One of the defining characteristics of the new pervasively connected computing environment is that it is still in a state of definition. Two steady states — computing and networking — have converged and the result is not a third steady state but a still chaotic one.
As movement toward the new steady state occurs, the relationships between entities in it are still in flux, where changes in one often impact others, and where there are many unknowns to be investigated and questions to be answered.
Typical of this cascading of effects is the impact of both wired and wireless connectivity on microcontroller development and deployment of embedded devices and systems, especially where security is involved. There still seem to me to be many questions to be answered and issues to be resolved, each of which impacts the relationships between connected devices and the technologies used to build them.
One of the first questions I have is how great is the need for security at the microcontroller level? Since Sept. 11, 2001 there has been a lot of discussion in relation to SCADA (Supervisory Control And Data Acquisition) network systems and how protected much of our manufacturing facilities, power plants, chemical and fuel distribution centers are, since their often highly automated operation depends on the security of numerous connected microcontrollers.
There certainly are considerable governmental and societal pressures to make this new connected environment more secure. But I think that much of the motivation for securing Zigbee and RFID enabled sensors and MCUs will be financial and personal, not imposed by agencies at the federal level, or because of the very real threat of terrorist-sponsored cyber-attacks.
Within industry, for example, as more systems become roboticized and sensorized, the ability to connect to these MCU-based devices and gather information will for many businesses and enterprises be a compelling argument for integrating them into their security frameworks. Industrial espionage still occurs and breaking in to such connected enterprises to extract information and/or engage in some economically advantageous hacking has considerable benefit.
And with the average networked house of the present and near future also the home of anywhere from 100 to 400 connected embedded MCUs, there are serious financial and privacy issues to be resolved as well. Even without considering the illegal snooping and hacking, many companies now employ services that gather an amazing amount of information about systems — and their owners — connected to the Web.
Unless there are some serious security walls in place, under the user’s control, that block such intrusions, the amount of information about your personal and home life which could be available for all to see is uncomfortable to think about.
MCU security: what kind and where?
Not clear to me is what kind of connections to the MCUs need to be secured and how, and to what level of protection. And how does this change with the application environment? Even one-way RFID implementations are not immune, since information stealing is not the only damage that can occur.
For example, I don’t think that Denial of Service attacks — overwhelming the local controllers tied to the sensors with spurious input data — are out of the question.
Certainly this would be a major concern for the Department of Defense which is committed to RFID as a way of monitoring inventory. Ditto for Wal-Mart and a lot of the retail chains and many manufacturers of goods. But in the home? WiFi and Zigbee-connected embedded devices, however, raise a number of serious security issues in the home.
Given the need for pervasively connecting the many MCUs that now inhabit our lives, what is the impact of the increased need for security on their design, their capabilities and their architectures in the future? And how will this change the way such systems are designed and programmed?
In almost every article I have read and discussion I have had, the same set of compute intensive algorithms are mentioned, with the same underlying assumption that “goes without saying”: if you are going to secure your system go with the best, the various Advanced Encryption Standard (AES), Data Encryption Standard (DES), Triple-DES, etc. specs developed by or for, and often imposed by, the U.S. government.
The problem with these algorithms is that they are all very compute intensive. According to evaluations by the National Institute of Standards and Technology (NIST), while a typical 8-bit microcontroller could handle the AES algorithm, it would take more than 8,000 instruction clock cycles and about 3,500 for a 16-bitter. Compared to this, a typical 32-bit embedded RISC engine requires between 700 and 800 cycles while a heavily pipelined VLIW machine requires only 100 and 150 cycles.
So, where performance is not an issue, use an 8-bit MCU. But where the issue is real-time, deterministic operation, incorporating such algorithms into an MCU fundamentally changes the ground rules by which such devices have traditionally been built and implemented.
