Secure Firmware Update Lab Session

Similar documents
RL78 Project Configuration Tips

Implementing Bootloaders on Renesas MCUs

Using Software Building Blocks for Faster Time to Market

An Introduction to e 2 studio

Low Power Design Michael Thomas, Applications Engineer

Low Power Design. Renesas Electronics America Inc Renesas Electronics America Inc. All rights reserved.

Capacitive Touch Based User Interfaces and Hardware-based Solutions

RL78 Ultra Low Power MCU Lab

Embedding Audio into your RX Application

Incorporating a Capacitive Touch Interface into Your Design

RL78 Ultra Low Power MCU Lab

CAN In A Day 2L01I. Renesas Electronics America Inc Renesas Electronics America Inc. All rights reserved.

LibUSB - Create a Solution Without the Class Struggle

Software Development with an Open Source RTOS

ID 321L: KPIT GNU compiler plug-ins for HEW / KPIT Eclipse IDE

ID 730L: Getting Started with Multimedia Programming on Linux on SH7724

Enhance Embedded Systems with Low Cost TFT Solutions

ID 020C: Hardware-in-Loop: System Testing Without the System

CC05B RX Project Configuration Tips

ID B34L: HMI Development with QNX'S Momentics Toolchain and Connected Automotive Reference QNX CAR

Getting Started with Renesas Development Tools

Rapid RX600 System Development Using the RPDL and PDG

ID 024C: Auto Code Generation: The Shortest Distance From Idea to Implementation

ID 025C: An Introduction to the OSEK Operating System

A11L: 78K0R Low Power MCU

Embedded Wireless Technologies

ID 220L: Hands-on Embedded Ethernet Design with an Open Source TCP/IP Stack

ID 434L: Incorporating a Capacitive Touch Interface into Your Design

Security in Automotive Applications

422L: Introduction to the.net Micro Framework

Renesas Synergy MCUs Build a Foundation for Groundbreaking Integrated Embedded Platform Development

Securing IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region

Optimizing RX Performance

THE HSL SECURE KVM COMBINERS. Simultaneously interact with multiple computers on the same screen

BASICS OF THE RENESAS SYNERGY PLATFORM

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

STM8L and STM32 L1 series. Ultra-low-power platform

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

Integrated Access Management Solutions. Access Televentures

Introducing: New Low-Cost & Low Pin Count PIC Microcontrollers for the 8-, 16- & 32-bit Markets

SECURING ENERGY COMPANY DESKTOPS from Cyber Threats with the Latest KVM Technology

GUI Development Using emwin on the FDI Direct Drive LCD Platforms

What Ails Our Healthcare Systems?

Connecting Securely to the Cloud

T he key to building a presence in a new market

Quick Start Guide SYG-S7G2-MDK. Copyright 2015, Future Designs, Inc., All Rights Reserved

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Enhanced Mobile Security using Multi-Factor Biometric Authentication

ID B30C: IP Video Surveillance Applications

Live Demo: A New Hardware- Based Approach to Secure the Internet of Things

SE420 Software Quality Assurance

W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s

DesignWare IP for IoT SoC Designs

Meeting FFIEC Meeting Regulations for Online and Mobile Banking

The PKI Lie. The OWASP Foundation Attacking Certificate Based Authentication. OWASP & WASC AppSec 2007 Conference

Using Embedded Tools for I2C, SPI, and USB Debugging for the Renesas RX63N RDK

Wireless LAN Security (RM12/2002)

Portable Instrumentation Applications w/ the RL78

Automotive Cybersecurity: Why is it so Difficult? Steven W. Dellenback, Ph.D. Vice President R&D Intelligent Systems Division

Security and Privacy in RFID Evolving Application Spaces for Edge Security

UART Thou Mad? An Introduction to the UART Hardware Interface. Mickey Shkatov. Toby Kohlenberg

Securing IoT devices with Hardware Secure Element. Fabrice Gendreau EMEA Secure MCUs Marketing & Application Manager

Security Testing. - a requirement for a secure business. ISACA DAY in SOFIA. Gabriel Mihai Tanase, Director, Cyber Services KPMG in CEE

