WIBU-SYSTEMS

Perfection in Protection, Licensing, and Security

{{ moduleLabel }}
{{ label }}

Put Embedded Security on the List

MarketingWIBU-SYSTEMS AG on February 24, 2023 at 5:24 PM

I recently read an article on the “5 embedded system terms IoT admins must know”. The crux of the article was to familiarize IoT device engineers with the various software, hardware, and signal process components that may be involved during the design phase. In addition to defining the embedded system itself and the various types, such as mobile embedded systems, networked embedded systems, standalone embedded systems, and real-time embedded systems, the article went on to elaborate on four other elements of embedded systems: System-on-a-Chip (SoC), Application-specific integrated circuit, Real-time OS (RTOS), and digital signal processing.

All well and good, and I think IoT admins beginning their journey into IoT design, perhaps for the first time, would do well to heed the authors recommendations. However, I find one key omission to the list, and that is embedded security, or Integrity Protection of the embedded system to be more specific.

Why is it important to consider integrity protection during the design process? Let me explain.

As IoT expands into the industrial field with the rapid emergence of Industry 4.0, embedded systems are increasingly interconnected and communicating over public networks. This greatly expands the attack surface for cybercriminals trying to take advantage of the many vulnerabilities that can be exploited, as proven by the many attacks on critical infrastructure that have recently been reported around the world. At the core of these new IoT and IIoT devices and systems is embedded software that must be protected, to not only prevent the loss of intellectual property, but also the introduction of malware through malicious code tampering – in other words: Ensure the integrity of the system.

Integrity protection encompasses security measures that safeguard system resources, programs, and data against unauthorized manipulation. In general, there are two main challenge points. First, the embedded system can be attacked directly from the Internet. Execution codes can be replaced or modified by malicious code during code updates. Weaknesses in the code itself can also be exploited. Secondly, hackers have access to the same open source information as the developers. With knowledge of the execution code binary structure, hackers can use powerful development/analytical tools to directly modify the code in a static attack. Furthermore, with knowledge of the memory and process architecture, the hacker can initiate a dynamic attack by inserting malicious code into the boot process.

One key security challenge is to guarantee data integrity, bring the system into a safe mode, and stop the execution of all functions as soon as an attack has been detected. There are several methods that can be employed to blunt potential attacks. The integrity of embedded systems can be ensured by encrypting the running code itself and relying on a secure hardware device for key management and state storage. In this manner, the encryption key is securely stored in either a dongle or in software, which then activates and ties the key to a specific device or control system.

Another effective approach is to prevent the loader of the operating system to start any unauthorized code. This also includes protecting the open system platform itself to prevent hackers from installing their own loader. And finally, the BIOS of the embedded system should prevent any loading of an unauthorized operating system.

All of these embedded system protection mechanisms and more are discussed in detail in our white paper, Integrity Protection for Embedded Systems. The white paper further explains how the use of digital certificates securely protects elements such as the boot loader, operating systems, real-time processes and configuration data via chains of trust, thereby enabling integrity protection for embedded software.

To discuss these aspects in greater detail and learn which solutions are available in the market, we also recommend joining our team at the upcoming edition of Embedded World in Nuremberg, Germany. There, we’ll hold a lecture on how we empower embedded and IoT businesses with IP protection and licensing and you can have private discussions about your projects with our security professionals.

Login or register now and enjoy all the benefits of a community!

To get the whole functionality of IndustryArena Forum you need to login or register. This process is absolutely free.

Password forgotten?
Contact request
Guest Photo
Your message
The controller within the meaning of Art. 4(7) GDPR is: IndustryArena GmbH, Katzbergstraße 3, 40764 Langenfeld, Germany.
You may reach our data protection officer under [email protected].

Purpose of processing
We process your personal data concerning the use of the contact form and the communication with the company of the newsroom as well as the transmission of your data to this company in accordance to Art. 6 (1a) GDPR. This constitutes a legitimate interest for us in accordance to Art. 6 (1f) GDPR.

Recipient of the data
Within our organization, those units gain access to your data, which are necessary to fulfil the above purposes.
Personal data will only be transmitted to third parties if this is necessary for the aforementioned purposes or if another legal basis exists. If necessary, we conclude the corresponding data protection agreements with third parties, in particular pursuant to Art. 28 GDPR.

Data storing
Your data will be transmitted to the company of the newsroom for further processing. The period of storing is the duration of the processing of your request by the respective company.

Select contact person

Newsroom Logo

Design options

  • Title text color:
  • Content background:
  • Content text color:
  • Navigation background:
  • Tab text color:
  • Active tab text color:
  • Link text color:
  • Active link text color:
  • Background image Background color:

    How do you want to position the background-image?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the background image

  • Banner

    How do you like to align the banner?

    Please note: Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.

    Set the link for the banner

  • Skyscraper

    Set the link for the skyscraper

Please note:

Banners and skyscrapers are only saved for the current language. For other languages, change the language using the button at the top right.