The Future of Embedded and IoT Security: Kaspersky Operating System
15 likes25,105 views
The document discusses the increasing vulnerability of IoT and embedded systems to cyber security threats, emphasizing the need for secure operating systems. It outlines the advantages of KasperskyOS, a microkernel-based operating system designed with security principles such as environment isolation and strict control of inter-module communications. The document also highlights various use cases for KasperskyOS and related technologies in sectors like telecommunications, automotive, and industrial IoT.
The Future of Embedded and IoT Security: Kaspersky Operating System
- 1. THE FUTURE OF EMBEDDED AND IoT SECURITY: KASPERSKY OPERATING SYSTEM
- 2. THE INTERNET OF THINGS AN EXPLOSION OF CONNECTED POSSIBILITIES Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System2 BILLIONSOFDEVICES 50 40 30 20 10 0 90 92 94 96 98 00 02 04 06 08 10 12 14 16 18 20 YEAR 1992 1,000,000 2003 0.5 BILLION 2009 IoT INCEPTION 2012 8.7 BILLION 2014 14.4 BILLION 2015 18.2 BILLION 2017 28.4 BILLION 2016 22.9 BILLION 2018 34.8 BILLION 2019 42.1 BILLION 2020 50.1 BILLION 2013 11.2 BILLION
- 3. RICH IoT DEVICES ARE THE MOST VULNERABLE Things Sensor & Actuator Processing Communication Local Network Gateway(s) Wired/wireless Power line BAN, PAN, LAN The Internet Back-End Services Remote Server User access and control Business Data Analysis Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System3
- 4. IoT ATTACKS MIRAI Mirai was initially discovered in August and its name comes from the discovered binaries called “mirai.()”. It is an ELF Linux executable and focuses mainly on DVRs, routers, web IP cameras, Linux servers, and other devices that are running Busybox, a common tool for IoT embedded devices. BASHLITE Infects Linux systems in order to launch distributed denial-of- service attacks (DDoS). In 2014 BASHLITE exploited the Shellshock software bug to exploit devices running BusyBox. In 2016 it was reported that one million devices have been infected with BASHLITE. Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System4
- 5. Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System5 THE MAIN PROBLEM OF IoT FROM A CYBER SECURITY POINT OF VIEW Human mistakes Use of 3rd party software and libraries Software Complexity (Number of lines of code increasing dramatically) INSECURE DESIGN VULNERABILITIES Time to market pressure INSECURITY OF CONVENTIONAL OPERATING SYSTEMS
- 6. Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System6 WHY CONVENTIONAL OPERATING SYSTEMS ARE NON SECURE Monolithic system where any module can call any other By exploiting the arbitrary code execution vulnerability it is possible to call any other module, regardless of security settings Uncontrolled use of 3rd party libraries Adversaries can get control over a whole system with the help of only one vulnerability Poor security settings due to various reasons (lack of expertise, laziness, lack of time…) Big attack surface Interactive user Device Driver Libraries Commands Application Programs OS System Call Interface … Device Driver Device Driver … DriverInterface Trap Table Monolithic Kernel Module Process Management Memory Management File Management Device Mgmt Infrastructure
- 7. HOW WE SECURE EMBEDDED SYSTEMS
- 8. Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System8 HOW TO FIX THE PROBLEM Make an environment that simply won't allow the program to perform undeclared functions and prevent the exploitation of vulnerabilities. THE MAIN PRINCIPLES OF SECURE OS Secure by design system MILS with reference monitor approach Microkernel based Meets specific requirements for embedded systems
- 9. SPECIFIC REQUIREMENTS FOR EMBEDDED OPERATION SYSTEMS SMALL SIZE AND MINIMUM RESOURCE USAGE Most embedded systems use limited hardware recourses (RAM, ROM, CPU) OUT OF THE BOX SECURITY Most embedded systems have (almost) unique security requirements. It is necessary to reduce time to market and reduce the efforts that need to be put into security settings Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System9 STABLE WORK EVEN UNDER ATTACK One has to think about possible threats and threat vectors in advance COMPLIANCE WITH INDUSTRY STANDARDS A system has to be designed and developed in accordance to industrial safety and security standards.
