(Source: Nikolay N. Antonov - stock.adobe.com)
While embedded systems tend to lack the processing horsepower of servers or even modern personal computers, the sheer number of devices is making them an increasingly valuable target for bad actors looking to run illegal botnets and cryptocurrency mining operations. One of the first major security-related wake-up calls for embedded system designers was the 2016 Nest thermostat botnet attacks. Given the consumer-facing nature of the particular Internet of Things (IoT) coupled with an increased sensitivity regarding privacy and security; the Nest botnet caused a huge amount of discussion. Those discussions tended to center on how companies should build security into their low-cost IoT products and how consumers can safely operate the devices in their homes and businesses.
With the growing threat of cyberattacks, it is essential that developers keep security considerations in mind throughout the design process. By following some practical tips and recommendations, developers can guard against a wide range of attack scenarios. Read on for an outline of security measures developers can use in their embedded designs.
While there are numerous chip architectures, operating systems, and communications protocols; many IoT devices tend to be built around Arm®-based architectures, and if they run an OS it tends to be a Linux distribution. This commonality is good in many ways; lower costs and faster development times; it also comes with quite a few negatives. Attack vectors tend to become “one-size-fit-all”, especially for devices running a Linux-based OS. To mitigate the threats associated with widespread devices that share a common architecture, developers should implement the following “quick win” security design principles:
Physical access to a device tends to be the game-over situation for devices. That doesn’t mean that there aren’t things that can be done to make it harder physically exploit these types of devices. Entire books have been written on making circuit boards and associated enclosures tamper-resistant but for a few “quick wins” consider the following physical design rules-of-thumb to harden your device:
Some of the following recommendations might be a bit much for consumer-grade IoT devices. However, as we will elaborate on later, industrial control systems and defense systems would likely benefit from these more robust physical security measures:
It should be noted that there is quite a dichotomy between the paradigms of security and openness. Security values obfuscation. Open hardware values understanding. Regardless, keep in mind the old adage that locks only keep honest people honest, and so too with security-at-large. For more information on how to build secure IoT devices, visit the Open Web Application Security Project (OWASP) IoT Project.
Even if a manufacturer could implement all the best secure design principles in their product, they would be mostly for naught if the end-user does not operate their device in a secure manner.
Consumer-facing IoT products may be plentiful, but their industrial counterparts, collectively referred to as Industrial Control Systems (ICS) manage numerous extremely important and potentially dangerous processes. Everything from energy production to factories uses embedded digital technology (referred to as Operational Technology or OT; in contrast to office-centric Information Technology or IT) to control the facilities and associated machinery responsible for performing the various processes. The ICS environment is sufficiently different from a strict IT environment that special considerations for hardening OT devices and ICS networks are warranted. The most fundamental principle is that ICS should not have a connection to the internet. While this seems like a no-brainer, it is surprising how often this fundamental rule is violated. For more information on how to secure ICS networks and devices, there are two security frameworks you should review: MITRE ATT&CK for ICS and the MITRE ATT&CK for Enterprise.
The nature of where ICS systems are typically found (e.g., areas that are environmentally, chemically, or otherwise hazardous) means ICS has been designed to prioritize the availability of the systems over confidentiality. From a positive perspective, this typically means there are redundant systems and those systems are designed to fail safely. However, ICS systems can be left in operations for several decades and may not always be kept up-to-date. In addition, many of the protocols are older and were built with efficiency, not security in mind. Bottom line, security in the ICS or IIoT space is uniquely challenging and best practices may be difficult to implement. However, embedded developers for such machinery should be cognizant of the need to modernize their design practices and incorporate security into future designs and not treat it as a bolt-on afterthought.
Michael Parks, P.E. is the co-founder of Green Shoe Garage, a custom electronics design studio and embedded security research firm located in Western Maryland. He produces the Gears of Resistance Podcast to help raise public awareness of technical and scientific matters. Michael is also a licensed Professional Engineer in the state of Maryland and holds a Master’s degree in systems engineering from Johns Hopkins University.
Privacy Centre |
Terms and Conditions
Copyright ©2023 Mouser Electronics, Inc.
Mouser® and Mouser Electronics® are trademarks of Mouser Electronics, Inc. in the U.S. and/or other countries.
All other trademarks are the property of their respective owners.
Corporate headquarters and logistics centre in Mansfield, Texas USA.