API tools faq
paste
Advertisement
shansen1

Security Vulnerabilities of Connected Devices

shansen1
Apr 21st, 2014
54
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 21.72 KB | None | 0 0
raw download clone embed print report
  1.  
  2.  
  3. Security Vulnerabilities of Connected Devices
  4.  
  5.  
  6.  
  7. Sarah Hansen
  8.  
  9. 10/10/2013
  10.  
  11.  
  12.  
  13.  
  14.  
  16. Advancements in processing power and integration have reduced the implementation costs of embedded processing and wireless connectivity. This has led to an explosion of smart and connected devices across industrial, automotive, medical, and consumer market spaces [2, 5]. This new level of connectivity has transformed the internet from a shared network of general purpose computers to an “internet of things.”
  17. The increased connectivity of devices provides a number of valuable benefits including increased convenience and ease of control, but it also increases the possibility that such devices are vulnerable to attacks, theft, and tampering [2, 5]. While at first, the vulnerability of some items may seem silly or unimportant, it is necessary to consider the full extent of devices that could be affected at some point in time and what the ultimate ramifications of compromise might be. There are several categories of products that could be monitored or influenced by unauthorized parties should they be breached. The compromise of any of these devices has the ability significantly to disrupt the daily life of an average family in the US and many other places worldwide.
  18. Consumer devices are one of the most rapidly growing areas of connectivity. A wide range of products such as televisions, refrigerators, and baby monitors now come with connections to the internet. Televisions offer the ability to watch online videos and video chat with people worldwide. Refrigerators can now scan food items as they are added or removed to create and store grocery lists and then send them to the user’s smartphone. Baby monitors can be viewed and heard remotely from laptops or smartphones [3]. All of these devices offer greater user comfort and flexibility simply through their ability to connect.
  19. Another area of rapid development in recent years has been the automobile industry [8, 9]. Over the past few years cars have become more and more computerized with “drive by wire” throttle, braking and suspension systems, analytics providing lane departure and proximity warning, and “infotainment” systems providing radio, cell phone connectivity, and customizable dash boards. While this is an exciting development within the automobile industry which allows for great improvements in safety and some impressive technology that improves the user’s experience, the cost of this technology being compromised may not, in the end, be worth the trouble [8, 9].
  20. Industrial equipment is another area that could be threatened by its vulnerabilities. While at first glance it seems like it would not affect the daily lives of people, this category includes important operations such as traffic control and water treatment.
  21. Medical devices are possibly the scariest devices that could be vulnerable to attacks. Before recent improvements in technology, making any changes to an implanted device required that the user be opened up surgically. Today, implanted medical devices can be connected to wirelessly which allows tweaks or even software updates to be handled with absolutely no physical invasion [8].
  22. So as more and more devices become connected with wireless capabilities, it is important to keep in mind the consequences of leaving these devices unsecure. Without proper planning it becomes difficult to implement steps that could improve the security of devices thus increasing the ultimate cost of these products due to them having to be recalled or updated because of security breaches [1, 5].
  23. Many products made today include cameras which can be accessed via computer, phone, or in other remote ways. These products provide a great service to consumers by allowing them to talk to friends and family across the world through their television, letting new parents keep an eye on their newborn or toddler despite being on the other side of the house, or even giving consumers the peace of mind that their house is safe through security cameras [3, 5]. While all of these products represent great innovations that give consumers extra comfort and enjoyment in their lives, they can be risky if the systems are not properly secured. All of these items have the potential to allow a person to gain video access to the consumer’s home and visibility to the things taking place inside of it. It is important to be sure that the consumer is able to properly use such products and understand the risks involved. After finding a stranger had hacked into a baby monitor and was talking to his 2 year old daughter, the father “felt like somebody broke into [his] house [3].” Though the primary reason for the hacker’s ease of access was that the default settings and password of the monitor had not been changed, this example illustrates the importance of keeping the end user in mind when developing new technology and providing as much security as possible [3]. Without adequate security for these types of devices the privacy of many consumers will be at risk.
  24. Another risk if a device is hacked is the safety of the public who is in the area when a device has been tampered with. Though there are not yet examples where this has been a major problem, a traffic control system could cause many dangerous situations if it were compromised. Take, for instance, a road construction sign could be changed so it no longer warned drivers of lane closures ahead, or lights could be changed so all drivers have the right of way. While no serious incidents have yet occurred, the possibility for a malicious event still exists.
