Embedded IoT Devices with Incorporated Security

Mark Patrick -
Incorporating Security into An Embedded IoT Device

With ubiquitous wired and wireless connectivity, incorporated security in the design of any device can no longer be an afterthought, and it is essential for embedded IoT devices. A coherent and robust approach to security is essential and should become an intrinsic part of the initial design specification.

News reports highlighting compromised systems and applications are becoming regular news globally. Hackers and adversaries are adept at looking for weak points in a system’s security and collaborating with others to make a successful attack.

All embedded systems are vulnerable to attack, connected or not. Attacks need not always involve interrupting a system or industrial process. Initially, it may include attempting to steal the intellectual property of firmware, cryptographic keys, and other confidential user data. Armed with such information enables the next phase of an attack.

An IoT/ IIoT use is particularly vulnerable to attack. A large-scale IIoT implementation may have hundreds of connected embedded IoT devices responsible for managing an industrial process, and many might be in remote locations accessible to an adversary. Compromising just one device might be all that is necessary to place a whole manufacturing process at risk. (See Figure 1)

The consequences of a successful attack on an industrial process or utility service vary, ranging from causing widespread disruption to resulting in human fatalities.

Understanding the Threat Landscape

Figure 2 illustrates the four categories of attack types an adversary has available. The hardware methods require physical access to the embedded system, with the most invasive requiring access to the system’s PCB and components. However, many software attack methods do not need the adversary to have the system nearby. Remote software attacks on embedded IoT devices are increasing an attractive proposition, reducing the likelihood of detection.

Another aspect of some attack vectors is that they are relatively simple to achieve and require minimal costs.

Software Attacks

Malware denotes any software injected into an embedded system to take over system control and gain access or modify software functions, interfaces, and ports, or access memory or microcontroller registers. It is a relatively inexpensive attack vector that relies on shared knowledge and access to a computer.

Malware may form part of an iterative process to access a system by first downloading cryptographic keys or opening up previously secured communication ports. Adversaries may inject malware through physical interfaces such as the system’s debug port or create a rogue version of firmware update for the system to apply automatically.

Hardware Attacks

Side-channel attacks (SCA) require access to the embedded system hardware but are not invasive. Differential power analysis involves closely monitoring the power consumption of the system as it operates.

Over time it is possible to determine what feature in the system is functioning based on changes in the power consumption. It is possible to understand the device’s internal behavior and its software architecture at a granular level. Rapid power glitching is another technique used to force an embedded system into a fault state where ports and debug interfaces are no longer secured.

Hardware invasive attacks require significant investments in time and specialist equipment. They also need an in-depth knowledge of semiconductor design and process technologies, typically beyond most adversaries and usually those wishing to steal intellectual property.

Network Attacks

A man-in-the-middle (MITM) attack involves intercepting and eavesdropping the communications between an embedded device and a host system. This approach would allow the capture of host logins and the harvesting of cryptographic keys. In most cases, an MITM attack is difficult to detect. However, encryption of data and the use of IPsec protocols provide an effective means of countering such attack vectors.

The Importance of Cryptography

The most popular cryptographic communication method used with embedded IoT devices for authentication purposes uses a public key infrastructure (PKI). Authentication confirms the identity of the message sender. PKI’s most common encryption algorithms include RSA (named after the founders Rivest, Shamir, and Adleman) and elliptic curve cryptography (ECC).

It works based on a pair of keys, one private and one public, which have an asymmetric relationship. The originator keeps the private key but shares the public key with anyone they wish to share an encrypted message. See Figure 3.

Anyone with the public key can decrypt a message encrypted with the private key. In Figure 3, John Doe2 can encrypt a message with the public key and send it to John Doe1, who can decode it using the private key. However, JohnDoe3 would not be able to read the message destined for John Doe1.

Another aspect of cryptography is confirming the message itself has not been tampered with during transmission. Hashing algorithms verify message integrity. A digest, a fixed-length bitstream, is created from the message and sent to the recipient along with the message. Note, adversaries cannot recreate the message from the hash digest. Popular hashing algorithms include MD5 and SHA-1/2/3.

Adding a signature, created using a public key algorithm, adds authentication to hashing’s integrity – see Figure 4.

Implementing Embedded Security

To aid embedded developers in implementing reliable and robust security functions in new designs, semiconductor vendors offer hardware-based security features and frameworks, some of which are certified to Platform Security Architecture (PSA) Level 3. PSA is an industry certification partnership, initially founded by Arm, but now a global collaboration of semiconductor companies, certification organizations, and embedded security evaluation labs.

Securing Your Embedded Device

Incorporating a high degree of security into an embedded system is vital. For most embedded developers, learning to accomplish this from scratch is a very daunting and time-consuming task. However, many semiconductor vendors have now developed PSA-certified hardware and firmware-based security frameworks for their microcontrollers that greatly simplify the process. Implementing embedded security using one of these frameworks helps speed design cycles and allows developers to maintain their focus on the core application tasks.