Embedded System Security. Professor Patrick McDaniel Charles Sestito Fall 2015

The Data Breach: How to Stay Defensible Before, During & After the Incident

18-642: Security Vulnerabilities


SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017

mbed Hello World! Introduction to mbed

ID B33C: Developing Rich Graphical User Interfaces Optimized for Embedded Systems

Copyright ECSC Group plc 2017 ECSC - UNRESTRICTED

SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA

Secure RISC-V. A FIPS140-2 Compliant Trust Module for Quad 64-bit RISC-V Core Complex

ID 411C: Capacitive Touch User Interfaces and Hardwarebased

BASICS OF THE RENESAS SYNERGY PLATFORM

1.264 Lecture 26. Security protocols. Next class: Anderson chapter 4. Exercise due before class

Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition

Protecting the Client

New STM32 F7 Series. World s 1 st to market, ARM Cortex -M7 based 32-bit MCU

FOR IOT PRODUCT DEVELOPMENT

whitepaper ClickShare Security

Lecture 9 User Authentication

Design Tradeoffs in Industrial Ethernet Hardware Implementations

Microcontroller Technologies for Smart Society

How Breaches Really Happen

Hacking challenge: steal a car!

Security Pitfalls. A review of recurring failures. Dr. Dominik Herrmann. Download slides at

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.

Security Challenges with ITS : A law enforcement view

Bluetooth modules. Modules and turnkey solutions with embedded Bluetooth firmware and AT command

Authentication Technology for a Smart eid Infrastructure.

Protect Your Organization from Cyber Attacks

Atmel Trusted Platform Module June, 2014

Verizon Software Defined Perimeter (SDP).

Click Yes To Official Intrusion Detection System (ids Software)

SECURITY TESTING. Towards a safer web world

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Bite of Science Austin Alfredo Pérez Applications Engineer, Silicon Labs. January 27, 2016

RSA Fraud & Risk Intelligence Solutions

5/15/2009. Introduction

Transcription:

Secure Firmware Update Lab Session Shotaro Saito, Staff Application Engineer, Secure MCU Class ID: BL02I Renesas Electronics America Inc.

Shotaro Saito, Application Engineer 24 years in Embedded Systems Development In-Circuit Emulator / Debugger Development Debugger GUI Design Biometrics Enabled Smartcard Development 4 Years with Renesas Electronics In Charge of Secure MCU Development Kit and Tools Board ID Solution Support 2

Renesas Technology & Solution Portfolio 3

8/16-bit 32-bit Microcontroller and Microprocessor Line-up 2010 2013 1200 DMIPS, Superscalar Automotive & Industrial, 65nm 600µA/MHz, 1.5µA standby 500 DMIPS, Low Power Automotive & Industrial, 90nm 600µA/MHz, 1.5µA standby 165 DMIPS, FPU, DSC Industrial, 90nm 242µA/MHz, 0.2µA standby 25 DMIPS, Low Power Industrial & Automotive, 150nm 190µA/MHz, 0.3µA standby 10 DMIPS, Capacitive Touch Wide Industrial Format & LCDs Automotive, 130nm 350µA/MHz, 1µA standby 1200 DMIPS, Performance Automotive, 40nm 500µA/MHz, 35µA deep standby 165 DMIPS, FPU, DSC Industrial, 40nm 242µA/MHz, 0.2µA standby Embedded Security, ASSP Industrial, 90nm 1mA/MHz, 100µA standby 44 DMIPS, True Low Power Industrial & Automotive, 130nm 144µA/MHz, 0.2µA standby 4

8/16-bit 32-bit Microcontroller and Microprocessor Line-up 2010 2013 1200 DMIPS, Superscalar Automotive & Industrial, 65nm 600µA/MHz, 1.5µA standby 500 DMIPS, Low Power Automotive & Industrial, 90nm 600µA/MHz, 1.5µA standby True Embedded Security and Integration 165 DMIPS, FPU, DSC 1200 DMIPS, Performance Automotive, 40nm 500µA/MHz, 35µA deep standby 165 DMIPS, FPU, DSC Industrial, 40nm 242µA/MHz, 0.2µA standby Industrial, 90nm 242µA/MHz, 0.2µA standby 25 DMIPS, Low Power Industrial & Automotive, 150nm 190µA/MHz, 0.3µA standby 10 DMIPS, Capacitive Touch Wide Industrial Format & LCDs Automotive, 130nm 350µA/MHz, 1µA standby Embedded Security, ASSP Industrial, 90nm 1mA/MHz, 100µA standby 44 DMIPS, True Low Power Industrial & Automotive, 130nm 144µA/MHz, 0.2µA standby 5