  25. Personal safety is quite possibly the biggest risk that can result from the hacking of consumer devices. Many devices are used for the safety of people, their families, and their homes while others are simply used by families and have an implied sense of safety [5]. For example, in recent years developers have started trying to make homes “smarter” by letting the consumer operate the security of their house (door locks, garage door openers, alarm systems) remotely from their smartphone [5]. By gaining access to such a system, not only could a savvy thief break into a home, but they could do so without setting off any alarms or breaking any windows. Not only does this violate a person’s privacy and make it impossible for the insurance company to find proof of an entry, but it could pose a real physical threat to a family [5].
  26. Along with smart homes, automobiles have similar risks. Cars are now using onboard computers to run almost everything from the stereo system, to braking, to keyless starts [9]. Like many products, it is difficult in automobiles to “preserve the benefits but minimize the risks” especially since many of the risks are very great [9]. Even without distractions and problems, cars and their drivers can be a danger on the road. With recent advances in capabilities and complexity of automobile entertainment systems, one can envision accidentally downloading malware into a car which “turns the volume all the way up” causing “a major distraction and chaos” within the car [10]. Though to some this may not seem like such a major problem, it is conceivable given the connectivity within cars; once access has been achieved a similar attack could be applied to more critical systems such as the brakes or tire pressure sensors [10].
  27. One of the major concerns to personal safety comes in the usage of implanted medical devices. Many of these devices including insulin pumps and pacemakers “can now connect wirelessly, which makes them vulnerable to hacking” and tampering [8]. While no actual attacks have yet occurred, several people, including Barnaby Jack and Jay Radcliffe, have been able to show how even the top brands of insulin pumps, pacemakers, and other medical devices can be adjusted without even making contact with the victim [8]. Unlike personal computers or phones which can be updated whenever necessary, “a key problem is the [medical devices] can’t currently be updated without being recalled” which could cause a great deal of hassle for its users [8].
  28. Though it may not be one of the primary concerns for the public or a household, the financial consequences of industrial manufacturing equipment that is not secure could break a company. Hacking of industrial manufacturing equipment could result in the destruction of costly equipment or disrupt production resulting in significant financial losses for a company. If a company thinks themselves immune to attacks because they are unknown or small, they are wrong. Though they may not be as popular as a large company, their information and systems are most likely more vulnerable.
  29. Many of the reasons for tampering with a consumer’s device are aimed directly at harming the consumer or people around them however, as humorous as it may sound, another reason is simply for annoyance. A person adding silly items to the grocery list on a “smart” refrigerator or taking control of an expensive bidet may be the extent of what consumers have to deal with at the moment, but there could come a time when more serious consequences become a concern.
  30. A general consensus among many developers is that, until just recently, security has been all but ignored in the development and manufacturing of these various products [1]. If security was considered at all, it was as an afterthought. “Security is becoming a de-facto requirement in the embedded industry” which adds to the embedded design costs significantly [7]. Though the breadth of security issues within connected devices may seem extensive, there are several steps that can be taken to help lessen or prevent the chances of a security breach. Security needs to be considered as an end to end process; it begins when the device is first envisioned and continues even after it is in the consumer’s hands.
  31. Security must begin at the start of the device manufacturing process; “security needs to become an integral part of system design, specific technology selections, application development processes, and even application management tasks such as patching and upgrades [2].” This means that developers need to look at the security at every level to create one cohesive system [2].
  32. Security implementation begins at the hardware (silicon) level [2]. One way that this is done is through the use of virtualization. Virtualization creates a replicated or virtual version of something as a substitute for the actual version of it. For example, a virtual hardware platform decouples code from accessing hardware resources directly and instead restricts the code to only a simulated version of the hardware. More secure code (such as the operating system) then translate only allowed accesses from this virtual world back to the physical world. Thus, virtualization can be used to “separate the physical interface from the control operating system” which “can provide significant security improvements” by making it more difficult to affect multiple parts of the system at one time [2]. For example, if the infotainment system, which is composed of the information and entertainment portions of the car, of a smart car was compromised, virtualization would prevent this breach from also compromising the steering or braking. Hardware firewalls can also be used in conjuncture with virtualization to prevent unauthorized processes from accessing restricted portions of the hardware. This would prevent a compromised application, such as malware posing as a video game that has permission to access the display screen, from also accessing another resource such as the GPS receiver to extract information about the user’s location.
