Security in Embedded systems
7 likes2,900 views
The presentation by Naveen Jakhar discusses the fundamentals of embedded systems, their interfaces, and the importance of security in such systems. It covers the Misra C guidelines for software development, emphasizing safety, portability, and reliability, as well as the rules for compliance and deviations. Additionally, it highlights the need for comprehensive security measures throughout the product lifecycle and identifies various tools and best practices for ensuring security in embedded systems.
![Tools for MISRA Rules Conformance
• Goanna by Red Lizard Software – A software analysis tool for C/C++.
• Rational Test RealTime by IBM - A cross-platform solution for
component testing, static and runtime analysis
• LDRA Testbed by Liverpool Data Research Associates
• Parasoft C/C++test by Parasoft
• PC-Lint by Gimpel Software. MISRA C:1998, C:2004, C:2012,
C++:2008.[13]
• Polyspace by MathWorks
16](https://image.slidesharecdn.com/securityinembeddedsystemspresentation-161222153959/85/Security-in-Embedded-systems-16-320.jpg)
Security in Embedded systems
- 1. Security in Embedded Systems Presentation by: Naveen Jakhar, ITS ADET – 2014 Batch NTIPRIT 1
- 2. Topics covered in this presentation: What is an Embedded system ? What are MISRA C rules ? MISRA C conformance and deviations Tools for MISRA C conformance Embedded Security Rules 2
- 3. Embedded System - an Introduction An embedded system is a combination of computer hardware and software, either fixed in capability or programmable, that is specifically designed for a particular function Industrial machines, automobiles, medical equipment, cameras, household appliances, airplanes, vending machines and cellular phone and PDA are among the myriad possible hosts of an embedded system Embedded systems are designed to do some specific task, rather than be a general-purpose computer for multiple tasks 3
- 4. Embedded System - an Introduction The program instructions written for embedded systems are referred to as firmware, and are stored in read-only memory or Flash memory chips A common array of n-configuration for very-high-volume embedded systems is the system on a chip (SoC) which contains a complete system consisting of multiple processors, multipliers, caches and interfaces on a single chip. SoCs can be implemented as an application-specific integrated circuit (ASIC) or using a field- programmable gate array(FPGA). 4
- 5. Embedded System - Interfaces Embedded Systems talk with the outside world via peripherals, such as: • Serial Communication Interfaces (SCI): RS-232, RS-422, RS-485 etc. • Synchronous Serial Communication Interface: I2C, SPI, SSC and ESSI (Enhanced Synchronous Serial Interface) • Universal Serial Bus (USB) • Multi Media Cards (SD Cards, Compact Flash etc.) • Networks: Ethernet . • Fieldbuses: CAN-Bus, LIN-Bus, PROFIBUS, etc. • Timers: PLL(s), Oscillators, Capture/Compare and Time Processing Units • Discrete IO: aka General Purpose Input/Output (GPIO) • Analog to Digital/Digital to Analog (ADC/DAC) • Debugging: JTAG, ISP, ICSP, BDM Port, BITP, and DB9 ports 5
- 6. Embedded System and Security ? Traditionally, many of the hardware and hardware systems controlled by embedded software have not been easily interfaced with as they had little need to be exposed. Trends like machine-to-machine (M2M) communication, the Internet of Things and remotely-controlled industrial systems, however, have increased the number of connected devices and simultaneously made these devices targets Each communication point is a potential point of entry for hackers End users can't patch embedded systems It is considerably more expensive to fix defects in embedded systems once they're deployed to the field 6
- 7. Embedded System and Security The embedded system is having a hardware component and a software running on top of it So, we need to think of security in both the domains: hardware domain security as well as software domain security The hardware is generally written in HDL languages and for the software we use Embedded C programming The software security standards which are generally referred : MISRA-C Guidelines for Safety Critical Software and Barr Group Embedded C Coding Standard 7
- 8. Basic Embedded Systems Security Rules: A complete product life cycle analysis needs to be performed and life cycle is divided into various stages Possible entry paths for attacks into the system need to be defined and described and kept to a minimum value A risk matrix needs to be built Hardware support layer Secure default configuration : Secure mode, Hyperviser mode and application mode Design and test for security 8
