Skip to main content
main-content

Über dieses Buch

New generations of IT users are increasingly abstracted from the underlying devices and platforms that provide and safeguard their services. As a result they may have little awareness that they are critically dependent on the embedded security devices that are becoming pervasive in daily modern life. Secure Smart Embedded Devices, Platforms and Applications provides a broad overview of the many security and practical issues of embedded devices, tokens, and their operation systems, platforms and main applications. It also addresses a diverse range of industry/government initiatives and considerations, while focusing strongly on technical and practical security issues.

The benefits and pitfalls of developing and deploying applications that rely on embedded systems and their security functionality are presented. A sufficient level of technical detail to support embedded systems is provided throughout the text, although the book is quite readable for those seeking awareness through an initial overview of the topics. This edited volume benefits from the contributions of industry and academic experts and helps provide a cross-discipline overview of the security and practical issues for embedded systems, tokens, and platforms. It is an ideal complement to the earlier work, Smart Cards Tokens, Security and Applications from the same editors.

Inhaltsverzeichnis

Frontmatter

Errata to: Secure Smart Embedded Devices, Platforms and Applications

Without Abstract
Konstantinos Markantonakis, Keith Mayes

Errata to: Secure Smart Embedded Devices, Platforms and Applications

Without Abstract
Konstantinos Markantonakis, Keith Mayes

Embedded Devices

Frontmatter

Chapter 1. An Introduction to Smart Cards and RFIDs

Abstract
Security systems often include specialised modules that are used to build the foundations of attack-resistant security. One of the most common modules has been the smart card; however, there are often misconceptions about the definition of the smart card and related technologies, such as Radio Frequency Identification (RFID), as well as the requirement and justification for using them in the first place. These misconceptions are fuelled by the ever evolving nature of applications, security technology, personal devices and the growing threats that they must deal with. There is also a question of whether smart cards/RFIDs should really be in a book about embedded security, but we will see that the “embedded” aspect is growing ever stronger especially with developments in the mobile phone area. This chapter will consider a range of smart cards and RFIDs, and associated applications. It will also briefly cover the traditional manufacture, personalisation and management aspects, illustrating how they are challenged by new mobile developments.
Keith Mayes, Konstantinos Markantonakis

Chapter 2. Embedded DSP Devices

Abstract
As a consequence of the rapid surge in digital signal processing (DSP) technologies, DSP components and their specific algorithms continue to find uses in broad application areas, including the embedded systems arena. Embedded systems generally refer to systems that include dedicated hardware and computationally specific software. When several fundamental components of an embedded system are integrated onto a single silicon substrate it is referred to as a system-on-chip (SoC). These embedded systems, including SoCs, can either stand-alone or seen as a subsystem of a much larger and/or complex system. However, these systems are not without constraints, and constantly need to adapt to the drawbacks associated with limited hardware, restricted computational power and fewer resources. Recently, there has also been an increased interest in the use of field-programmable gate arrays (FPGAs) and application-specific instruction-set processors (ASIPs) within embedded DSP devices. This can be seen as a trade-off between size, speed and flexibility, with the latter being the driving force. Embedded DSP devices have proliferated through society so much so that we have become virtually oblivious to their impact. Among the countless applications of embedded systems, some products that require a DSP component include our mobile phones, digital radios, digital televisions, digital satellite set-top boxes, DVD players, MP3 players, heart-rate monitors, GPS navigation devices and automotive control systems. This chapter gives a brief introduction into the theory of DSP, followed by a more detailed examination of the architectures, implementations, security and applications within real-time embedded systems.
Serendra Reddy