  33. The next level of security comes at the firmware level. The objective here is to establish a root trust or have a trusted boot. This provides a known and trusted state for the device and helps prevent an attacker from modifying the application code and causing the device to “run code which it was not intended to run [7].” Secure boot works by creating a hash of the software image and signing it using the manufacturer’s private key. When the system boot runs, a new hash is created of the software image and the system uses the manufacturer’s public key to ensure that the new hash matches the old [7]. “Even a single bit modification of the software image will lead to a different hash and as a result will lead to Secure Boot failure [7].” As a ROM based function, this ensures “that an attacker cannot intercept the procedure [7].”
  34. “Cryptographic algorithms are an essential building block of a robust security solution,” however on the software level, security cannot be successful with cryptography alone [7]. The next step is to protect the manufacturer’s public key against modifications to keep the authentication and root trust from being broken. It is possible for an attacker to create their own private-public key pair that allows them to load new software into the system which would result in software being run which was not meant to be run [7].
  35. The best way to prevent this is to secure the manufacturer’s public key storage [1]. This is where cohesion and planning between the hardware and software comes into play. One way to address this issue is to store the public key on external flash while the hash value of the key is stored on-chip in One-Time-Programmable (OTP) technology memory [7]. This solution allows a different private-public key pair to be used for every device without implementing a large number of required OTP bits [7]. It is also important that a Software Version Revocation mechanism is included in systems that are long lived. This allows the manufacturer to advance the system to a new firmware version and prevent roll back [7]. Without Software Version Revocation, it is possible for the software to “rollback” to a flawed (yet valid at some point in time) software image.
  36. Differential Power Analysis attacks are another way an attacker might try to discover a private key. They analyze the power used during the hash to determine how transistors are switching and thus which key bits are 1s and which are 0s. To prevent simple Differential Power Analysis attacks it is important that there be no timing dependencies on data that is to remain unknown. Though this is useful it will unfortunately have cost in terms of code size and complexity [6]. Another method of prevention is to change the secret key after every few uses. This prevents the attacker from weakening the key that is in use [6].
  37. New methods for protecting security keys are still being created. For instance, a group of students at Rice University have discovered a way to protect medical devices by using the patient’s own heartbeat [4]. “The technique derives a random password… that can only be computed when touching the patient [4].” Innovation such as this will make attacks on connected medical devices difficult if not impossible.
  38. The next level of security implementation occurs at the operating systems level. “Operating system selection has become crucial for today’s highly connected devices [2].” It is vital to choose an operating system that meets the latest security requirements [2]. Another important aspect in choosing an operating system, network stack, or middleware is certification. Though certification has not always been viewed as an important quality, it “provides an independent validation from a trusted expert that a given component or platform meets specified standards [2].” Certification can also serve as a benchmark for a basis of comparison. There are multiple certifications that exist today including Wurldtech’s Achilles certification and ISASecure’s Embedded Device Security Assurance (EDSA) along with others [4]. These certifications provide benefits such as consolidation by allowing industries to “collaborate and set stronger standards and security paradigms for new devices that have combined previously separate functions” through defining conformance [2]. They also set standards and mitigate risks that arise from the vulnerability created by connecting devices [2].
  39. After the device has moved on from the manufacturer, it is important that the security process is continued so that vulnerabilities can be covered from end to end. “For operators, security threats inherent in configuration or customization must be analyzed and addressed [2].” This means that the device must be viewed as a whole. Whatever configuration or customization occurs after the manufacturing is complete, needs to be reviewed and have its security tested as well. More and more often, devices are created to be updated periodically. This is also an important feature of these connected devices. Updates allow the patching of minor errors and keep the system current with the technology that is available and also provides the opportunity for existing security holes to be addressed and patched. Because of this, it is imperative that operators design the updates with security in mind [2]. The world is always changing and so are the threats that exist in it. If the updates do not also include updated security, the system can become even more vulnerable than it was when it was originally built.
  40. The final step in security comes from the consumer himself. Most consumers do not understand the capabilities of their connected devices on a level anywhere close to that of the designers or operators. It is this fact that unfortunately causes the end users themselves to be a major cause of problems with connected devices. Many users are ignorant of the fact that it is possible for them to introduce malware, viruses, worms, and Trojan horses into their device. Issues like this are likely to affect reliability and performance of their device [2]. It is essential that developers keep in mind who the end user of their product is and prepare the device for the types of security threats that the user may accidentally introduce to their system. In many applications, such as smart homes and smart appliances, firewalls are now being sold to help protect systems from attacks that could compromise the security of the system [11]. These firewalls that are imbedded by the manufacture help to prevent hackers from tampering with the thermostats, lights, or home security system by only allowing access to the system through certain phone numbers or IP addresses to laptops and tablets that have been specified by their user. Based on this, it seems safe to conclude that companies may also start selling virus and spyware protection for a wide range of connected consumer devices that are now vulnerable to such attacks.
