Embedded Ish

download Embedded Ish

of 7

Transcript of Embedded Ish

  • 8/2/2019 Embedded Ish

    1/7

    Index: 092510

    Module : Embedded systems and design

    Module code : HCA3110

    Cohort: BEng TEL/09/FT

    Assignment title: Security in Embedded System

  • 8/2/2019 Embedded Ish

    2/7

    Introduction

    Nowadays majority of equipment uses digital components for fabrication involving microprocessors and

    microcontrollers. Loads of embedded devices from defense system to home small gadgets. For example

    smart cards, DVD players, washing machine and cell phones. With the increase in embedded system

    usage it has been seen that criminals are taking advantage of the weak leakage in the system. Mostly

    financial institution, battlefield equipment, fighter aircrafts and nuclear power plants are more prone to

    get hacked due to their important information and high money transaction is involved. So its a must to

    ensure that the security is not compromised. They are built to perform duty while being completely or

    partially independent of humans. Real time response it needed. Security threats against embedded

    system do not propagate as fast as those against standard OS or software applications.

    Securities which can be implemented in embedded system are:

    1. Cryptography methods (data must be scrambled so that it becomes useless to unauthorized persons)

    2. Security protocols

    3. Digital certification and digital biometrics

    4. Security threats against embedded system initiated at any one of the designing stages before the

    device is built

    5.Tamper mechanism

    Cryptography methodsIt is the process of encryption and decryption of information to ensure security over network.

    Involved cryptography algorithm like.

    1.Symmetric cipher-receiver and sender uses same key to encrypt and decrypt data.

    2.Asymmetric cipher-Uses public key for encryption but private key for decryption of the data

    3. Hashing algorithm-maps messages into fixed length value then compares two signatures to

    ensure integrity of communicated data.

  • 8/2/2019 Embedded Ish

    3/7

    Security protocolsIt is a way of make the communication channel to and from embedded system much more

    secure for sending of data. An Example is secure web transaction. Some of the security

    protocols are VPN`s(Virtual private network), WEP , IP sec, SSL .These protocols secures range of

    data services and applications. IP sec uses process of tunneling to hide identity of information

    sender and receiver

    Digital biometricsFingerprint recognition, digital signatures helps in authentication to access some important data

    helps to prevent intruders to hack information.

    Architectural design of device(hardware and software design issue)It affects the processing capabilities of as high demands for security processing which therefore

    encounter failures. Some portable devices such as mobile are sometimes forced into their

    resources therefore at this face security involving battery operators must be implemented.

    Various types of attack ever increasing needs to more secured as they have to function under

    different constraints.

    Tamper mechanismLocks and security screws put on the device itself using specialized materials to increase level of

    tampering

    It can be divided into tamper resistance and tamper detection.

    Tamper resistance- can be seen if someone has tried to force the lock for unscrew.

    Tamper detection- detects any case of tampering example switches used therefore knowing if

    the device had been opened or tampered with. Sensors also are used to indicate presence of

    usage like pressure sensor or light sensor.

  • 8/2/2019 Embedded Ish

    4/7

    Attacks on embedded systems can be motivated by a number of different goals like:

    o Extracting secret information for example reading cryptography material on a smart cardo Modifying data ( tampering with utility meter readings)o Denial of service attacko Hijacking of hardware platform (reprogramming of tv- set top box)o Thermal attacks -damaging or destroying a device by overheating its chip

    Embedded system are threatened by cyber security issues. So countermeasures need to be established

    to tight against cybercrimes thus ensuring better security.

    Security involves three aspects which are:

    Confidentiality Integrity Availability

    The threats can be either hardware or software. Attacks through physical and logical interfaces.

    Considering threats in the software aspect part of embedded system:

    Logical interface

    CONFIDENTALITY

    Threats: spoofing during transmission

    Countermeasure: user/ server authentication

    Threats: data interception during transmission

    Countermeasure: communication encryption

  • 8/2/2019 Embedded Ish

    5/7

    INTERGRITY

    Threats: data modification during transmission

    Countermeasure: data signature

    AVAILABILITY

    Threats: Denial of service

    Countermeasure: filtering

    OS/Drivers

    CONFIDENTALITY

    Threats: privilege escalation (gaining elevated access to resources)

    Countermeasure: vulnerability countermeasure

    INTERGRITY

    Threats: privilege escalation

    Countermeasure: logging, vulnerability measure

    AVAILABILITY

    Threats: denial of service attackCountermeasure: logging

    Logical interface

    CONFIDENTALITY

    Threats: spoofing during transmission

    Countermeasure: user/ server authentication

    Threats: data interception during transmission

    Countermeasure: communication encryption

  • 8/2/2019 Embedded Ish

    6/7

    INTERGRITY

    Threats: data modification during transmission

    Countermeasure: data signature

    AVAILABILITY

    Threats: Denial of service

    Countermeasure: filtering

    Considering threats in the hardware aspect part of embedded system:

    CONFIDENTALITY

    Threats: probing

    Countermeasure: data encryption

    Threats: side channel attack

    Countermeasure: anti- tamper

    INTERGRITY

    Threats: data modification and data destruction

    Countermeasure: anti-tamper

    AVAILABILITY

    Threats: Denial of service due to loss of integrity

    Countermeasure: anti tamper

    Threats: Denial of service due to monopolization of bandwidth and processing power

    Countermeasure: filtering, logging, prevention of resource monopolization

  • 8/2/2019 Embedded Ish

    7/7

    References:

    http://www.irma-international.org/viewtitle/56302/

    http://en.wikibooks.org/wiki/Embedded_Systems/Embedded_Systems_Introduction

    http://www.irma-international.org/viewtitle/56302/http://www.irma-international.org/viewtitle/56302/http://en.wikibooks.org/wiki/Embedded_Systems/Embedded_Systems_Introductionhttp://en.wikibooks.org/wiki/Embedded_Systems/Embedded_Systems_Introductionhttp://en.wikibooks.org/wiki/Embedded_Systems/Embedded_Systems_Introductionhttp://www.irma-international.org/viewtitle/56302/

HE ISH ERALD

HE ISH ERALD

ART 1900-1945-ish

ART 1900-1945-ish

Top fair ish 15

Top fair ish 15

Eidisaurus ngl ish

Eidisaurus ngl ish

Publish or Pear- ish

Publish or Pear- ish

Alice Ish 1

Alice Ish 1

Beriyt- ish ( Brit-ish ) covenant man

Beriyt- ish ( Brit-ish ) covenant man

International Society of Hypertension (ISH) New ...ish-world.com/data/uploads/ISH_symposium_2014_programme_2... · of Hypertension (ISH) New Investigator Symposium on Hypertension

International Society of Hypertension (ISH) New ...ish-world.com/data/uploads/ISH_symposium_2014_programme_2... · of Hypertension (ISH) New Investigator Symposium on Hypertension

Ish Catering Menu

Ish Catering Menu

The “ISH” factor

The “ISH” factor

AGC Ish Lu Updated

AGC Ish Lu Updated

Ish 2015 - Hansa

Ish 2015 - Hansa

Parenteral nutrition ish

Parenteral nutrition ish

Flash ethnograph(ish) - ALAMW16

Flash ethnograph(ish) - ALAMW16

Ish Program Engl

Ish Program Engl

ISH technologies_Profile

ISH technologies_Profile

BP -ISH en SAP.pdf

BP -ISH en SAP.pdf

uplb perspective 9th ish

uplb perspective 9th ish

Top 40(ish) photos

Top 40(ish) photos

Treatment final ish

Treatment final ish