Embedding security protection in hardware
With the ubiquitous connectedness of today’s embedded and mobile systems, a whole range of security problems that were only troublesome and irritating in the past are now matters of urgent concern.
Device manufacturers are faced with two kinds of security problems. The physical kind involves protecting the devices from being physically opened up and data and intellectual property removed, modified, or copied for the sake of counterfeiting. The second kind is the threat to software integrity and data contained on the devices through their connection to an external network. As the world and the "things" in it become more connected to the Internet, such cyber-hacks will no doubt increase.
Both sets of problems are finding hardware solutions that will make it harder for security breaches to happen. Many of these will be on display this week at the 2014 Design Automation Conference in San Francisco.
In addition to a keynote talk by Ernie Brickell, chief security architect at Intel, there are at least ten sessions, tutorials, and panels on ways to incorporate hardware into mobile and embedded devices for protection from both physical and cyber-hacking. At the top of my must-see Editor's Top Pick list are:
Cryptography and Embedded Systems: Oil and Water? Chaired by Ozgur Sinanoglu of New York University, this session not only reviews current algorithms and their implementations on contemporary and resource-constrained platforms, but also provides a window into forward-looking cryptographic applications, such as quantum computing. "Cryptography is a fundamental element of security," said Sinanoglu, "However, whether implemented in software or hardware, cryptography comes at a significant cost. Embedded systems are ubiquitously used to deliver connectivity in this era of internet-of-things. The challenge is how to support modern cryptography while meeting practical constraints in embedded systems."
Trusted Mobile Embedded Computing, organized by Ahmad-Reza Sadeghi from the Darmstadt University in Germany and chaired by Google's Igor Markov. The session is concerned with the current state, new directions and challenges of hardware-supported Trusted Execution Environment (TEE) for mobile and embedded devices as well as with threats such as runtime and code reuse attacks and countermeasures that benefit TEEs. Of particular interest are exploring different design options for TEEs (e.g., SGX, TrustZone), challenges to address before TEEs are widely used by application developers (e.g., backup/recovery, credential transfer, multi-device use), and new hardware innovations in TEEs (e.g., PUFs, low-cost TEEs).
Gotcha: We Caught Your Trojans! which is chaired by Domenic Forte of the University of Connecticut. "In an increasingly globalized economy, where different stages of IC design and manufacturing are outsourced for cost reduction," he said, "the threat of malicious hardware modifications also increases. Prevention and detection of hardware Trojans is a standing challenge." Among the topics delved into in this session are a Trojan detection method that does not need golden reference chips, a new method of testing that exploits the split-foundry model, and new techniques for run-time detection and recovery.
Other session and panel topics on security issues include: Cryptographic Hardware; Formally Addressing Hardware Security; New Directions in CAD and Security; Introduction to Hardware Security; Can They Fake It? Chip Identification; Hardware Security: Building Trustworthy Systems; and Cryptography + Embedded Security: Crisis and Opportunity.
For additional insight into the security issues being discussed at DAC 2014, be sure to check out this week's Tech Focus newsletter, which contains links to a number of recent contributed design articles, technical papers, and presentations on topics under discussion there, some by authors who will be presenting at the conference. In addition, a number of other articles that I recommend are:
Boost MCU security AND performance with hardware accelerated crypto
Securing nonvolatile, nonresettable counters in embedded designs
Key attestation from trusted execution environments
Trusted execution environments on mobile devices
With the exception of improvements in protecting devices from physical hacking, I do not expect many of the efforts at DAC to introduce new hardware and architecture mechanisms to protect application software from online attacks to have much success commercially. The main reason is cost, a primary determining factor in a business world driven more by immediate cost-versus-benefit tradeoffs than long term utility.
As noted in a recent report about mobile smartphone security by Alcatel-Lucent, more than 11.6 million mobile devices are infected worldwide, and 60% of them are Android smartphones. During 2013 alone, the number of hacks multiplied by a factor of 20.
That such a plague continues is not due to a dearth of solutions. They’re available, many of them discussed previously in articles in the Security Archive on Embedded.com. Rather, it is because companies who should be using them are not making the long term investments they need to. They are more afraid of the short-term fall in profits than the possible dangers in the future if they do nothing.
The variety of solutions being discussed at DAC, many of them on improvements in the underlying hardware architecture, seem to me to be worth the investments needed to bring them to fruition. But unless they can be done at zero cost to end users, they will have even less chance of being used than the variety of software solutions that have been developed and are yet to be deployed.
Embedded.com Site Editor Bernard Cole is also editor of the twice-a-week Embedded.com newsletters as well as a partner in the TechRite Associates editorial services consultancy. He welcomes your feedback. Send an email to firstname.lastname@example.org, or call 928-525-9087.