- 10. Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System10 KASPERSKYOS // OVERVIEW Designed for embedded connected systems with specific requirements for cyber security Based on the separation kernel which guarantees the control of all internal system communications The behavior of every module is pre described via security policies MILS architecture Domain separation/isolation Flexible internal communications control via Kaspersky Security System (KSS)
- 11. Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System11 KASPERSKYOS // SPECIFICATIONS Microkernel based OS from the in-house development team at Kaspersky Lab Static security configuration MILS architecture Separate business applications from security (easier to develop and support, decrease time to market, increase security and safety) Maximum level of control due to minimum security domains granularity (every single module/driver could be set as security domain) POSIX API compatible (well 98% of the API) Runs on Intel x86, x64 and ARM (v6, v7, v8)
- 12. Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System12 KASPERSKYOS - TRUSTED. FLEXIBLE. SECURE. KasperskyOS is the foundation from which to build a trusted platform – it will not allow untrusted/ malicious/ undocumented code to run, due to strict security policies Set any type of security policy and combine different types of policies. Use one OS for different appliances – saving time on education and implementation Due to separation, functional code and security can be worked on in parallel. This saves time to market without sacrificing anything. Improve safety because of strict security policies that describe the behaviour of a system TRUSTED FLEXIBLE SECURE
- 13. BENEFITS OF KASPERSKYOS INHERENT SECURITY KasperskyOS is an operating system that is secure by design and we intend to keep it that way by using the best practices of software development FLEXIBLE SECURITY CONFIGURATION Well-designed configuration tools make it easy to create declarative rule definitions and combinations of rules to control interactions in the system Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System13 VERSATILE MODULAR ARCHITECTURE Building the system based on loosely coupled modules helps to minimize the amount of trusted code and tailor each solution to the customer’s specific needs SEPARATION OF APPLICATION FEATURES FROM SECURITY FUNCTIONS The security architecture is designed to separate security functions from application business logic, making both configuring security policies and developing applications easier
- 14. KASPERSKYOS IMPLEMENTATIONS Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System14 Our technologies help developers and manufacturers of complex embedded systems to secure their future revenue by minimizing the risks associated with cyber incidents and malicious software. We have developed a set of products that suit different client needs and follow the same security principles (separation and isolation of security domains and strict control of inter domain communications): KasperskyOS Kaspersky Secure Hypervisor Kaspersky Security System for Linux
- 15. TECHNOLOGIES THAT ARE FIT FOR EVERY PURPOSE TO SECURE EMBEDDED SYSTEMS Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System15 Level of control Amountofextrawork Kaspersky OS Most secure solution (all components are isolated and controlled) Requires rethinking and redevelopment of architecture of every component Requires (at least) porting of applications or complete rewriting of them Limited support of hardware (embedded systems only)
- 16. TECHNOLOGIES THAT ARE FIT FOR EVERY PURPOSE TO SECURE EMBEDDED SYSTEMS Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System16 Level of control Amountofextrawork Kaspersky OS Most secure solution (all components are isolated and controlled) Requires rethinking and redevelopment of architecture of every component Requires (at least) porting of applications or complete rewriting of them Limited support of hardware (embedded systems only) Level of control Amountofextrawork Good level of security (isolation of VMs and critical functions, limited control of communications) Requires rethinking and redeveloping of applications’ architecture only Kaspersky Secure Hypervisor Requires re/development some critical functions Wide range of hardware supported (not only embedded systems) Kaspersky OS
- 17. TECHNOLOGIES THAT ARE FIT FOR EVERY PURPOSE TO SECURE EMBEDDED SYSTEMS Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System17 Level of control Amountofextrawork Kaspersky OS Most secure solution (all components are isolated and controlled) Requires rethinking and redevelopment of architecture of every component Requires (at least) porting of applications or complete rewriting of them Limited support of hardware (embedded systems only) Level of control Amountofextrawork Good level of security (isolation of VMs and critical functions, limited control of communications) Requires rethinking and redeveloping of applications’ architecture only Kaspersky Secure Hypervisor Requires re/development some critical functions Wide range of hardware supported (not only embedded systems) Kaspersky OS KSS for Linux Good level of security (isolation of Linux containers, control only inter container communications) Only requires the rethink and redevelopment of application architecture Requires minimum re/development Runs on virtually all Linux systems with container support Kaspersky Secure Hypervisor Level of control Amountofextrawork Kaspersky OS
