What you need to know about embedded systems securityWhat security package(s) do I need?
This is probably Question #1 an engineer might ask when faced with security as a requirement for an embedded systems application.
Unfortunately, there are a large number of "security packages" available, and an embedded engineer new to security may only know of security as encryption or virus protection. While encryption is a tool used for security and virus scanners technically provide security, neither one likely provides what is needed.
Fortunately, these days security is integrated into many applications and the packages you need are usually dictated by what your application will interface with. If your application is Web-based, it probably will use SSL/TLS (Secure Sockets Layer, also known as Transport Layer Security).
Other applications use technologies like IPSEC (Internet Protocol Security) or CCMP (WPA2 Wi-Fi encryption). Knowing what the acronyms mean isn't as important as knowing which protocols you need to support. Once you know what you need to support, then you can go shopping.
|Figure 1: Common applications and potential security solutions|
Question #2: How do I implement a security package for my application? Depending on the application, this may be as simple as running an executable with security enabled. For example, if you are running embedded Linux or Windows CE, there are probably applications that provide a lot of the security you need, like an SSH (Secure Shell) client. If binaries aren't available, then there may be source code available.
Open-source packages like OpenSSL and OpenSSH are considered among the best implementations of those security protocols available and the best part is that they are free to use. Avoid implementing your own security protocol. Unless you are a cryptography expert, chances are your implementation will be vulnerable.
Question #3: How secure is my system? Once you have implemented your application and added in all of your security protocols, it is natural to ask how secure the result is. This is where you need to start thinking like a criminal, or hire someone who does (though hiring actual criminals is not recommended).
Anything that can be exploited by an attacker will be if the gain is significant enough. The purpose of security is to make the cost of breaking the security greater than the value of the gain for the attacker. Modern cryptography relies on mathematics that would take thousands of years to work out using modern computer hardware.
Unfortunately, any protocol or algorithm out there may have an undiscovered vulnerability that makes breaking it much easier, and hardware performance continues to improve at a fantastic pace, bringing that "thousands of years" number down significantly.
The remaining questions address some of these issues and hopefully give some insight into how to evaluate and deploy secure embedded applications.