Live Demo: A New Hardware- Based Approach to Secure the Internet of Things

Similar documents
Connecting Securely to the Cloud

Designing Security & Trust into Connected Devices

Security and Performance Benefits of Virtualization

Designing Security & Trust into Connected Devices

Azure Sphere Transformation. Patrick Ward, Principal Solutions Specialist

The Next Steps in the Evolution of Embedded Processors

Smart Antennas and Hypervisor: Enabling Secure Convergence. July 5, 2017

Implementing debug. and trace access. through functional I/O. Alvin Yang Staff FAE. Arm Tech Symposia Arm Limited

Designing Security & Trust into Connected Devices

Software Development Using Full System Simulation with Freescale QorIQ Communications Processors

Projects on the Intel Single-chip Cloud Computer (SCC)

64-bit ARM Unikernels on ukvm

Intel Virtualization Technology Roadmap and VT-d Support in Xen

$263 WHITE PAPER. Flexible Key Provisioning with SRAM PUF. Securing Billions of IoT Devices Requires a New Key Provisioning Method that Scales

Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague

Multicore and MIPS: Creating the next generation of SoCs. Jim Whittaker EVP MIPS Business Unit

TRESCCA Trustworthy Embedded Systems for Secure Cloud Computing

A Big Little Hypervisor for IoT Development February 2018

Real Safe Times in the Jailhouse Hypervisor Unrestricted Siemens AG All rights reserved


System-on-Chip Architecture for Mobile Applications. Sabyasachi Dey

Securing IoT with the ARM mbed ecosystem

Virtually Impossible

mbed OS Update Sam Grove Technical Lead, mbed OS June 2017 ARM 2017

Using a Separation Kernel to Protect against the Remote Exploitation of Unaltered Passenger Vehicles

New Approaches to Connected Device Security

ARM TrustZone for ARMv8-M for software engineers

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)

Home Gateway: the next battle ground. Majid Bemanian Security & Networking Marketing

Zatara Series ARM ASSP High-Performance 32-bit Solution for Secure Transactions

Lecture 3 MOBILE PLATFORM SECURITY

ACRN: A Big Little Hypervisor for IoT Development

Fundamentals of HW-based Security

Scalable Architectural Support for Trusted Software

SR-IOV support in Xen. Yaozu (Eddie) Dong Yunhong Jiang Kun (Kevin) Tian

ARM Security Solutions and Numonyx Authenticated Flash

Virtualizaton: One Size Does Not Fit All. Nedeljko Miljevic Product Manager, Automotive Solutions MontaVista Software

DEMOKEY-FLEX-256-E. Demonstrator Application Usage Guide. Version 1.0 Date August 10, 2017 Status Approved Reference IID-DKFLEX-256-E-DAUG

Trustzone Security IP for IoT

How to protect Automotive systems with ARM Security Architecture

Secure Containers with EPT Isolation

I/O virtualization. Jiang, Yunhong Yang, Xiaowei Software and Service Group 2009 虚拟化技术全国高校师资研讨班

Embedded Systems: Architecture

Microsoft Azure Sphere Overview Martin Grossen, Line Manager Microsoft Embedded / IoT Europe 5. June 2018

Oberon M2M IoT Platform. JAN 2016


Bluespec s RISC-V Factory

Fast and Vulnerable A Story of Telematic Failures

The Future of Security is in Open Silicon Linux Security Summit 2018

Beyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop


Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

Linux in the connected car platform

Designing, developing, debugging ARM Cortex-A and Cortex-M heterogeneous multi-processor systems

IoT It s All About Security

The Remote Exploitation of Unaltered Passenger Vehicles Revisited. 20 th October 2016 Mark Pitchford, Technical Manager, EMEA

Provisioning secure Identity for Microcontroller based IoT Devices

EDGE COMPUTING & IOT MAKING IT SECURE AND MANAGEABLE FRANCK ROUX MARKETING MANAGER, NXP JUNE PUBLIC

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

Operating System Security

Security of Embedded Hardware Systems Insight into Attacks and Protection of IoT Devices

Offense & Defense in IoT World. Samuel Lv Keen Security Lab, Tencent

Building secure devices on the intelligent edge with Azure Sphere. Paul Foster, Microsoft Dr Hassan Harb, E.On

Creating the Complete Trusted Computing Ecosystem:

IBG Protection for Anti-Fuse OTP Memory Security Breaches

Tailoring TrustZone as SMM Equivalent

HOW TO INTEGRATE NFC CONTROLLERS IN LINUX

Wind River. All Rights Reserved.

