Security as a New Dimension in Embedded System Design

1
Security as a New Dimension in Embedded System
Design

• Presented by Vivek Srikantan
• Authors
• Paul Kocher
• Ruby Lee
• Gary McGraw
• Anand Raghunathan
• Srivaths Ravi

2
Embedded Systems Design Metrics

• Performance
• Power
• Cost
• Size
• And
• SECURITY

3
Factors affecting the security implementation in
Embedded Systems

• Resource Constraint
• Increasing range of attack techniques
• Processing capabilities of the embedded systems
• Power consumption
• Flexible architecture

4
Security Requirements

• Varies depending on whose perspective is
  considered
• Ex Cell Phone
• Manufacturer
• Service provider
• Content provider
• End user

5
Security Mechanisms

• Symmetric Ciphers
• Secure Hash Algorithms
• Asymmetric Algorithms

6
Security Mechanisms

• Secure communication protocols
• Digital Certificates
• Digital Rights Management

7
Types of Security Attacks

• Software Attacks
• Physical and Side-channel Attacks

8
Software Attacks

• Three Factors or Trinity of Trouble
• Complexity
• Extensibility
• Connectivity

9
Securing against software attacks
10
Physical and Side Channel Attacks

• Invasive Attacks
• Non-invasive Attacks

11
Invasive Attacks

• Physical Attacks
• De-packaging
• Layout reconstruction
• Micro probing or e-beam microscopy

12
Non-Invasive Attacks

• Timing Analysis
• Power Analysis
• Simple Power Analysis
• Differential Power Analysis

13
Architectures for Security

• Security Processing Architectures
• Attack Resistant Architectures

14
Security Processing Architectures

• Hardware only approach
• - Cost Effective
• Software only Approach
• - Processing Gap
• - Battery Gap
• Hybrid Approach

15
Attack-Resistant Architectures

• Strong process isolation
• Sealed memory
• Platform attestation
• Secure path to the user

16
Conclusion

• Security is currently specificed in a vague
  manner
• Time-to-market pressures
• Constrained resources
• Trade-offs