- 18. TECHNOLOGIES THAT ARE FIT FOR EVERY PURPOSE TO SECURE EMBEDDED SYSTEMS Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System18 Most secure solution (all components are isolated and controlled) Requires the rethinking and redevelopment of the architecture of every component Requires (at least) the porting of applications or their complete rewrite Limited support of hardware (embedded systems only) Good level of security (isolation of VMs and critical functions, limited control of communications) Only requires the rethinking and redevelopment of application architecture Requires re/development of some critical functions Wide range of hardware supported (not only embedded systems) Good level of security (isolation of Linux containers, controls only inter container communications) Only requires the rethinking and redevelopment of application architecture Requires minimum re/development Runs on virtually all Linux systems with container support KASPERSKYOS SECURE HYPERVISOR KSS FOR LINUX
- 19. USE CASES Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System19 Telecoms and Network Equipment IoT and Industrial IoT Connected Cars Endpoints POS Terminals Linux Systems Security Enhancement
- 20. USE CASES – TELECOM EQUIPMENT Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System20 Secure boot ensures integrity of OS and applications Isolation of every single module Minimize impact of vulnerabilities, malware protection Protection of sensitive data (i.e. encryption keys) KASPERSKYOS Trusted platform Secure by design: Network Routers & switches, Firewalls, VPN Internet Security Domain 0 Network Driver Security Domain 1 Network Stack Security Domain 3 SSH Security Domain 2 Web server Security Domain 5 Storage Security Domain 4 Telnet KasperskyOS uCore + KSS Request for security verdict to allow this domain to send datagram to another domain
- 21. USE CASES – IoT Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System21 Isolation of every single module Minimize the impact of vulnerabilities Protection of sensitive data (i.e. encryption keys, user’s data, secure storage) Secure boot Secure by design system (the only way to secure IoT devices) 1. Smart CCTV cameras (processes images on a device and sends processed data to a server) 2. Smart hubs (all sensors and end devices connect to these) EXAMPLE Connected to the Internet and powerful enough (not MCU based) devices like: KASPERSKYOS
- 22. USE CASES – CONNECTED CARS Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System22 Isolation of infotainment from safety critical system (advanced driver assistance systems, AUTOSAR) Minimize impact of vulnerabilities in every domain Protection of sensitive data (i.e. encryption keys, logs, telematics data) from unauthorized access Secure boot and protection against the unauthorized modification of firmware and software (i.e. malware infection, and unauthorized modifications) Secure by design system Can be used in central gateway, head unit or specific ECUs KASPERSKY SECURE HYPERVISOR
- 23. USE CASES – ENDPOINTS Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System23 No or limited and controlled data exchange between VMs Integrity checking of software Trusted boot Bootkit and rootkit protection Control of access to external devices Reduce TCO (need one PC instead of two) Two virtual machines First one with access to sensitive data (internal domain) Second one with access to the Internet and access to public services (external domain) o Truly said this is not ordinary PC. It has to have 2 network cards and 2 HDDs Trusted domain Untrusted domain Trusted domain Administrative service Application SSL/TLS Certificate storage Access service Request handshake Give permissions Kaspersky Secure Hypervisor KASPERSKY SECURE HYPERVISOR
- 24. USE CASES – NETWORK EQUIPMENT Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System24 Secure storage for encryption keys (can be protected from the access of unauthorized software and hardware) Separation of functional modules like web anti-virus, content filtering, mail anti-virus, cloud storage (can be sold separately with different licenses) VPN appliances UTMs KASPERSKY SECURE HYPERVISOR
- 25. USE CASES – POS TERMINALS Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System25 Dealing with credit cards (protection of CC data read from a card)) Bank communications Secure storage (audit, securely sending trusted data to management or regulator) Bring security sensitive functions to the Security Service, for example: Helps with PA DSS compliance POS software integrity checking Kaspersky Secure Hypervisor Domain Untrusted application Trusted code Sensitive data Memory protection feature unable to modify protect memory pages KASPERSKY SECURE HYPERVISOR
- 26. USE CASES – LINUX SECURITY ENHANCEMENT Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System26 Secure remote device updates & reconfiguration Separation of duties between components and remote agents (like OEMs and consumers) Sandboxing untrusted components In-depth system hardening with enforced security properties on inter components communications Use cases: PLCs / Industrial IoT devices IoT equipment KASPERSKY SECURITY SYSTEM
- 27. QUESTIONS? Kaspersky OS Securing Embedded Communications