Programmed I/O accesses: a threat to Virtual Machine Monitors?

ARM Trusted Firmware ARM UEFI SCT update

SECURITY OF CPS: SECURE EMBEDDED SYSTEMS AS A BASIS

SmartNICs: Giving Rise To Smarter Offload at The Edge and In The Data Center

Security for Secure IoT: Advanced Architectures for IoT Gateways. Simon Forrest Director of Segment Marketing, Consumer Electronics

Xen Project Status Ian Pratt 12/3/07 1

Overview of Microcontroller and Embedded Systems

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

Lesson 6 Intel Galileo and Edison Prototype Development Platforms. Chapter-8 L06: "Internet of Things ", Raj Kamal, Publs.: McGraw-Hill Education

What s In Your e-wallet? Using ARM IP to Enable Security in Mobile Phones. Richard Phelan Media Processing Division TrustZone Security Technology

Resilient IoT Security: The end of flat security models

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names

An Incubator Project in the Apache Software Foundation. 13 July 2016

INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD

W11 Hyper-V security. Jesper Krogh.

How Safe is Anti-Fuse Memory? IBG Protection for Anti-Fuse OTP Memory Security Breaches

Trusted Platform Modules Automotive applications and differentiation from HSM

The S6000 Family of Processors

Designing with NXP i.mx8m SoC

The Use Of Virtual Platforms In MP-SoC Design. Eshel Haritan, VP Engineering CoWare Inc. MPSoC 2006

Using a Certified Hypervisor to Secure V2X communication

100M Gate Designs in FPGAs

The Price of Safety: Evaluating IOMMU Performance

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Support for Smart NICs. Ian Pratt

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas

RMRR EXCLUSION. Technical Whitepaper. Alex Williamson Myron Stowe Laura Novich

Virtualization. Dr. Yingwu Zhu

A Perspective on the Role of Open-Source IP In Government Electronic Systems

Windows 10 IoT Core Azure Connectivity and Security

Transcription:

SESSION ID: CCS-W04 Live Demo: A New Hardware- Based Approach to Secure the Internet of Things Cesare Garlati Chief Security Strategist prpl Foundation @CesareGarlati

Securing the Internet of (broken) Things CHARLIE & CHRIS Reverse engineer proprietary software to expose vulnerabilities [Uconnect 8.4AN/RA4] 1.4M FIAT CHRYSLER RECALLS 1.4 MILLION VEHICLES AUGUST 2015 HOSPIRA DRUG PUMP Exploit weak implementations of network protocols [D-BUS service port 6667] FDA STRONGLY ENCOURAGE TO DISCONTINUE USE OF THESE PUMPS - MAY 2015 Modify firmware and reflash image to execute arbitrary code [TI OMAP-DM3730] BOEING 737/800 FBI Laterally move from the compromised head unit to the target CAN system [CAN mcu Renesas v850] OPEN SOURCE INTEROPERABILITY ROOT OF TRUST VIRTUALIZATION 2

A New Hardware-based Approach Micro Hypervisor HW Virtualization Secure Inter-VM Communications PUF Physically Unclonable Funcs Root of Trust Secure Boot Secure JTAG In-circuit Debug Multidomain security framework across hardware and software components 3

What is SoC Hardware Virtualization? Virtualized SoC Example IoT controller 32-bit CORE CPU (shadow registers) Memory (MMU + RPU) System Bus Interconnect (Fabric + Guest ID lines)) I/O (I/O MMU) DMA Micro kernel / hypervisor / root monitor Two independent contexts physically isolated: Guest (OS) abstracts apps <> hardware Root (hypervisor) abstracts OS <> hardware 4