Enabling The Smart Society The Smart Society is explicitly exposed to adversaries who intend to gain profit by breaching its security: Challenge: In the smart society, the inter-connectivity takes the key role while anyone can take advantage of it including cyber criminals. Devices in the smart society need to be smart enough to deny rogue intrusion attempts. Solution: The Secure MCU solution prevents end-point devices in the smart society from being compromised with secure authentication scheme 6

Agenda Embedded security basics Knowing your opponents Attack vectors on embedded systems Security perimeter Board ID The best plug Lab session Preparing RX62N as target system Download sample firmware with remote security stack Penetration testing Q&A 7

Embedded Security Basics 8

Knowing Your Opponents (1) Competitors Reverse engineering, vulnerability research, etc. Let s see what they got this time that we can mimic Counterfeiters Cloning Oh, they make it hard this time but we can still crack it Hackers Pure curiosity (raison d être of them) I ll run my homebrewed app on PS3. EULA? What is it? Fame, promotion and job opportunity He s very popular as iphone and PlayStation3 jailbreaker (Geohot vs. Sony, 2010) I could hack your server. Why don t you hire me as your CSO? (Marriott Hotel, Nov. 2011) 9

Knowing Your Opponents (2) Opponents in the real world They do ANYTHING for making a profit This is fake Samsung Galaxy SIII BTW, this Apple store is FAKE! 10

Attack Vectors (1) Communication Interface JTAG Widely available on popular MCUs Serial (RS-232C) Console hacking starts from here Ethernet Remote hacking from the other side of the Earth USB Stuxnet, PS3 jailbreak utilize USB dongle/memory stick I2C, SPI, SMBus, etc. 11

Attack Vectors (2) Physical penetration Opening enclosure Trace cut/jumper Add/remove/replace devices (i.e. MOD chips) Compromising device Break/dissolve device packaging Reconnect blown fuse with micro probe 12

Security Perimeter 13

Security Perimeter (1) What we protect and what we don t We can prevent this But we cannot prevent this Defining End-Point as security perimeter The target should not be cloned (Hardware/Software) The target eco system should be protected 14

Security Perimeter (2) End-point security Remote intrusion Altered meter Unauthorized charging Sophisticated theft Unauthorized access Remote intrusion Remote intrusion Denial-of-service 15

Security Perimeter (3) Target system definition RX63N RDK Represents network enabled device Application Console application with update feature Protection profile The application (RX63N side) Not to be altered Not to be extracted Update scheme (Server side) Unauthorized system is properly rejected False attempt is rejected and logged Adding secure MCU to RX63N RDK makes it easy 16

Board ID Proven Security Enhancement Board ID Tiny secure microcontroller (4.2mm x 4.2mm) Embedded secure element Credentials are stored in tamper proof memory section Hardware protection against known attacks Cryptographic coprocessor Fast RSA transaction with modular multiplication coprocessor Turn-key Solution Pre-loaded firmware for authentication specific application Outsourcing security measures Firmware update mandates Board ID on RX63N RDK Counterfeit target without Board ID is rejected 17

Lab Session 18

Lab Session Material RX63N RDK 32bit microprocessor demo kit Board ID Module Authentication specific module Authentication server Provides firmware update service ONLY AFTER proper authentication is done The Goal Utilize the Board ID module to perform secure firmware download to the RX63N demo kit from the Authentication Server Lab Procedure Follow the lab procedure (takes approximately 40 minutes) 19

Questions? 20

Enabling The Smart Society in Review The Smart Society is explicitly exposed to adversaries who intend to gain profit by breaching its security: Challenge: In the smart society, the inter-connectivity takes the key role while anyone can take advantage of it including cyber criminals. Devices in the smart society need to be smart enough to deny rogue intrusion attempts. Solution: The Secure MCU solution prevents end-point devices in the smart society from being compromised with secure authentication scheme Do you agree that we accomplished the above statement? 21

Please Provide Your Feedback Please utilize the Guidebook application to leave feedback or Ask me for the paper feedback form for you to use 22

Renesas Electronics America Inc.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback