Categories
IT Security

Embedded Security

What is Embedded Security?

An embedded system is the combination of hardware and software designed to perform dedicated functions within a larger mechanical or electrical system. An embedded system is governed by integrated software that determines the behavior of the embedded device. Embedded systems security is a strategic approach to protect an embedded system from all types of malicious behavior. The benefit of embedded systems is their ability to work in real time by optimizing system resources to perform a particular activity. With the correct components, embedded systems can be reliable, perform well, and be less expensive than more complex options. That said, embedded systems face a number of challenges:

Power and memory limitations. Embedded systems limit the resources available for other cybersecurity applications.

Irregular security. As some embedded devices have long service lives, maybe 20 years or more, their hardware may become obsolete and cannot accept newer and more secure versions of software.

Difficult to update. Some embedded systems, such as smart TVs and smartphones, can be updated regularly with minimal impact on the end user, but others require significant skill and time to complete.

Some potential embedded system attack points include1:

  • The larger system that includes the embedded system
  • The internet or communications network that connects the embedded system with other devices
  • A physical device, such as a USB drive, that has malicious code on it
  • Existing software vulnerabilities in the embedded software such as:
    • Buffer overflow attacks where a cyberattacker writes data or code to a memory buffer, then overruns the buffer’s limits and starts overwriting adjacent memory addresses which may allow the cyberattacker to take control of the system or crash it
    • Improper input validation by a cyberattacker who provides unexpected input that causes an application crash, consumes too many resources, reveal confidential data, or execute a malicious command.
    • Programming language or embedded operating systems that do not restrict a program from directly accessing memory locations that are outside of the intended boundary of the memory buffer may allow a cyberattacker to take control of the system or cause it to crash.
    • Data spoofing and device hijacking may allow cyberattackers to access sensitive information.

Best practices for keeping embedded systems secure include ensuring that embedded system hardware and software work together, using hardware roots of trust, using secure boot, having a trusted execution environment (TEE), and having a trusted platform module (TPM).

1 BlackBerry/QNX, 2022, “Ultimate Guide to Embedded Systems Security”