Chapter 3. Microprocessors and Microcontrollers Security

Abstract
This chapter will consider the chip architectures used in embedded security; how they have evolved over the past three decades, the current designs, and the future trends. The chapter will consider the evolution of the microcontroller Central Processing Units (CPU) cores such as the 8051, 6805. It will look at the wide range of innovative and reduced instruction set designs, including popular off-the-shelf microcontroller designs, microprocessors, and digital signal processors. It will also consider other reduced instruction set designs, with reference to known attacks and options for protection. It will look at the vulnerability of functions within the chips such as memories and interfaces, and possible enhancements. Further security measures for different memory types will be reviewed. Enhanced security concepts using defensive designs, anti-tampering measures, and other hardware protection are discussed.
Chris Shire

Chapter 4. An Introduction to the Trusted Platform Module and Mobile Trusted Module

Abstract
The trusted platform module (TPM) is a tamper-resistant component that provides roots of trust in secure computing and remote attestation frameworks. In this chapter, we briefly discuss the TPM architecture, operations and services. The discussion is then extended to the mobile trusted module (MTM)—to contrast and compare different approaches to implement a trusted platform architecture. This illustrates the vital role the ecosystem of a computing platform plays in the architectural design decisions regarding the root of trust in a trusted platforms.
Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes

Chapter 5. Hardware and VLSI Designs

Abstract
Efficient and secure hardware implementations have become a very popular topic during the last decades. In this chapter, we discuss the fundamental design approaches to successfully implement integrated circuits (ICs) as well as testing methods and optimization techniques to achieve an adequate solution for various application scenarios. A major topic handled in this chapter is security in the context of hardware implementations. We elaborate on the characteristics of modern CMOS circuits with regard to side-channel attacks and we discuss possible countermeasure approaches against such attacks. Furthermore, we describe a comprehensive practical example of combining cryptographic instruction set extensions with hardware countermeasures on a modern 32-bit processor platform. In the last section of this chapter, we argue about the assets and drawbacks of implementing test structures in digital circuits with regard to unintentionally opening security holes as well as about intentionally introducing malicious hardware structures, also called hardware Trojans.
Mario Kirschbaum, Thomas Plos

Generic Security and Processing Platforms

Frontmatter

Chapter 6. Information Security Best Practices

Abstract
We are increasingly reliant on the use of IT systems in our normal day- to-day business and personal activities. It is of paramount importance that these systems are sufficiently secure to protect sensitive, valuable and private data, and associated storage, communications and transactions. Therefore, the design and use of such systems should be in accordance with best practices for information security that have been developed by industry, government and the worldwide expert community. This chapter emphasises the need for system security and goes on to explain technical choices such as algorithms, key size and trust management, and concludes with a real-world case study.
Keith Mayes, Konstantinos Markantonakis

Chapter 7. Smart Card Security

Abstract
In this chapter, a description of the various attacks and countermeasures that apply to secure smart card applications is described. This chapter focuses on the attacks that could affect cryptographic algorithms, since the security of many applications is dependent on the security of these algorithms. Nevertheless, how these attacks can be applied to other security mechanisms is also described. The aim of this chapter is to demonstrate that a careful evaluation of embedded software is required to produce a secure smart card application.
Michael Tunstall

Chapter 8. Graphics Processing Units

Abstract
This chapter introduces graphics processing units (GPUs) for general-purpose computations. It describes the highly parallel architecture of modern GPUs, software-development toolchains to program them, and typical pitfalls and performance bottlenecks. Then it considers several applications of GPUs in information security, in particular in cryptography and cryptanalysis.
Peter Schwabe

Chapter 9. A Survey of Recent Results in FPGA Security and Intellectual Property Protection

