Secure Embedded Systems: Concepts and Issues

Secure Embedded Systems: Concepts and Issues

Ali Ahmadinia (California State University – San Marcos, USA) and Ahmed Saeed (COMSATS Institute of Information Technology, Pakistan)
Copyright: © 2018 |Pages: 15
DOI: 10.4018/978-1-5225-5510-0.ch010

Abstract

As computing devices have become an almost integral part of our lives, security of systems and protection of the sensitive data are emerging as very important issues. This is particularly evident for embedded systems which are often deployed in unprotected environments and at the same time being constrained by limited resources. Security and trust have also become important considerations in the design of virtually all modern embedded systems as they are utilized in critical and sensitive applications such as in transportation, national infrastructure, military equipment, banking systems, and medical devices. The increase in software content and network connectivity has made them vulnerable to fast spreading software-based attacks such as viruses and worms, which were hitherto primarily the concern of personal computers, servers, and the internet. This chapter discusses the basic concepts, security attacks types, and existing preventive measures in the field of embedded systems and multi-core systems.
Chapter Preview
Top

2. Vulnerabilities In Embedded Systems

Typically, embedded systems are categorized based on the design methodology followed, processor architecture, assigned workload and other characteristics such as area, power consumption, and performance. There are two important key characteristics that make such embedded systems prone to the security attacks. Firstly, the simplified processing capabilities and limited power resources expose such systems to a number of possible security attacks. Secondly, the network connectivity to the outside world, without any inbuilt protection, also leaves such systems vulnerable to security attacks. Overall, these characteristics lead to the following vulnerabilities.

Due to constrained computational resources of an embedded system, typical security solutions cannot be deployed that are used to prevent security attacks in conventional computer systems (e.g., firewalls, anti-virus, intrusion detection system).

Due to the limited power supply, the embedded systems can only allocate limited resources in terms of power consumption to provide system security. For example, it is not feasible to implement complex encryption algorithms as security features, which are computationally intensive and consequently consume more power.

Embedded systems being deployed at remote locations (e.g., public location, remote field location), cannot be monitored all the time. Therefore, such embedded systems are more vulnerable to physical attacks. Examples of sensitive data that should be protected are cryptographic keys or information stored on a smart card.

For embedded systems, the network connectivity, either wireless or wired, has become usual. Such network access is essential for remote configuration, information collection and applying updates. Specifically, where the embedded system is connected to the public network, vulnerabilities in the system can be exploited remotely from anywhere. For example, in a video surveillance system, an altered video feed can be attached to a security camera. Similarly, in an electricity meter, the data can be overwritten through unauthorized access.

Peripherals or sensor devices attached to the embedded systems are also vulnerable to attacks. Damaging the peripherals may also cause incorrect operation of the system such as tampering with the calibration of a sensor may lead to erroneous output.

Typically, embedded systems are designed to work in good operating conditions. As such systems may be installed in a hostile environment, the attacker can overheat the system in order to stop it from working properly or even cause other environmental damages.

These kinds of vulnerabilities in the embedded systems can be exploited by an attacker to steal private data, drain the power supply, destroy the system, or modify the system behavior for other than its designed purpose. Therefore, security-awareness is becoming a primary design objective to be considered at each level of the software and hardware platforms design for future SoC embedded devices. In fact, it is very likely that an attacker might choose weak points of the system instead of using complex methods (e.g. brute force attacks) in order to get access to the protected information.

Complete Chapter List

Search this Book:
Reset