  41. Every day new connected consumer devices are envisioned and created; “it is estimated that there will be more than 50 billion connected devices in use by 2020 [2].” With such a large number of devices in circulation, security of these products needs to become a priority. It is obvious by the sheer number of test cases and real world cases of security breaches that security of these devices has been pushed aside if it was even thought of at all [2, 5, 8]. It is time to shift the attitude toward security. Previously security was addressed after the fact or implemented in a piecemeal fashion on individual aspects of a system [2, 5, 8]. However, “given the increasingly connected nature of today’s embedded devices, it has become a strategic imperative to deal with security threats holistically [2, 8].”
  43. Bibliography
  44. [1] Ardis, Kris. "Security in Embedded Systems - Application Note - Maxim."Analog, linear, and mixed-signal devices from Maxim. N.p., 26 May 2006. Web. 25 Sept. 2013. <http://www.maximintegrated.com/app-notes/index.mvp/id/3824>.
  45. [2] Brown, Marc. "Embedded Device Security in the New Connected Era." Electronic Engineering Journal 8 (2011): n. pag.Embedded Device Security in the New Connected Era. Web. 25 Sept. 2013.
  46. [3] Gross, Doug. "Foul-mouthed hacker hijacks baby's monitor - CNN.com."CNN.com - Breaking News, U.S., World, Weather, Entertainment & Video News. N.p., 14 Aug. 2013. Web. 25 Sept. 2013. <http://www.cnn.com/2013/08/14/tech/web/hacked-baby-monitor/?iref=obinsite>.
  47. [4] Johnson, R. Colin. "Foiling hacks into implanted heart-assist devices | Embedded." Embedded. N.p., 25 Sept. 2013. Web. 5 Oct. 2013. <http://www.embedded.com/electronics-news/4421722/Foiling-hacks-into-implanted-heart-assist-devices->.
  48. [5] Kelly, Heather. "Hackers break into homes -- electronically - CNN.com."CNN.com - Breaking News, U.S., World, Weather, Entertainment & Video News. N.p., 2 Aug. 2013. Web. 25 Sept. 2013. <http://www.cnn.com/2013/08/02/tech/innovation/hackable-homes>.
  49. [6] Newell, G. Richard and Morin, Tim. “The Right and Wrong way to Implement Cryptographic Algorithms in Embedded Electronic Systems” EDN.com. EDN Network, 19 March, 2013. 25 Sept. 2013. < http://www.edn.com/design/systems-design/4410267/1/The-Right-and-Wrong-Way-to-Implement-Cryptographic-Algorithms-in-Embedded-Electronic-Systems>
  50. [7] Rippel, Eran. "Security Challenges in Embedded Designs ." Design And Reuse, The System-On-Chip Design Resource - IP, Core, SoC. N.p., n.d. Web. 25 Sept. 2013. <http://www.design-reuse.com/articles/20671/security-embedded-design.html>.
  51. [8] Robertson, Jordan. "Hacker Shows Off Lethal Attack By Controlling Wireless Medical Device - Bloomberg." Bloomberg - Business, Financial & Economic News, Stock Quotes. N.p., 29 Feb. 2012. Web. 25 Sept. 2013. <http://go.bloomberg.com/tech-blog/2012-02-29-hacker-shows-off-lethal-attack-by-controlling-wireless-medical-device/>.
  52. [9] Wright, Alex. “Hacking Cars.” Communications Of The ACM54.11 (2011): 18-19. Computer Science Index. Web. 25 Sept. 2013.
  53. [10] Yoshida, Junko. "TI Illustrates Car Security Threats | EE Times." EE Times | Electronic Engineering Times | Connecting the Global Electronics Community. N.p., 9 Aug. 2013. Web. 25 Sept. 2013. <http://www.eetimes.com/document.asp?doc_id=1319179>.
  54. [11] "www.iconlabs.com." www.iconlabs.com. N.p., n.d. Web. 2 Oct. 2013. <http://www.iconlabs.com/>.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!