- 9. Software Security- an Introduction Buffer and stack overflow attacks overwrite the contents of the heap or stack respectively by writing extra bytes Command injection can be achieved when New system commands are appended to existing commands by the malicious attack SQL injections use malicious SQL code to retrieve or modify important information from database servers SQL injections can be used to bypass login credentials Sometimes SQL injections fetch important information from a database or delete all important data from a database 9
- 10. MISRA C - an Introduction MISRA stands for Motor Industry Software Reliability Association MISRA C is a set of software development guidelines for the C programming language Its aims are to facilitate code safety, security, portability and reliability, specifically those systems programmed in ISO C / C90 / C99 MISRA C isn't an open standard 10
- 11. MISRA Rules: MISRA Rules can be divided logically into a number of categories: Avoiding using functions and constructs that are prone to failure, for example, malloc may fail Avoiding possible compiler differences, for example, the size of a C integer may vary but an INT16 is always 16 bits (C99 standardized on int16_t) Produce maintainable and debuggable code, for example, naming conventions and commenting Complexity limits and Best Practice rules 11
- 12. MISRA Rules: No reliance shall be placed on undefined or unspecified behaviour: Lots of things in C have undefined behaviour: Divide by zero, Out-of-bounds memory access, Signed integer overflow Conversions shall not be performed between a pointer to a function and any type other than an integral type All automatic variables shall have been assigned a value before being used 12
- 13. MISRA Rules: Identifiers in an inner scope shall not use the same name as an identifier in an outer scope, and therefore hide that identifier int total; int foo (int total) { return 3*total; } The right-hand operand of a logical && or || operator must not contain side effects Functions shall not call themselves, either directly or indirectly 13
- 14. MISRA Rules: The address of an object with automatic storage shall not be assigned to another object that may persist after the first object has ceased to exist An area of memory shall not be reused for unrelated purposes Floating-point expressions shall not be tested for equality or inequality The sizeof operator shall not be used on expressions that contain side effects. eg. sizeof(x++); All object and function identifiers shall be declared before use 14
- 15. MISRA Rules Conformance and Deviations: In order for a piece of software to claim to be compliant to the MISRA C Guidelines, all mandatory rules shall be met and all required rules and directives shall either be met or subject to a formal deviation Advisory rules may be disapplied without a formal deviation, but this should still be recorded in the project documentation Many MISRA C rules can be characterized as guidelines because under certain condition software engineers may deviate from rules and still be considered compliant with the standard. Deviations must be documented either in the code or in a file 15
- 16. Tools for MISRA Rules Conformance • Goanna by Red Lizard Software – A software analysis tool for C/C++. • Rational Test RealTime by IBM - A cross-platform solution for component testing, static and runtime analysis • LDRA Testbed by Liverpool Data Research Associates • Parasoft C/C++test by Parasoft • PC-Lint by Gimpel Software. MISRA C:1998, C:2004, C:2012, C++:2008.[13] • Polyspace by MathWorks 16
- 17. Compilers which support MISRA Conformance: • Green Hills Software • IAR Systems - MISRA C:1998, C:2004, C:2012, C++:2008 • TASKING - MISRA C:1998, C:2004, C:2012 • TI Compilers 17
- 18. Embedded Security Rules: A complete product life cycle analysis needs to be performed and life cycle is divided into various stages Possible entry paths for attacks into the system need to be defined and described and kept to a minimum value A risk matrix needs to be built Hardware support layer Secure default configuration : Secure mode, Hyperviser mode and application mode Design and test for security 18
- 21. Thank You “Language is the principal tool with which we communicate; but when words are used carelessly or mistakenly, what was intended to advance mutual understanding may in fact hinder it; our instrument becomes our burden” 21