Secure IoT Firmware For RISC-V Processors

March 26, 2021 Leave a comment


Credits: Embedded World Conference 2021 Proceedings, http://www.embedded-world.eu

Abstract — Building secure RISC-V devices is challenging as the RISC-V ISA doesn’t specify the hardware blocks necessary for the trusted execution of the many 3rd party components of the software stack. RISC-V developers are left alone figuring out how to shield trusted code from unverified 3rd party software libraries. In this paper, we introduce the industry-first secure IoT stack for RISC-V. We describe and explain all hardware and software components necessary to build state-of-the-art device, firmware, and cloud management service. These include RISC-V 32-bit SoC, MultiZone Trusted Execution Environment, TCP/IP connectivity, TLS/ECC cryptography, and MQTT client and broker providing telemetry and OTA applications deployment and firmware updates. All components are built on free and open standards, distributed under permissive licensing, and freely available for download from GitHub.

 

INTRODUCTION

Building secure IoT firmware for embedded devices is challenging. These resource-constrained devices typically lack the hardware resources necessary for the trusted execution of the many complex 3rd party software components required for secure operations. And state-of-the-art security features like secure boot, remote attestation, authenticated access to commercial cloud services, and over-the-air (OTA) firmware updates require a number of complex 3rd party software components [1,2]. Read more of this post

Filed under IoT Security, Papers, RISC-V Tagged with , , , , , , , , , , , , , , ,

Cybersecurity: What You Need to Know and Do to Protect Yourself and Your Business

May 3, 2021 Leave a comment

Tiedemann Advisors Speaker Series – April 29, 2021 Lessons from U.S. National Security and the Cyber Security Industry that Can Benefit You.

Cybersecurity has never been more important than it is today. Every risk management strategy for a family or business must now have a comprehensive plan to address the substantial threat of cyberattacks. It is no longer a question of if you might be threatened by a cybersecurity attack but rather when. While the threats are increasing, so too are the ways in which you can protect yourself and your business.   On April 29, we are sitting down with renowned security experts Guy Snodgrass and Cesare Garlati to understand the current state of cybersecurity. Additionally, we will discuss what you can learn from the U.S. national security and intelligence community and the cybersecurity industry when it comes to protecting your family and your business.

Watch the webinar at https://insights.tiedemannadvisors.com/cybersecurity-webinar-2021-04-29

Filed under Information Security Tagged with

Secure IoT Firmware For Cortex-M Processors

March 26, 2021 Leave a comment


Credits: Embedded World Conference 2021 Proceedings, http://www.embedded-world.eu

Abstract — Developing secure IoT applications is challenging. Traditional Arm(v7) Cortex M devices lack TrustZone like functionality for the safe execution of the many 3rd party components of the software stack. And the upgrade to new Cortex M devices with TrustZone inexorably leads to a lengthy and expensive system redesign. In this paper, we introduce an alternative path to a TrustZone upgrade, based on an innovative hardware-enforced software-defined Trusted Execution Environment. We describe and detail all software components necessary to build a complete state-of-the-art secure IoT firmware for any Cortex M device – with or without TrustZone. These include the MultiZone Trusted Execution Environment, TCP/IP connectivity, TLS/ECC cryptography, and MQTT client providing telemetry and OTA updates. All components are built on free and open standards, distributed under permissive licensing, and freely available for download from GitHub.

 

INTRODUCTION

Building secure IoT firmware is challenging. State-of-the-art security features like secure boot, authenticated access to commercial cloud services, and over-the-air (OTA) firmware updates require a number of complex 3rd party software components [1,2]. These libraries are difficult to integrate, expose the system to increased attack surface, and inevitably lead to the dangerous execution of trusted and untrusted code in the same chip – where one single faulty instruction has the potential to compromise the integrity of the whole system – i.e., software vulnerabilities and backdoors [1,3]. Read more of this post

Filed under IoT Security, Papers Tagged with , , , , , , , , , , , , , , , , ,

A Clean Slate Approach to Linux Security RISC-V Enclaves

March 26, 2020 2 Comments


Credits: Embedded World Conference 2020 Proceedings, http://www.embedded-world.eu

Abstract – Hardware consolidation requirements and sophisticated new functional requirements are forcing embedded systems designers to mix safety-critical applications with complex rich operating systems. The resulting mixed-criticality systems present orders of magnitude larger code base and unacceptably greater attack surface and system vulnerability – often exposed to remote attack. To address this emerging threat model, we propose a new zero-trust computing architecture based on the concept of multi zone enclaves for RISC-V based Linux systems.

