Overcome security issues in embedded systems
Traditional security techniques may not suffice anymore. Embedded systems are getting more complex and hackers are getting smarter.
Embedded systems traditionally have had very limited security options. Indeed, fitting a robust set of security features into such a small mechanical footprint can be challenging. Storage components, processing power, battery life, time-to-market, and overall cost concerns have prevented most security features from being implemented. Overcoming these design challenges has become crucial to embedded systems designers in light of the growing threat of security breaches as more systems are shared or attached to networks and new regulations are adopted that make security mandatory.
The security industry has focused largely on portable storage devices for the consumer electronics industry. The basic premise here is that users want security capabilities to travel with the device, such as with a USB thumb drive. This approach lets users protect their data on any system, whether it's on an office or home PC, an Internet kiosk, or a public computer. Software applications and data are password-protected using industry-defined security protocols, which often are targeted by Internet hackers. Portable data devices are also highly susceptible to theft. Once stolen and the security encryption defeated, the fully intact data can be accessed, loaded onto a PC or the Internet, sold, or worse.
On the other hand, embedded systems applications for the enterprise OEM market face their own unique challenges. These OEMs (original equipment manufacturers) targeting the netcom, military, industrial, interactive kiosk, and medical markets typically provide infrastructure equipment to their customers by supplying everything from network routers and voting machines to medical diagnostic equipment and data recorders. The key requirement is that data must be rendered unreadable should the storage devices be removed from the systems for which they're intended. The host system must maintain ultimate control over security algorithms to protect the data and prevent IP theft. Security requirements can vary for these applications. They can be as simple as ensuring that the correct storage product is in the host, or as intricate as tying the software IP and application data directly to the storage device.
Tying security to the host
Two key functions are required in enterprise OEM applications to protect application data and software IP. The first is a need to ensure that the end customer is using a qualified storage device in the system. Due to warranty or service contracts, the OEM must verify that the storage device originally shipped with the equipment is indeed still in the system. The second is a need to tie specific application data and software IP to the specific drive for which it is intended to prevent theft and ensure software integrity. In this way, even if the portable storage device is stolen, the data can't be accessed and the device won't function properly.
Optimally, the host should have access to at least two unique pieces of data for validation purposes. One identifies the drive and ensures it's the correct product. The second data string identifies the specific drive and its correlating data. The host system can then use that data to create encryption/decryption keys for software IP and application data. Such a method doesn't provide copy protection, but it restricts the use of particular software on any system other than the original host.
Design considerations for enterprise OEM applications are many. First, it's important to ensure the integrity of the stored data. The drive itself must not be susceptible to corruption due to power disturbances. Portability has become of huge importance, so the technology considered must be low power and small and light enough to match the design requirements. In addition, extreme environmental conditions such as shock, vibration, altitude, and a wide temperature range must be considered. Multiple-year product lifecycle and high-endurance ratings are also important. If a drive wears out unexpectedly, critical data can be lost, so a feedback mechanism that prevents field failures and unplanned downtime would be beneficial.
Consumer applications typically only need the storage device to store data. In enterprise OEM applications, designers must consider operating systems requirements for storage. An operating system must be kept open to accommodate needed read/write functions. The traditional use of write protection becomes impossible on a storage device that supports an open operating system.
Another important consideration for enterprise OEMs is the accidental overwriting of critical system files, such as the master boot record. When a power fluctuation occurs, address lines can float to undetermined states. If there's still enough power to write to the storage component, data could be written to an improper location, potentially corrupting critical system files.
Many embedded systems have different security requirements for different data types. Perhaps there's a need to write-protect a file or look-up table or to have a password-protected area for regulatory validation. The traditional approach would be to implement multiple storage devices, such as a secure EPROM for validation codes; a CD-ROM for read-only access; or a flash card for data and user statistics or tracking.
This may not be the best solution for power and space-constrained embedded designs. Not only does using three different devices for one system have a larger-than-desired footprint, but the cost is also increased exponentially by the purchase and programming of three devices.
Storage security solutions
Advanced storage technologies are now available that let designers add the security that's required for their particular design. These new storage solutions definitely provide the desired environmental performance, low power, small footprint, and longer product lifecycles.