For example, at the very least such mandated algorithms could change developers’ choices and buying patterns, forcing them to move to 32-bit MCUs when an 8- or 16-bitter would do if security were not an issue. It will change life for the makers of the controllers, who, in addition to making the MCUs faster to handle the additional compute load, will also have to make them cheaper.
But are such compute-intensive encryption algorithms always necessary in wired and wirelessly connected embedded devices? There are several I am aware of — XTEA and Blowfish, for example — that are less demanding of the MCU. And there is also a variety of simple pseudo-random binary sequence generating schemes. Many of them require considerably less memory space and processing power than the more sophisticated algorithms.
Back to the Future with machine code?
To conserve memory space on-chip, many developers have taken one step back in order to take two steps forward and abandoned programming their MCUs in the very C-language for which they have been optimized, at least for the security algorithms.
Instead, they write the encryption algorithm in machine code to save valuable memory space for their application code, which they write in C. Talk about back to the future! Some silicon vendors are now providing AES machine code libraries to developers in the same way certain complex DSP algorithms are provided as callable libraries.
There are other alternatives and work-arounds to this problem, all of which have a cascade of effects on other elements of a design and on other connected devices. These include (1) going to an external memory device, which would make it more prone to physical acquisition of key code information and access to the system, (2) increasing the amount of on-chip nonvolatile memory, (3) hardwiring the algorithms into the chip’s logic gates, (4) implementing a special security engine as an coprocessor, and (5) going to an advanced process to allow storage of more data.
All of these alternatives share a common characteristic: they are more expensive, an important consideration in most microcontroller applications.
There is also the question of how physically secure many of the nonvolatile flash-, UV EPROM-, EEPROM- and OTP-based devices are, and how protected from physical hacking. To address this issue several companies, such as IBM and Broadcom, are developing less physically hackable nonvolatile devices.
But considering the still burgeoning growth in the flash market, most connected devices still depend on less physically secure alternatives. Why? Because they are cheaper, easier to implement, and the more secure alternatives are not standard and are often very specific to particular vendors.
Shifting to a systems view of security
But maybe the solution to MCU security is to not rely exclusively on improvements in the devices themselves, but by adopting a more system-level solution. Despite the fact that many embedded MCUs are now a part of a larger distributed and connected computing framework, old ways of thinking are slow to change, especially if they work. But the habit of thinking in terms of discrete, point solutions and securing each device may not be the best and most cost-effective way to solve the problem.
A few companies, such as Broadcom, have already realized that and started looking at each MCU and its security as part of a more differentiated, layered security architecture allowing the development of a much more nuanced and lower cost solution.
And although cost of implementation was not its aim, many aspects of the DoD’s Multiple Independent Levels of Security (MILS) specification hold the promise of providing the kind of fault tolerant and fault resilient security framework needed for an open, connected computing environment under threat from all sides.
In both cases, where high levels of security, such as at the perimeter, are needed, tougher, hardier and more expensive algorithms are used. At the core and less sensitive areas, leaner, and lower cost and minimalist security solutions can be employed.
Cascades of change are still occurring in relation to security in the MCU environment and a steady state with established norms and procedures is not here yet. But as they occur, these changes will be followed closely in this column and on this Web site. And your views, news story ideas and contributed article proposals are welcome here.
Embedded.com editor Bernard Cole is also site leader of iApplianceWeb and a partner in the Techrite Associates editorial services consultancy. He welcomes your feedback. Call him at 602-288-7257 or send an email firstname.lastname@example.org.
Good article. I think that indeed, as we grow ever more connected, security on embedded devices will be more and more of a concern. I like your approach of addressing this as a system-wide issue as well. It's too easy to get caught up on securing individual pieces of the puzzle–which is daunting at best.
The only point that I'd take issue with is that you mention that the perimeter might demand the stauncher algorithms and defenses. On the contrary, secure system design typically dictates that you increase security as an attacker moves into your network. In other words, put the best defenses closest to the center.
– LEGO Boy