On Day 1, ESC vendors emphasize security. At (long) last.
I have for years been sounding the klaxon on the need for embedded security. From designs that are locked down and not easily accessed—locally or remotely—to protecting the data at rest and in flight, designers need to start thinking about security in their embedded systems.
As well, I’ve also harped on the need to write secure embedded code and to verify it using static analysis (and other) tools. Witness the OpenSSL “HeartBleed” server fiasco last year where bad code let servers dump portions of their memory to hackers.
This year’s ESC 2015 showed plenty of security-conscious vendors ready to help embedded designers.
Security on the Side
On Day 1 of ESC Santa Clara (a smaller event held this year at the Santa Clara Marriott) I’d only just gotten my Press badge when I noticed a bag of new USB cables marked “Free”. This is a great conversation starter and I asked the guy: “What’s with the free cables?” He introduced himself as Colin O’Flynn of NewAE Technology and the cables were excess from a USB preso he’d given.
NewAE, it turns out, is looking to sell really cheap side channel power analysis tools that help identify attack surfaces in embedded hardware. Their $250 ChipWhisperer-Lite was a Kickstarter project, and competing products from Cryptography Research Inc (CRI) cost maybe 40x that. CRI has been an ESC exhibitor in the past and always wows attendees with demos that correctly identify passwords in devices simply by monitoring minute power fluctuations as the system authenticates. Credible and spook-like stuff.
If side channel power analysis could be done for $250 then embedded designers should start doing it.
Root of Trust
Also in attendance on Day 1 was the Trusted Computing Group—the folks who bring us the TPM (trusted platform module). I don’t know much about this IC applied to embedded, but I see it listed on many semiconductor company presentations such as Freescale and Intel. The TPM shows up in some consumer computer gear, though frequently in hardware targeted at the enterprise. Are TPM ICs used in embedded?
They are, said Steve Hanna, head of several TCG working groups and Sr. Principal Technical Marketing guy for Chip Card & Security at Infineon. He briefed me on several TCG announcements at ESC 2015. In fact, TCG is targeting end-node IoT devices with a different set of security goals.
Where confidentiality and integrity are the goals in laptops and enterprise systems, the TPM establishes a hardware root of trust primarily to protect crypto keys for secure boot, data storage and data transfer.
But in the IoT, it’s availability that matters most. If a networked pipeline has been hacked and the valves all opened, the primary concern is accessing those valves to shut ‘em off. That’s not to say that protection from hacking a home security camera or baby monitor isn’t also a goal (Figure).
For ESC2015, TCG has announced the 2.0 version of the TPM spec (ISO IEC 11889:2025) that includes, among several enhancements, support for more TPM profiles to allow vendor (and system) flexibility. Of note, says TCG’s Steve Hanna, is the addition of “cryptographic agility”—which means the ability to add more crypto algorithms as the need evolves. This is found in Infineon’s new OPTIGA Trust E TPM with Elliptic Curve Cryptography, announced at ESC2015 today.
Infineon’s OPTIGA Trust E
Day 1’s “security” focus concluded with Infineon’s addition of the OPTIGA Trust E IC to the company’s line of turn-key authentication security ICs. OPTIGA runs the gamut from easy-to-use crypto authentication at the low end, to the Common Criteria, EAL 5+ programmable OPTIGA Trust P at the high end.
Sandwiched in the middle is the announced enhanced “E” version focusing in on IoT nodes, medical, smart home, consumer and other middle-of-the-road consumer and industrial automation applications.
According to Infineon, key storage, root of trust and crypto capabilities are essential in all areas of IoT—including the home (see Figure). A fake server, for example, could be used to send false commands and open an IoT-controlled garage door or start a remotely-enabled automobile.
As Day 1 wound down, I was already receiving notices of security-related Day 2 announcements. It seems like security has hit vendors’ radar screens.
Will security attract the designers of embedded systems now that ICs, tools and specs are appearing?
ESC 2015 Day 2 looms.