IT and embedded systems are now facing cybersecurity attacks every day. The high profile WannaCry ransomware attacks last May showed how victims could be prevented from using their computers or accessing their data.
This virulent cryptoworm infected systems, using an exploit code for a patched SMB vulnerability. The UK, Spain, Russia, the Ukraine and Taiwan were among the numerous countries to suffer with vital data (including confidential medical records) being held to ransom. Later that year, one of the United States’ largest credit bureaus, Equifax, was embroiled in an attack and over 143 million American citizens’ identities were subsequently stolen. More recently, the computers of a key US Navy contractor were hacked and sensitive submarine warfare plans leaked.
Cyberattacks clearly have the potential to disrupt systems that are involved in defence, healthcare, finance, power grids, traffic control, banking and basically any aspect of our daily lives that you care to think about. What is more alarming is that both the frequency and the strength of these attacks only seem to be increasing.
Embedded systems are susceptible to numerous threats and developers need to find ways to arm themselves accordingly. Key issues that must be addressed include all of the following – counterfeiting, reverse engineering, malware injection or firmware substitution, eavesdropping, identity theft, unauthorised network connection and unauthorised re-use.
Security Developments in Embedded Systems
Embedded engineers need to start taking an integrated approach to system design in which the security features are a fundamental part of the overall system functionality. As such, security should be attended to at the very beginning of the development cycle, and not just deemed to be an after-thought of secondary importance. The security tactics implemented should encompass both software and hardware.
Traditionally software is the first line of defence against unauthorised access. Here mechanisms like use of passwords, encryption and authentication are the most commonplace. However, sophisticated hackers are finding new ways to strike network systems and subsystems. Among the techniques employed are attacking the boot up process if it cannot be secured and authenticated. Once the attack has successfully breached the system, deposited malware can then lay dormant in the boot ROM for a long time.
Advanced microcontroller units (MCUs) now boast security features that will mitigate various forms of hacker attack. These include built-in secure and strong cryptographic/authentication engines, key management, tamper detection and prevention, protection of external memory and encryption/decryption of communication protocols.
Regarding networking security, both wireless and wireline network communications can potentially be intercepted. In fact, some communication protocols have well known security vulnerabilities that hackers have managed to exploit. Highly secure communication protocols often involve an overhead of encrypting and decrypting the communication stream in addition to verifying the authenticity of the sender and receiver. In these cases, there will be a performance penalty to be paid in exchange for stronger security. This trade-off may be avoided or, at least minimised, though integrating hardware-based accelerators for the cryptographic algorithms as part of the communication protocol. Then the trade-off, instead of being between performance and security, is between cost and security.
Embedded processor security is a multi-layered and highly complex issue. With the pervasive growth of IoT and the almost total ubiquity of embedded systems, sophisticated security attacks pose serious challenges for developers to deal with. Fortunately, the advances currently being made in MCU design mean that many security functions and operations can be performed on these devices. Even better, with built-in accelerators or co-processors, these operations can often be performed without needing to slow down the system’s performance.