Abstract
Field programmable gate arrays (FPGAs) are reconfigurable devices which have emerged as an interesting trade-off between the efficiency of application-specific integrated circuits (ASICs) and the versatility of standard microprocessors [81]. Progresses over the last 10 years have improved their capabilities to the point where they can hold a complete system on a chip (SoC) and thus become an attractive platform for an increasing number of applications (e.g., signal processing, image processing, aerospace, etc.). In view of the important data manipulated by these devices, but also of the high amount of intellectual property (IP) they may contain, security-related questions have arisen. First, can we use FPGAs as security devices for example, securely and efficiently encrypting sensitive data (in particular when compared to software solutions)? Second, how can we guarantee that the IP corresponding to FPGA designs is protected (i.e., cannot be easily counterfeited)? Such questions have been the target of a large number of papers in the literature, including several surveys, example [13, 71, 83]. In this chapter, we take another look at them and review a number of important recent results related to security IPs and IP security in modern reconfigurable devices. The chapter is structured in three main sections. First, we briefly describe the structure of recent FPGAs. Next, we discuss security IPs in FPGAs, taking the example of symmetric encryption with the AES Rijndael, and including their performance evaluations and resistance against physical attacks. Finally, we emphasize recent trends for improving IP security in FPGAs, including bitstream security, the use of code watermarking techniques and the exploitation of physically unclonable functions (PUFs).
François Durvaux, Stéphanie Kerckhof, Francesco Regazzoni, François-Xavier Standaert

Applications and Platform Embedded Security Requirements

Frontmatter

Chapter 10. Mobile Communication Security Controllers

Abstract
Cellular communication via a traditional mobile handset is a ubiquitous part of modern life and as device technology and network performance continues to advance, it becomes possible for laptop computers, Personal Digital Assistants (PDAs) and even electrical meters to better exploit mobile networks for wireless communication. As the diverse demands for network access and value added services increase, so does the importance of maintaining secure and consistent access controls. A critical and well-proven component of the Global System for Mobile Communications (GSM) and Universal Mobile Telecommunications System (UMTS) security solution is the smart card in the form of the Subscriber Identity Module (SIM) or USIM, respectively. However, with the enlarged range of communications devices, some manufacturers claim that the hardware selection, chip design, operating system implementation and security concepts are different from traditional mobile phones. This has led to a suggestion that types of “Software SIM” should be used as an alternative to the smart card-based solution. This paper investigates the suggestion.
Keith Mayes, Konstantinos Markantonakis

Chapter 11. Security of Embedded Location Systems

Abstract
Determining the location and movement of objects or people is a core requirement in a number of embedded systems. To ensure that the location information gathered by embedded devices is accurate, the underlying method of location systems must be secure and reliable. This chapter provides an overview of the basic approaches for determining location information in embedded systems. The resilience of these methods against advanced attacks are discussed, along with proposals for securely verifying physical location estimates. Finally, the security aspects of global navigation space systems (GNSS) used for location information in embedded applications are briefly discussed.
G. P. Hancke

Chapter 12. Automotive Embedded Systems Applications and Platform Embedded Security Requirements

Abstract
Contemporary security solutions in the automotive domain usually have been implemented only in particular applications such as electronic immobilizers, access control, secure flashing, and secure activation of functions or protection of mileage counter. With cars, which become increasingly smart, automotive security will play a crucial role for the reliability and trustworthiness of modern automotive systems. In this chapter, we will introduce the topic of automotive security and provide motivation for security in embedded automotive platforms.
Jan Pelzl, Marko Wolf, Thomas Wollinger

Chapter 13. Analysis of Potential Vulnerabilities in Payment Terminals

Abstract
Payment systems fraud is considered in the center of several types of criminal activities. The introduction of robust payment standards, practices and procedures has undoubtedly reduced criminals’ profit, and significantly hardened their work. Still though, all payment systems’ components are constantly scrutinised to identify vulnerabilities. This chapter focuses on the security of payment terminals, as a critical component in a payment system’s infrastructure, providing an understanding on potential attacks identified in the literature. The attacks are not only limited to those aiming to insult terminals’ tamper-resistance characteristics but also include those that target weak procedures and practices aiming to facilitate the design of better systems, solutions and deployments.
Konstantinos Rantos, Konstantinos Markantonakis

Chapter 14. Wireless Sensor Nodes

Abstract
This chapter addresses the key points of wireless sensor nodes: applications, constraints, architecture, operating systems, and security concerns. It does not pretend to be exhaustive but to provide the major references on these topics.
Serge Chaumette, Damien Sauveron

Chapter 15. Near Field Communication

Abstract
Near field communication (NFC) is a radio frequency (RF) based proximity coupling technology allowing transactions within a range up to 10 cm. With NFC, a key technology is on its way into the consumer’s most personal device, allowing the customer to use his devices for secure services such as payment or ticketing but also for service initiation or data exchange. Interoperability is one of the most important goals to be achieved prior to the roll out of devices and services, in order to satisfy the consumer’s expectations. This chapter deals with different operating modes and use cases that can be implemented with NFC technology with the main focus on mobile phones. This high level description is backed up with a look into the hardware architecture for NFC as well as the software stack in mobile phones. The chapter ends with a description of tags and tag formats for the NFC ecosystem.
Gerald Madlmayr, Christian Kantner, Thomas Grechenig

Chapter 16. The BIOS and Rootkits

Abstract
There exist many documents, guidelines and application-level programs attempting to secure various operating systems (OS), but there is much less documentation and software for protecting lower levels subsystems such as the Basic Input Output System (BIOS). Security professionals are well aware that the security on any system is as strong as its weakest link as an attacker will seek to break into a system with the least amount of effort. In this chapter we will focus on the BIOS, and describe its main functions as well as the potential for attacks and countermeasures. After discussing the BIOS and analysing how it might be compromised, we will go on to consider rootkits. Installing a rootkit is often the next stage of an attack once the BIOS has been compromised, allowing the attack to take full control of the target system. We will discuss what rootkits actually are, how to identify that a system has been infected with a rootkit, and how to try and prevent such attacks in the first place. It should be note that the issues raised in this chapter have also provided justification for specialist hardware security measures such as the Trusted Platform Module (TPM) [13] described in Chap. 4.
Graham Hili, Keith Mayes, Konstantinos Markantonakis

Chapter 17. Hardware Security Modules

Abstract
Hardware Security Modules/(HSMs), also known as Tamper Resistant Security Modules (TRSMs), are devices dedicated to performing cryptographic functions such as data encryption/decryption, certificate management and calculation of specific values such as card verification values (CVVs) or Personal Identification Numbers (PINs). What these devices offer is tamper response, the capability to detect any attacks on their surface and securely delete the sensitive content stored in their memory. Such devices are manufactured to meet specific criteria [e.g. Federal Information Processing Standard (FIPS)] and must be appropriately managed throughout their whole lifecycle. Together with encryption algorithms, cryptographic functions and vendor provided functionalities, they host one or more cryptographic keys that respond to automated or manual commands. Physical security and key management are essential in order to protect the confidentiality and integrity of the keys and these requirements are properly described in various standards. Due to the specific functionality of HSMs, there have been many published attacks via the command interface, which reinforces the need for adequate controls, both physical and logical, around these devices.
Stathis Mavrovouniotis, Mick Ganley

Chapter 18. Security Evaluation and Common Criteria

Abstract
Security evaluation of embedded devices presents a number of challenges, primarily because the relevant attacks for a particular device are determined by the software application that ultimately runs on or uses services from the embedded device, but the device is often designed and evaluated before details of this application context are known. This chapter examines how the common criteria (CC) security evaluation scheme can be used for embedded devices, and how current directions in the evolution of CC provide a particular opportunity to deal effectively with embedded device security.
Tony Boswell

