The future of connected device security

31 July 2012 David Kleidermacher The electronics world is seeing rapid growth in sophistication, driven by M2M intelligence, multimedia capability, Internet connectivity, and high value financial transactions. These capabilities imply juicy attack vectors (the network) as well as a more…

31 July 2012

David Kleidermacher

The electronics world is seeing rapid growth in sophistication, driven by M2M intelligence, multimedia capability, Internet connectivity, and high value financial transactions. These capabilities imply juicy attack vectors (the network) as well as a more attractive target for hackers, generating new security requirements that electronics designers must learn and embrace.

This article discusses some of the important emerging security requirements, and practical implementation guidance, for designers. Topics include hardware and software roots of trust, data storage protection, and secure network connectivity.

Security Trends for Connected Devices

Complexity
One of the first electronic systems within an automobile was the 1978 Cadillac Seville’s trip computer, run by a Motorola 6802 microprocessor with 128 bytes of RAM and two kilobytes of ROM. The printed source code could not have occupied more than a handful of pages.

Today, even the lowest end automobile today contains at least a dozen microprocessors; highest end cars are estimated to contain approximately 100 microprocessors. With infotainment systems running sophisticated operating systems such as Windows and Linux, the total electronics software content can easily exceed 100 million lines of code.

While this electronics evolution has been beneficial to society, the growth is also a key source of our security woes: many of the problems relating to loss in quality, safety, and/or security in electronics can be attributed to the growth of complexity that cannot be effectively managed.

Connectivity
Another clear trend in electronic systems is the addition of network connectivity, enabling, for example, remote management and the ability to field upgrade software.

In 2010, General Motors introduced a feature to enable car owners to manipulate the locks and start the engine using a smart phone. Should consumers be worried about the security impact of this connectivity? Just prior to GM’s announcement of the smart phone feature, a team of university researchers published a study demonstrating how such a car’s critical systems – brakes, engine throttling, etc. – could be maliciously tampered with by exploiting vulnerabilities in the car’s electronicsi. Researchers are now demonstrating attack vectors over wide area networks, such as the telematics connection.

Attack Threat
The increasing reliance of electronic systems in commerce, critical infrastructure, and life-critical function makes them attractive to well-funded and determined attackers. Industrial control systems managing nuclear reactors, oil refineries, and other critical infrastructure present opportunity for widespread damage.

Stuxnet infiltrated Siemens process control systems at nuclear plants. The worm is likely the first malware to directly target electronic process control systems and demonstrates incredible sophistication potential in modern electronics security attacks. Stuxnet demonstrates the need for improved security skills within the electronics design community.

Microprocessor Consolidation
Another security-impacting trend is processor consolidation. A good example is the modern automobile, where skyrocketing electronics content poses a significant production cost, physical footprint, and time to market challenge for manufacturers. The response is to reverse the trend and merge disparate functions into a fewer number of electronic components. Consolidation requires the proper systems architecture to ensure that these components do not interact in unforeseen ways, posing a reliability risk.

For example, consolidating the infotainment head-unit with rear-view camera and advanced driver assistance systems (ADAS):

Because it can share the center stack computer’s audio and video capability, the rear-view camera module is a natural candidate for consolidation yet is considered a safety-critical function. All of these trends point to a need for designer security training and the incorporation of critical security technologies to help manage complexity and provide protection capabilities.

EDN