How to improve the security of embedded systems in five steps?

Appeared in 2010, the Stuxnet worm was the first malicious program designed specifically to infiltrate within an industrial infrastructure and spread of malicious code at the very heart of PLCs. Such a virus attack underscores the need to strengthen measures to protect safety critical embedded systems and especially those who control critical infrastructure, industrial complexes, the intelligence networks, military networks or medical equipment.

For a long time, embedded systems have operated in relative autarky and, therefore, they were protected against most security threats. But these same facilities are now connected to corporate networks, to public clouds, and even the Internet. This led to widespread connectivity substantial gains in terms of features and ergonomics, but it makes embedded systems more vulnerable to attacks, intrusions and other hacks. At the "all-connected", that security was far from being the main concern of the designers in the past attains the rank of the fundamental characteristics of the equipment. Therefore, security mechanisms, or more precisely, cyber security, embedded systems must protect any malicious attack that might impede a successful and safe, especially when human lives are at stake these same mechanisms must ensure integrity of data transmitted or stored when they are considered sensitive.

Under these conditions, how designers can they reconcile the constraints of security with increasingly stringent requirements of a competitive market where time to market and development budgets are constantly being revised downwards? In fact, approaches that aim to guarantee embedded security level still higher can be broken into five stages covering the entire lifecycle of products from conception to maintenance to development phases, testing and deployment.

Step 1: Conduct a threat assessment of end-to-end
Improving the security of an embedded system starts with proper identification of potential threats. These threats must be evaluated by conducting a comprehensive analysis of the product life cycle, considering all upstream conditions using the same product, and taking into account the impact that the developers, manufacturers, operators , distributors, resellers and end users can have on overall system security. Here, the main difficulty is to predict the infection vectors (ie the ways in which a malicious attack can be perpetrated) and anticipate vulnerabilities (ie weaknesses or defects in materials or software exploitable by a malicious program).

Step 2: Take advantage of advanced security mechanisms already existing
A number of technologies and design methods have been developed to address the most serious threats still lurking embedded systems connected. Within this framework, developers have every incentive to move towards commercial building blocks, tested and available off the shelf (COTS) that have the ability to improve the safety of their equipment without breaking development costs. The virtualization platforms are embedded in many of these building blocks: they allow through mechanisms of partitioning to divide and isolate software in virtual execution environments.

Step 3: Choose a platform appropriate enforcement
For an embedded system, choosing a platform for trade execution is absolutely critical. The implementation of COTS software components pre-tested, validated and certified according to strict safety and functional safety can increase overall security system and reduce development costs incurred. Carefully selected based on these criteria, the support layers of hardware, hypervisors, operating systems, real time communication protocol stacks, platforms, virtual simulation, development tools can greatly developing efficient on-board equipment secure.

Step 4: Secure applications
Modern embedded systems hosting multiple applications and see their features evolve throughout the life cycle of the equipment through updates and upgrades to hardware and software. Likely, therefore, to be targets of malicious code or data theft, so applications should always be secure. This can be done using the technique known as "white lists", much less computationally intensive than those of "blacklists" and therefore better suited to the constraints of embedded systems. This mechanism allows the download and installation of the only applications whose performance is recognized as safe.

Step 5: Choosing a support covering the entire life cycle
Security threats change over time, parades too. Embedded systems must be upgraded on site, in anticipation of future security challenges. Also the integration of a comprehensive security policy in managing the lifecycle of the product turns out she criticism, not least because OEMs must address the new vulnerabilities as they arise, and if quickly as possible. It is also necessary that their suppliers of COTS building blocks are equally reactive in terms of safety.
By following these five steps, companies can actually make great strides in minimizing risk and exposure levels to security threats that affect their embedded products with high connectivity. The integration of security mechanisms in embedded systems has become a fundamental requirement that requires an investment increasingly important to all levels of an organization.