Items of hardware are therefore ever more exposed to an array of different security issues, with attack surfaces expanding all the time and the level of sophistication employed by hackers also heightening. This article looks at the principal areas where such vulnerabilities are situated and what can be done to defend them.
The transfer of data using some type of wireless communication is a fundamental part of the majority of modern embedded system designs - covering everything from wearable electronics right through to factory automation equipment. There is a plethora of different wireless protocols that can be chosen from, each being optimised for particular application scenarios.
Wi-Fi has proved to be a popular method through which to establish communication between embedded systems, as it is easy for engineers to implement and the ICs required are inexpensive. One of the problems with this, and other wireless communication technologies, is that it can be subject to serious security breaches - such as man-in-the-middle (MITM) attacks. Here a third party is able to infiltrate the communication taking place between two endpoints by managing to simultaneously impersonate the opposing endpoint seen by each respectively and thereby gain the opportunity to receive potentially important data that was not originally intended for them.
It is now widely recognised that Wi-Fi protected access 2 (WPA2) based encryption has certain shortfalls which can allow hackers to intercept Wi-Fi transmitted data, with tools easily available that are capable of sniffing out wireless traffic which has WPA-based protection, then subsequently compromising it. In order to combat this, it is advised that in addition to constructing a strong WPA2 key, wireless security protocols such as secure socket layer (SSL) and transport layer security (TLS) are used, while the less robust 4-digit PIN Wi-Fi protection setup (WPS) is deactivated - as this is relatively straightforward for hackers to crack.
Elevated degrees of security are derived by deployment of a media access control (MAC) address filter, as this will only give network admission to a list of approved devices (each with their own specific hardware-defined 12-character identification code). Devices trying to gain access that do not appear on this list will simply be blocked. However, it must be noted that it is possible for MAC addresses to be faked.
Thanks to its inherent low power consumption, Bluetooth is proving to be an attractive option when it comes to the transfer of relatively low data rate information over short distances (and has almost become ubiquitous in the personal networks required by wearables and handheld consumer products). Furthermore, with the advent of new generations of the Bluetooth standard (in particular Bluetooth 5), both the range and the data rate have been increased significantly. As the operational distance that Bluetooth transmissions can support has grown the risk posed by MITM attacks has correspondingly increased.
The 128-bit advanced encryption standard (AES) capabilities incorporated into the Bluetooth 5 protocol, plus advanced frequency hopping (AFH), help to mitigate some of the prospective security threats. Also, the built-in forward error correction (FEC) mechanism means that ongoing data integrity is maintained during transmission - detecting and correcting errors as and when they arise.
By selecting a Bluetooth 5 IC (or module) with integrated encryption functions, greater security assurance can be implemented into embedded designs. For example, Nordic Semiconductor’s nRF52840 multi-protocol (Bluetooth 5/ANT/Thread) SoC supplements its 128-bit AES encryption with the highly effective ARM CryptoCell technology.
Since they are used in very short range applications (with the communication endpoints being only a few cm apart at most), both NFC and RFID are not susceptible to MITM security breaches, as it is obviously impractical for a third party to get in between the transmitter and receiver elements. Consequently, these wireless protocols are showing themselves to be extremely useful in areas like healthcare, where they can be employed to acquire and then upload sensitive patient diagnostic data and records through close proximity interfacing.
The embedded system’s memory resource is another important aspect that needs to be addressed, as the ongoing retention of accurate data is of course paramount. The effect of cosmic rays or radioactive decay will lead to ‘soft’ bit errors occurring, and this can have far-reaching implications in terms of impact on the system’s data integrity - resulting in operations taking place that are not actually appropriate.
To safeguard against such data corruption, it may be necessary to utilise a redundant array of independent disks (RAID) system - which will allow the mean time between failure (MTBF) figures to be increased dramatically. For applications where there is frequent read/write activity a RAM memory module with error correction code (ECC) is recommended, as this will enable single-bit data errors to be dealt with through the generation of a redundant control bit for every saved Byte of data.
Undertaking encryption and authentication of stored data in hardware represents a means via which to enhance system security against any malicious intent. One important factor here is that the cryptographic key is not saved onto the same platform, as would be the case with software-based solutions.
At the heart of an item of networked embedded hardware will be a microcontroller unit (MCU) of some description. It is vital that when specifying the MCU due consideration is given to the security mechanisms it features. From both an MCU and memory perspective, solely relying on software to protect data and cryptographic keys is clearly unwise, hardware-oriented protection will almost certainly be mandated.
Semiconductor vendors, in response to this, need to establish a root of trust during the manufacturing process. With this in place secure boot mechanisms can be utilised, so that malicious code is not given a route into the embedded system. That way only trusted, authentic software is executed when the system, into which the MCU has been incorporated, boots up.
If the MCU is deemed to have any deficiencies in respect to its security measures, then it will be necessary to have a devoted security IC to accompany it. This will help to protect the system against the threat of unauthorized access from third parties, as well as the possibility of physical attacks on remotely located items of hardware (in which the private encryption key could potentially be uncovered), while still allowing secure boot processes and firmware-over-the-air (FOTA) updates to be carried out. Examples of such devices include Infineon’s Optiga Trust X, which has 521-bit ECC and 2048-bit RSA asymmetric encryption.
Use of such an IC also means that responsibility for encrypting/decrypting data is no longer down to the MCU, but can be offloaded. This will thereby allow MCU to concentrate on other tasks and the embedded system’s performance to be raised accordingly.
About the authors:
Bernd Hantsche is Head of the GDPR Team of Excellence and Marketing Director Embedded & Wireless at Rutronik – www.rutronik.com.
Richard Ward is Semiconductor Marketing Manager at Rutronik.