Best practices: Improving embedded operating system security
Harden the system against attack
Enabling the security features of an embedded operating system is the first step, but it’s important to test the system continuously throughout development.
It’s also reasonable to test fielded products using automated tools, if possible, to see what vulnerabilities exist in the product line. Testing of this sort uncovers vulnerabilities in the system that can be fed back into the development via bug fixes and configuration tweaks. Consider using third-party tests and certification as appropriate for the marketplace of the device.
In industrial control, the Wurldtech Achilles certification provides assurance that a device has undergone strenuous security testing. Using such testing during development hardens the device over time. Comprehensive and diverse security testing is key to increasing embedded security.
Secure the Boot and Execution
Embedded systems are vulnerable at boot time. In fact, it’s common for hobbyists to re-flash consumer hardware, but it’s an undesirable liability for systems that are part of critical infrastructure. Many devices allow updates via web interfaces or other remote access, creating a serious security threat if abused.
Securing the boot image is an important step to securing a device. Trusted boot images are cryptographically signed with an identifier that the hardware recognizes as the only acceptable signature for execution. Support in the processor hardware makes this easier to adopt.
Trusted execution ensures on an ongoing basis that only properly signed applications/libraries/drivers are accepted for execution on the device. This blocks malware from being installed on the device.
Secure Data and Data Storage
No assumptions should be made about the classification and privacy of data used in embedded systems. Traditionally, device data was not considered private or of interest to third parties. There is an increasing role of embedded systems in health care, energy systems, power grids, and water and sewage control.
The data these devices carry may be of interest to external threats. Data shouldn’t be stored in clear text, and cryptographic support is used where possible, especially if stored on disk or flash memory. In particular, don’t store passwords and keys in clear text (obvious, but it still happens.)
Nowadays, embedded processors have hardware acceleration for cryptographic libraries, making fairly sophisticated cryptography reasonable for embedded devices without incurring a heavy power or CPU usage penalty.
Mapping Recommendations to the Best Practices
These recommendations can be mapped back to security best practices. It should be noted that the recommendations in Table 1 earlier might only partially fulfill the intent of the best practices rather than satisfy them completely. The best practices should be interpreted as ongoing goal design and development rather than a checklist.
Improve Security at the Embedded OS Level
Security is a growing concern for embedded developers and rightly so. Security needs to be built in to a device from inception to release. However, there are some reasonable steps that can be taken now and with future projects to improve security at the embedded OS level.
Following good security practices, such as using safe defaults, turning off nonessential services, and securing data, means embedded systems security can be greatly improved. No system is ever completely secure, but improvements can be made to ensure a better situation.
Bill Graham is the product-marketing manager for VxWorks platforms at Wind River. He has over 20 years of experience in the software industry, including embedded and real-time systems development, UML modeling, and object-oriented design. Prior to joining Wind River, he held marketing and product management positions at QNX, IBM Rational and Klocwork. Prior to his career in marketing, Bill was a software engineer at ObjecTime, Cross Keys and Lockheed Martin. He holds a Bachelor’s and Master’s degree in electrical engineering from Carleton University in Ottawa, Canada.
Loading comments... Write a comment