 

INTRODUCTION

We live in the era of the Internet-of-Things (IoT). Billions of interconnected devices are now integral part of our lives, perform a myriad of functions, manage safety-critical operations, and generate and process vast amounts of sensitive data. As these systems are connected to the external world, they are inherently exposed to an endless number of cybersecurity threads [1, 2]. As shown by many recent high-profile cybersecurity incidents, the viability of this new Internet era heavily depends on the security of these devices and on the trust we are willing to put on them [2]. Read more of this post

Filed under IoT Security, Papers, RISC-V Tagged with , , , , , , , , ,

Multi Zone Security for Arm Cortex-M Devices

March 26, 2020 1 Comment


Credits: Embedded World Conference 2020 Proceedings, http://www.embedded-world.eu

Abstract —Developing secure Internet of Things devices is becoming more and more difficult. Complex functional requirements are increasingly met with the addition of untrusted 3rd party components. The resulting monolithic firmware presents vastly larger code base, greater attack surface, and increased system vulnerability. In addition, cost and low-power requirements lead to resource-constrained microcontroller architectures. These lack basic hardware security mechanisms and the ability to separate multiple trusted applications from less critical components. A new zero-trust model is required to address the intrinsic security threat posed by the resulting multi-source monolithic firmware. In this paper, we propose a novel approach to embedded security based on hardware-enforced, software-defined separation of multiple, equally secure, functional domains. We start by analyzing why the traditional “two-worlds” model is no longer suitable for modern IoT applications. We then introduce the concept of a lightweight, multi zone, trusted execution environment capable of enforcing security and separation for a multitude of equally-secure functional domains. Finally, we explain the details of the actual implementation of this model in Arm Cortex-M7 processors.

 

INTRODUCTION

The Internet of Things (IoT) is comprised of billions of interconnected devices that, by definition, are exposed to remote attack – potentially resulting in the most damaging type of cyber threats: distributed denial of service or DDOS. While early design concerns were mostly related to connectivity and interoperability, a multitude of recent high-profile cyberattacks has shown that the success of this new Internet era is heavily dependent on the trust and the security built into these devices [1, 2]. Read more of this post

Filed under IoT Security, Papers Tagged with , , , , , , , , ,

RISC-V Open Source Processors Ready For Prime Time

March 4, 2019 Leave a comment

Excerpt of my interview with Elektronik
Harry Schubert, Chief Editor
February 2, 2019
https://www.elektroniknet.de/international/ready-for-series-production-162542.html

 

Based on the instruction set architecture RISC-V from the University of Berkeley, processor cores are now being developed as IP and SoCs. Cesare Garlati, founder Hex Five Security and chief security strategist at prpl Foundation, follows the development closely.

In the program of this year’s Embedded World Conference, RISC-V dominates the block »Hardware Engineering«. One of the speakers is Cesare Garlati, who accompanies the development of RISC-V and deals intensively with security aspects as a key member of the RISC-V Security Group and founder of Hex Five Security – the first Trusted Execution Environment for RISC-V. In an interview, he talks about the current state of technology.

Mr. Garlati How far has the development of a RISC-V ecosystem progressed?

The RISC-V ecosystem has grown tremendously from its beginnings as a research project at U.C. Berkeley.  As of Q4 2018 the Foundation has more than 220 members in 27 countries, many open source and commercial RISC-V cores are available and a robust ecosystem of peripherals, development and software tools.

Today you can find RISC-V solutions that cover everything from tiny 8-bit microcontrollers to 64-bit quad core running Linux. And even a more powerful 128-bit out-of-order core is in the makings at U.C. Berkeley – BOOM (Berkeley Out of Order Machine).

Read more of this post

Filed under RISC-V Tagged with , , , , , , , , , ,

A New Zero-Trust Model for Securing Embedded Systems

March 3, 2019 4 Comments

Credits: Embedded World Conference 2019 Proceedings, http://www.embedded-world.eu

Abstract — The attack surface in embedded systems has grown exponentially as connectivity requirements are increasingly met with the integration of readily available 3rd party libraries. A new Zero Trust Model is required to address the intrinsic security threat posed by the resulting monolithic firmware. This paper explores a new modern approach based on open source hardware and software where security through separation is achieved via a state-of-the-art multi-domain Trusted Execution Environment (TEE) for RISC-V processors.

INTRODUCTION
Embedded devices are a part of the daily lives of people all around the world. As devices get more personal and become placed in increasingly sensitive environments, the security of those devices becomes paramount. Security is a multi-tier approach, with different solutions being used across the industry depending on device capabilities and functionalities. Most security challenges faced by those resource-constrained devices that make up the Internet of Things can be minimized by enforcing physical separation between functional blocks and by properly implementing established encryption schemas to protect data in transit and at rest.

