Tech Focus: Security – the third leg of embedded design?
Cryptography in software or hardware: It depends on the need
Embedded systems gaining secure footing
As you probably know, security issues are a growing crisis all aspects of connected computing, including the embedded and mobile segments. The degree of the problem is well illustrated in “2011 Top 25 most dangerous software errors list“, a joint effort by the Department of Homeland Security, Mitre and the Sans Institute to create a security scoring system to help developers avoid putting up big red signs in cyberspace saying: “Attack me, please.”
It, or something like it, is much needed, as was borne out last week in a report last week in CRN Magazine: “13 Android Security Attacks to watch.” It reminded me of a prescient column by David Kleidermacher eight months ago titled “Ángry bird droppings “. In it he revealed that analysis of the Android mobile platform uncovered 350 vulnerabilities, in addition to the thousands in the underlying Linux kernel.
All of this re-enforces R. Colin Johnson's conclusions in “Embedded systems gaining secure footing” to wit: with more and more Internet-enabled devices, security is now the third leg of the embedded design process. If you agree, the place to be is next month's 2011 ESC in Boston. There, in addition to a keynote by Infineon's Joerg Borchert on “Embedded design in a black hat world , ” there will be an entire Safety and Security Track as well as a number other of relevant classes, including:
Modern network security protocols for embedded systems(ESC-201)
Securing embedded systems, mobile devices, FPGAs (ESC-422)
Strong encryption and correct design are not enough(DCE-305 )
Using MISRA C/C++ for security and reliability (ESC-407)
Secure by design (SS-307)
In the meantime, here's a collection of recent Embedded.com white papers, tutorials and design articles on this issue, starting with “Building in RTOS support for safety and security” and “Cryptography in software or hardware.” My Editor's Top Picks are:
Security considerations for embedded operating systems
Is the SCADA infrastructure secure?
10 things to consider when securing an embedded WiFi device
Then be sure to read Jack Ganssle's most recent column, “Embedded Cyper-risks“.
Cryptography in software or hardware: It depends on the need
As the length of software keys increases to accommodate evolving needs for greater security, so embedded system designs demand a wider variety of cryptographic implementations
Building in RTOS support for safety- & security-critical systems
In this Product How-To, LynuxWorks' Will Keegan explain the differences between safety-critical and security-critical applications and how to use the company's two independent RTOSes – LynxOS-178 and LynxSecure – to meet the demanding requirements of each.
Smart management is the key to smart grid meter security
Addressing the security of meters in emerging smart grid applications requires a secret key management strategy that does not store keys on any node, authenticates each node, verifies communications, and uses temporary communication keys that are rotated often.
Strategies for securing the smart grid
Every embedded system on a possible cyber attack path, from the smart appliance to the smart meter to the network concentrators, must be a secure smart grid embedded system.
Cryptography for embedded systems – Part 1: Security level categories & hashing
Part 1 of an excerpt from the book “Wireless Security: Know it All” begins with a review of various application security level categories and a look at hash algorithms as a basic level of security.
Understanding Smart Meters to Design Intelligent, Secure Systems
Keeping data secure is one of the major challenges facing both the utility companies and the e-meter vendors.
Secure access key control through challenge & response
In this Product How-To, Maxim's Bernhard Linke examines keys for physical access control, evaluating them for their strengths and weaknesses and details how the company's MCU-based challenge & response key ICs can be used to overcome the limitations of static data keys.
Keeping embedded software safe & secure in an unsafe world
Robert Day provides some advice on techniques for software migration in embedded software platforms, the impact of security policies, and how to maintain real-time performance and determinism in your app.
10 things to consider when securing an embedded 802.11 Wi-Fi device
Timothy Stapko details some of the factors to evaluate when securing an embedded 802.11 wireless device
Using software flashing to secure embedded device updates
Integration of digital signature algorithms into automotive systems and wireless medical devices requires the addition of a secure software download mechanism of careful design to ensure that only the defined access is given.
Linux and Security: Mission Impossible?
I'm personally a big fan of Linux. But searching the Web about its use in high criticality app indicates that while the open source OS is used widely in many mainstream embedded, mobile and desktop apps, it is not the best choice where a high degree of security is necessary.
Security Considerations for Embedded Operating Systems
A tutorial on the fundamentals of the modern security evaluation methodology, Common Criteria, and shows how secure operating systems can thwart would-be hackers and limit damage when a system in penetrated.
MILS architecture simplifies design of high assurance systems – Part 1
The Multiple independent levels of security (MILS) architecture provides a framework for development and validation of secure operating systems for military and avionics applications.
Embedded Systems Bookshelf
Embedded Books Reading Room
Bernard Cole's favorite links to book excerpts.
Airport fiction blows. A look at books other engineers are reading and why you should read them, too. Recommend and write a review yourself. E-mail Brian Fuller.
Jack Ganssle's Bookshelf
A list of book reviews by Jack Ganssle, contributing technical editor of Embedded Systems Design and Embedded.com.
Max's Cool Beans
Clive “Max” Maxfield, the editor on Programmable Logic DesignLine, often writes about interesting books.
TI raises security on embedded processors
Texas Instruments Inc. is looking to provide added protection against unauthorized reading of intellectual property and sensitive data in its OMAP-L138 DSP + ARM processors and TMS320C6748 digital signal processors (DSPs).
Embedded firewall enables packet control
Floodgate-Packet Filter is an embedded firewall from Icon Labs that allows networked devices to control the packets they process. It protects against potentially malicious attacks by filtering packets before they are processed by an embedded device.
EEPROM features AES-CCM Authentication
An extension to Atmel's CryptoAuthentication family, the ATAES132 devices, offer secure data storage using the AES authentication for industrial, consumer, computing and embedded applications with flexible key management features and secure counters.
Security manager IC with 1024 bytes of nonimprinting memory
Maxim's newest security manager combines a patented nonimprinting-memory scheme with an ultra-low battery current for applications requiring the highest level of security.
LynxSecure 5.0 features increased performance and virtualization
LynxSecure 5.0 from Lynux Works, Inc., is a new release of the LynxSecure separation kernel and hypervisor that adds significant performance increases for fully virtualized guest operating systems (OSes) by utilizing new hardware technologies. The new release also offers 64-bit and Symmetric Multi-processing (SMP) guest OS virtualization support.
Secure microcontroller brings smart card security to device authentication
NXP Semiconductors N.V. has introduced the au10tic family of secure ICs designed specifically for device authentication.