Implementing effective security and data retention in embedded designs

May 23, 2018 // By Bernd Hantsche and Richard Ward
Embedded technology is becoming increasingly connected, with IoT sensor nodes being rolled out in vast numbers and in many cases access to cloud-based services being required.

Items of hardware are therefore ever more exposed to an array of different security issues, with attack surfaces expanding all the time and the level of sophistication employed by hackers also heightening. This article looks at the principal areas where such vulnerabilities are situated and what can be done to defend them.

The transfer of data using some type of wireless communication is a fundamental part of the majority of modern embedded system designs - covering everything from wearable electronics right through to factory automation equipment. There is a plethora of different wireless protocols that can be chosen from, each being optimised for particular application scenarios.

Wi-Fi has proved to be a popular method through which to establish communication between embedded systems, as it is easy for engineers to implement and the ICs required are inexpensive. One of the problems with this, and other wireless communication technologies, is that it can be subject to serious security breaches - such as man-in-the-middle (MITM) attacks. Here a third party is able to infiltrate the communication taking place between two endpoints by managing to simultaneously impersonate the opposing endpoint seen by each respectively and thereby gain the opportunity to receive potentially important data that was not originally intended for them.

It is now widely recognised that Wi-Fi protected access 2 (WPA2) based encryption has certain shortfalls which can allow hackers to intercept Wi-Fi transmitted data, with tools easily available that are capable of sniffing out wireless traffic which has WPA-based protection, then subsequently compromising it. In order to combat this, it is advised that in addition to constructing a strong WPA2 key, wireless security protocols such as secure socket layer (SSL) and transport layer security (TLS) are used, while the less robust 4-digit PIN Wi-Fi protection setup (WPS) is deactivated - as this is relatively straightforward for hackers to crack.

Design category: 

Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.