Chapter 19. Physical Security Primitives

A Survey on Physically Unclonable Functions and PUF-Based Security Solutions
Abstract
Physically unclonable functions (PUFs) are an emerging technology and have been proposed as central building blocks in a variety of cryptographic protocols and security architectures. Among others, PUFs enable unique device identification and authentication, binding software to hardware platforms and secure storage of cryptographic secrets. Furthermore, they can be directly integrated into cryptographic algorithms and remote attestation protocols. In this chapter, we give an overview of the concept, properties, and types of intrinsic electronic PUFs, discuss potential attack surfaces and advanced PUF concepts as well as the most common applications of electronic PUFs. Further, we show new directions on logically reconfigurable PUFs (LR-PUFs) and PUF-based remote attestation and discuss open challenges.
Ahmad-Reza Sadeghi, Steffen Schulz, Christian Wachsmann

Chapter 20. SCADA System Cyber Security

Abstract
Modern industrial systems (e.g. power plants, water plants, chemical installation, etc.) make large use of information and communication technologies (ICT). In the past years, those systems started to use public networks (i.e. the Internet) for system-to-system interconnection, to provide new features and services. The migration from the traditional isolated system approach to an open system approach exposed these infrastructures to cyber-threats. The scope of this chapter is provide the reader with an overview of the cyber threats and vulnerabilities affecting the system control and data acquisition systems (SCADA), i.e. those systems in charge for monitoring and controlling the industrial processes, providing indications on possible mitigation techniques.
Igor Nai Fovino

Practical Examples and Tools

Frontmatter

Chapter 21. An Overview of PIC Microcontrollers and Their Suitability for Cryptographic Algorithms

Abstract
The use of microcontrollers is widespread. They occur in most electronic devices, such as point of sale (POS) terminals, ATMs, printers and traffic signals. They can differ from each other in terms of architecture, processing capacity, storage capacity and supported hardware features. The purpose of this chapter is to present a brief introduction to one group of them which can be used for cryptography, the PIC microcontrollers, and give a detailed, practical account of how to investigate their strength against side channel analysis.
Mehari G. Msgna, Colin D. Walter

Chapter 22. An Introduction to Java Card Programming

Abstract
Java Cards support a Java virtual machine that interprets code written in a subset of Java language. This may help programmers with prior knowledge of Java language to program smart cards. However, the programming paradigm of Java Card can be articulated as somewhat different than traditional Java programming. In this chapter, we will provide an introduction to smart card programming using Java Card and the subtleties of a restricted environment on application design.
Raja Naeem Akram, Konstantinos Markantonakis, Keith Mayes

Chapter 23. A Practical Example of Mobile Phone Application Using SATSA (JSR 177) API

Abstract
SIM as a security token is increasingly being used to secure mobile phone applications. Sensitive information such as PIN, security keys, etc are stored on the SIM card. To utilise the SIM functionalities, it is imperative that mobile phone applications interact with applets available on the SIM. The security features for mobile applications operating within the J2ME ecosystem are provisioned by SATSA API Framework. It allows support for cryptography, digital signatures, user credential management, communication with a smart card, and remote method invocation. The SATSA APDU Communication API provides support for mobile phone applications to interact with Java Card applets residing on a smart card, over the ISO7816 interface. This chapter provides a practical example of a mobile phone application implementing SATSA API. A MIDP 2.0 application or MIDlet that utilises the APDU package within SATSA API and a Java Card applet were developed. The MIDlet and applet were tested to work with each other on a PC-based development environment. The MIDlet was tested on Wireless Toolkit Emulator and the Java Card applet was tested on Java Card Platform Simulator. Freely available tools were used to create the above mentioned practical demonstrators.
Lishoy Francis

Chapter 24. Wireless Sensors (Languages/Programming/Developments Tools/Examples)

Abstract
This chapter focuses on three major wireless sensor node technologies (Sun SPOTS, Arduino and TinyOS) to help the reader choose what would best fit his/her applications. Our goal is to provide the basic useful information required to quickly start working (or just playing) with them in less than a few hours.
Jérémie Albert, Lionel Barrère, Serge Chaumette, Damien Sauveron

Backmatter

Weitere Informationen

Premium Partner

    Bildnachweise