciplines are structured into three parts. "Security in the Automotive Domain" describes applications for which IT security is crucial, like immobilizers, tachographs, and software updates. "Embedded Security Technologies" details security technologies relevant for automotive applications, e.g., symmetric and asymmetric cryptography, and wireless security. "Business Aspects of IT Systems in Cars" shows the need for embedded security in novel applications like location-based navigation systems and personalization. The first book in this area of fast-growing economic and scientific importance, it is indispensable for both researchers in software or embedded security and professionals in the automotive industry.

Platform Embedded Security Technology Revealed is an in-depth introduction to Intel’s platform embedded solution: the security and management engine. The engine is shipped inside most Intel platforms for servers, personal computers, tablets, and smartphones. The engine realizes advanced security and management functionalities and protects applications’ secrets and users’ privacy in a secure, light-weight, and inexpensive way. Besides native built-in features, it allows third-party software vendors to develop applications that take advantage of the security infrastructures offered by the engine. Intel’s security and management engine is technologically unique and significant, but is largely unknown to many members of the tech communities who could potentially benefit from it. Platform Embedded Security Technology Revealed reveals technical details of the engine. The engine provides a new way for the computer security industry to resolve critical problems resulting from booming mobile technologies, such as increasing threats against confidentiality and privacy. This book describes how this advanced level of protection is made possible by the engine, how it can improve users’ security experience, and how third-party vendors can make use of it. It's written for computer security professionals and researchers; embedded system engineers; and software engineers and vendors who are interested in developing new security applications on top of Intel’s security and management engine. It’s also written for advanced users who are interested in understanding how the security features of Intel’s platforms work.

The Hardware Hacking Handbook takes you deep inside embedded devices to show how different kinds of attacks work, then guides you through each hack on real hardware. Embedded devices are chip-size microcomputers small enough to be included in the structure of the object they control, and they’re everywhere—in phones, cars, credit cards, laptops, medical equipment, even critical infrastructure. This means understanding their security is critical. The Hardware Hacking Handbook takes you deep inside different types of embedded systems, revealing the designs, components, security limits, and reverse-engineering challenges you need to know for executing effective hardware attacks. Written with wit and infused with hands-on lab experiments, this handbook puts you in the role of an attacker interested in breaking security to do good. Starting with a crash course on the architecture of embedded devices, threat modeling, and attack trees, you’ll go on to explore hardware interfaces, ports and communication protocols, electrical signaling, tips for analyzing firmware images, and more. Along the way, you’ll use a home testing lab to perform fault-injection, side-channel (SCA), and simple and differential power analysis (SPA/DPA) attacks on a variety of real devices, such as a crypto wallet. The authors also share insights into real-life attacks on embedded systems, including Sony’s PlayStation 3, the Xbox 360, and Philips Hue lights, and provide an appendix of the equipment needed for your hardware hacking lab – like a multimeter and an oscilloscope – with options for every type of budget. You’ll learn: How to model security threats, using attacker profiles, assets, objectives, and countermeasures Electrical basics that will help you understand communication interfaces, signaling, and measurement How to identify injection points for executing clock, voltage, electromagnetic, laser, and body-biasing fault attacks, as well as practical injection tips How to use timing and power analysis attacks to extract passwords and cryptographic keys Techniques for leveling up both simple and differential power analysis, from practical measurement tips to filtering, processing, and visualization Whether you’re an industry engineer tasked with understanding these attacks, a student starting out in the field, or an electronics hobbyist curious about replicating existing work, The Hardware Hacking Handbook is an indispensable resource – one you’ll always want to have onhand.

Opening with a detailed review of existing techniques for selective encryption, this text then examines algorithms that combine both encryption and compression. The book also presents a selection of specific examples of the design and implementation of secure embedded multimedia systems. Features: reviews the historical developments and latest techniques in multimedia compression and encryption; discusses an approach to reduce the computational cost of multimedia encryption, while preserving the properties of compressed video; introduces a polymorphic wavelet architecture that can make dynamic resource allocation decisions according to the application requirements; proposes a light-weight multimedia encryption strategy based on a modified discrete wavelet transform; describes a reconfigurable hardware implementation of a chaotic filter bank scheme with enhanced security features; presents an encryption scheme for image and video data based on chaotic arithmetic coding.