Multi Zone Security for Arm Cortex-M Devices

March 26, 2020 1 Comment


Credits: Embedded World Conference 2020 Proceedings, http://www.embedded-world.eu

Abstract —Developing secure Internet of Things devices is becoming more and more difficult. Complex functional requirements are increasingly met with the addition of untrusted 3rd party components. The resulting monolithic firmware presents vastly larger code base, greater attack surface, and increased system vulnerability. In addition, cost and low-power requirements lead to resource-constrained microcontroller architectures. These lack basic hardware security mechanisms and the ability to separate multiple trusted applications from less critical components. A new zero-trust model is required to address the intrinsic security threat posed by the resulting multi-source monolithic firmware. In this paper, we propose a novel approach to embedded security based on hardware-enforced, software-defined separation of multiple, equally secure, functional domains. We start by analyzing why the traditional “two-worlds” model is no longer suitable for modern IoT applications. We then introduce the concept of a lightweight, multi zone, trusted execution environment capable of enforcing security and separation for a multitude of equally-secure functional domains. Finally, we explain the details of the actual implementation of this model in Arm Cortex-M7 processors.

 

INTRODUCTION

The Internet of Things (IoT) is comprised of billions of interconnected devices that, by definition, are exposed to remote attack – potentially resulting in the most damaging type of cyber threats: distributed denial of service or DDOS. While early design concerns were mostly related to connectivity and interoperability, a multitude of recent high-profile cyberattacks has shown that the success of this new Internet era is heavily dependent on the trust and the security built into these devices [1, 2]. Read more of this post

Filed under IoT Security, Papers Tagged with , , , , , , , , ,

Virtualization, silicon, and open source are conspiring to secure the Internet of Things

January 28, 2016 1 Comment

My chat with Brandon Lewis, Technology Editor at  IoT Design, highlighting prpl’s push around roots-of-trust, virtualization, open source, and interoperability in order to secure the Internet of Things (IoT).

Credits: Brandon Lewis, IoT Design, January 28, 2016 @TechieLew

security-guidance-coverThe prpl Foundation is known for open source tools and frameworks like OpenWrt and QEMU, but has recently ventured into the security domain with a new Security prpl Engineering Group (PEG) and the “Security Guidance for Critical Areas of Embedded Computing” document, not to mention wooing you away from your role at security giant Trend Micro. What can you tell us about the drivers behind these moves?

Cesare: One way to look at it is a supply-and-demand schema. On the demand side, according to Gartner, the security market was worth $77 billion in 2015 and it’s going to grow much faster. One strong demand-side driver is the need for stronger security, because industry is not doing a very good job of it – and when I say industry I mean from silicon to software to services – and all of the spending is not resulting in better information security. Read more of this post

Filed under IoT Security Tagged with , , , , , , , , , , , , , ,

The Journey to a Secure Internet of Things Starts Here

January 15, 2016 3 Comments

IoT Security Guidance

As the Internet of Things finds its way into ever more critical environments – from cars, to airlines to hospitals – the potentially life-threatening cyber security implications must be addressed. Over the past few months, real world examples have emerged showing how proprietary connected systems relying on outdated notions of ‘security-by-obscurity’ can in fact be reverse engineered and chip firmware modified to give hackers complete remote control. The consequences could be deadly.

A new approach is needed to secure connected devices, which is exactly what the prpl Foundation is proposing in its new document: Security Guidance for Critical Areas of Embedded Computing. It lays out a vision for a new hardware-led approach based on open source and interoperable standards. At its core is a secure boot enabled by a “root of trust” anchored in the silicon, and hardware-based virtualization to restrict lateral movement.

Read more of this post

Filed under IoT Security Tagged with , , , , , , , , , , , , , ,

How to Fix the Internet of Broken Things

November 20, 2015 2 Comments

iot-securityThe Internet of Things is already permeating every part of our lives – from healthcare to aviation, automobiles to telecoms. But its security is fundamentally broken. In my previous blog I’ve shown how vulnerabilities found by security researchers could have catastrophic consequences for end users. This isn’t just about data breaches and reputational damage anymore – lives are quite literally on the line. The challenges are many: most vendors operate under the misapprehension that security-by-obscurity will do – and lobby for laws preventing the disclosure of vulnerabilities; a lack of security subject matter expertise creates major vulnerabilities; firmware can too easily be modified; and a lack of separation on the device opens up further avenues for attackers.

But there is something we as an industry can do about it – if we take a new hardware-led approach. This is all about creating an open security framework built on interoperable standards; one which will enable a “root of trust” thanks to secure boot capabilities, and restrict lateral movement with hardware-based virtualization.

Read more of this post

Filed under IoT Security Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , ,

The Security Challenges Threatening to Tear the Internet of Things Apart

November 4, 2015 3 Comments

IoT SecurityThe Internet of Things (IoT) has the power to transform our lives, making us more productive at work, and happier and safer at home. But it’s also developing at such a rate that it threatens to outstrip our ability to adequately secure it. A piece of software hasn’t been written yet that didn’t contain mistakes – after all, we’re only human. But with non-security experts designing and building connected systems the risks grow ever greater. So what can be done?

Read more of this post

Filed under None Tagged with , , , , , , , , , , , , , , , , , , ,

Securing The Internet of (broken) Things: A Matter of Life and Death

October 6, 2015 1 Comment

Securing the Internet of broken thingsIf you’re like me you’ll probably be getting desensitized by now to the ever-lengthening list of data breach headlines which have saturated the news for the past 24 months or more. Targeted attacks, Advanced Persistent Threats and the like usually end up in the capture of sensitive IP, customer information or trade secrets. The result? Economic damage, board level sackings and a heap of bad publicity for the breached organization. But that’s usually where it ends.

Read more of this post

Filed under IoT Security, Top Posts Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , ,

Cesare Garlati Joins prpl Foundation as Chief Security Strategist

April 7, 2015 Leave a comment

prpl FoundationSANTA CLARA, CA–(Marketwired – April 07, 2015) – Well-known information security expert Cesare Garlati today joins the prpl Foundation as Chief Security Strategist. Garlati will assist the Foundation with security strategy in the newly formed Security PEG (prpl Engineering Group), a working group dedicated to creating an open standard framework that addresses next-generation security requirements for connected devices.

“Cesare Garlati is an internationally renowned leader in the mobile security space,” said prpl Foundation president Art Swift. “We all look forward to his contributions in security strategy and his participation in the ground-breaking Security PEG.”

Read more of this post

Filed under IoT Security Tagged with , , , , , , , , ,