Read more of this post

Filed under IoT Security, Papers, RISC-V Tagged with , , , , , , , , , , , , , , ,

Trusted Execution Environments – A System Design Perspective

March 3, 2019 Leave a comment

Credits: Embedded World Conference 2019 Proceedings, http://www.embedded-world.eu

Abstract — The Internet of Things (IoT) represents a collection of billions of smart, connected devices. Current approaches to securing IoT devices typically go through the addition of complex hardware mechanisms or the implementation of heavy containerization and virtualization solutions. In this paper, we take the reader through designing a real-world scenario of an IoT device making use of Trusted Execution Environments (TEE) to securely isolate different parts of the system. We aim to demonstrate a network connected device resembling a typical IoT device with a clear boundary separation between the application, the networking stack, and the root of trust.

INTRODUCTION
The Internet of Things (IoT) field has proliferated, with current estimates at 11 billion devices according to a recent Development Bank of Singapore (DBS) report [13]. According to the same report, privacy, security, and interoperability are the key barriers for widespread adoption [11]. While attempts at interoperability and standardization exist with organizations such as EdgeX [9], privacy and security still remain largely unaddressed. IoT devices do not work in isolation, they typically need to communicate with a central manager, posting their results and accepting commands from that central manager. Typical forms of communication involve protocols like BLE and TCP/IP. These protocols bring complex serializers and de-serializers often vulnerable to buffer overflow exploits, use after free and so on, with the latest examples being vulnerable TCP/IP stacks that could be exploited [12].

Read more of this post

Filed under IoT Security, Papers, RISC-V Tagged with , , , , , , , , , , , , , , ,

Maintaining Security in a Heterogeneous and Changing World

March 3, 2019 Leave a comment

Credits: Embedded World Conference 2019 Proceedings, http://www.embedded-world.eu

Abstract — Safety and security concerns are holding back the Industrial Internet of Things (IIoT). Much of this comes down to two very different inconvenient truths: first, that Smart Cities and Connected Infrastructure are by nature composed of highly diverse sets of devices, yet device security standards are highly variable; and second, that those devices are operating in a permanently degraded state.
Firmware and device data need ongoing maintenance to overcome vulnerabilities and defend against newly-discovered threats, and yet this lack of interoperability makes such patching very difficult to realize. This paper argues for standards and interoperability at a critical layer of the stack – secure boot, firmware, trusted execution environment and identity protection – in order to enable proper security management of the IIoT ecosystem.

INTRODUCTION
The Internet of Things, the technology that promised us utopian smart cities and connected lives, is failing to deliver. Instead of a coherent Internet of Things we have in its place an Internet of Silos, where narrow use cases may work very well, but devices, systems, and economies cannot interoperate. Differences in device standards, a lack of consistency in device security, and a ‘land-grab’, ‘winner-takes-all’ mentality on cloud management services means that while vertical walled-garden digital consumer services are making strides into the connected future, the physical world is left frustratingly behind.

Read more of this post

Filed under IoT Security, Papers, Top Posts Tagged with , , , , , , , , , , , , , , , , , , ,

User Mode Interrupts – A Must for Securing Embedded Systems

March 3, 2019 3 Comments

Credits: Embedded World Conference 2019 Proceedings, http://www.embedded-world.eu

Abstract — With the advent of the Internet of Things (IoT), devices are becoming smaller, smarter and increasingly connected. This explosion in connectivity creates a larger attack surface and new security threats. Recent cybersecurity attacks clearly demonstrated that the success of this new Internet era depends heavily on the security of those embedded devices that make up the IoT. In this paper, we argue in favor of a paradigm shift in the way computing systems are conceived and designed. We explain why the free and open RISC-V ISA promises to be a game-changer for embedded security, and we share our experience developing the industry-first RISC-V secure implementation of FreeRTOS based on MultiZone Security, the first Trusted Execution Environment for RISC-V. In the context of this research, we explain how to implement user-mode interrupts to secure modern embedded systems.

INTRODUCTION
The world is undergoing an unprecedented technological transformation, evolving from isolated systems to ubiquitous Internet-enabled ‘things’ capable of generating and handling vast amounts of security-critical and privacy-sensitive data [1]. This novel paradigm, commonly referred to as the Internet of Things (IoT), is a new reality that is enriching our everyday life but simultaneously creating several risks. Recent cybersecurity incidents, such as the Mirai Botnet, have clearly demonstrated that the success of this new Internet era is heavily dependent upon the trust and security built in these IoT devices.
The ongoing cat-and-mouse game of hacks and patches is largely due by the intrinsic lack of security of the traditional computing model, which is not safe nor secure. Mainstream operating systems (OSes) are designed for functionality and speed. These systems follow a monolithic architecture, with most of the services enjoying privileged execution rights. Typically, programs share the same access to code and data and functional blocks communicate via shared memory structures such as buffers, stacks and hypes – a single failure in one component can bring the entire system down [2]. Even more evolved systems that implements virtual memory protection schemas have shown several vulnerabilities, mainly due to the complexity of the software necessary to operate the underlying MMU [3].

Read more of this post

Filed under IoT Security, Papers, RISC-V Tagged with , , , , , , , , , , , , , , , , , , ,

Older posts