What is SoC Hardware Virtualization? Controlling access to memory and MMIO Guest virtual addresses VA are typically mapped to PA in a twostep process through one of the following methods: 1. Guest Fixed Mapping Table (FMT) and Root RPU 2. Guest TLB and Root RPU 3. Guest TLB and Root TLB The RPU technique provides guest-specific protection: readinhibit (RI), write (D), execute inhibit (XI), and miss The RPU only supplies these page-level protection bits and does not provide address re-mapping. In contrast, the Root TLB supplies both address re-mapping and page-level protection bits 5

What is SoC Hardware Virtualization? RPU Guarding Guest Address Space Access from any code segment to all other segments is guarded through a page-based memory protection scheme RPU setting determines whether one guest can access the address space of another RPU used for this purpose is programmed during the secure boot sequence The hypervisor is the only entity that can program the RPU, thus the RPU remains secure throughout runtime Guest-to-guest and guest-to-root calls are possible where permitted by RPU policy configuration One guest s code can jump to another guest s code for a function call only if the RPU allows it Otherwise, a guest can call root software to obtain permission to access another region in real time 6

What is SoC Hardware Virtualization? Hypervisor-Managed MMU / IOMMU / RAM The IOMMU guards I/O access to DRAM/cache/MMIO. Typical bus fabrics provide configurable firewalls. SoC resources outside the core must be able to distinguish accesses by different guests and root or to emulate I/O device access: Static guests have predefined access to a set of devices that is fixed at boot (pass-through) Root only hypervisor has direct access to IO. Guests obtain access via hypercalls Dynamic - similar to static. Guests access is grant on demand. This method is considered a fully-virtualized model. I/O MMU (firewall + address translation): legacy devices programmed with physical addresses DMA access on demand such as for PCIe 7

What is PUF - Physical Unclonable Functions? Physical Unclonable Functions A way to extract a unique repeatable identifier from every individual piece of silicon die / chip fingerprint The uniqueness of the ID depends on random physical factors introduced during the manufacturing process These factors are unpredictable and uncontrollable which makes it impossible to duplicate or clone the ID When a physical stimulus (challenge) is applied the device reacts in an unpredictable (but repeatable) way (response) A fuzzy extractor or algorithm extract a unique strong cryptographic key from the physical microstructure. The same unique key is reconstructed every time the PUF is evaluated. No secret is ever stored in non volatile memory 8

What is PUF - Physical Unclonable Functions? Static random-access memory PUF The initial state of an SRAM cell is a function of the process variation due to the silicon manufacturing process Each memory cell has a preference to start-up as either zero or one due to tiny mismatch in the cross-coupled inverters It is impossible to predict what cell has what preferred startup state and some will always change noise Keys derived from SRAM PUF are not stored on the chip but extracted from the chip and only when needed Once the initial state is read the SRAM can be used normally by the system This is a pure software approach that doesn t require modification to the manufacturing process The residual noise (approx 8%) can be used in true random generators or to add entropy to pseudo random generators 9

IoT Multitenant Use Case (Linux) Provider #1 Base services LTE/DSL/Wi-Fi Provider #1 Commercial Wi-Fi public hotspot Available to next provider Provider #2 Utility company emeter / IoT Provider #3 pay per view video streaming 1 1? 2 3 10

IoT Multitenant Use Case (Linux) ISOLATED GUEST ISOLATED GUEST ISOLATED GUEST WAN Multidomain Security Home Network Commercial Hotspot Linux Kernel 3.x Linux Kernel 4.x secure inter-vm communications API micro hypervisor Heterogeneous Hardware SoC AVAILABLE [Hot Plugin] New multitenant use cases not just trusted/not-trusted islands Strong security model perfectly fits new multicore scenarios Hypervisor based does not require rich OS modifications Open source framework and APIs no royalties / control Reference framework open to ecosystem development 11

Live Demo

Live Demo Application Concept ISOLATED GUEST #1 ISOLATED GUEST #2 ISOLATED GUEST #3 TCP/IP Stack Ethernet / SPI Key Management PUF API secure inter-vm communications API micro hypervisor Real time I/O USB / UART Ethernet USB / UART 13

Live Demo Building the firmware 1 Clone GitHub repo 2 Make firmware 3 Flash firmware ~$: git clone https://github.com/prplfoundation/prpl-hypervisor ~$: cd prpl-hypervisor ~/prplhypervisor$: git checkout demo-july-2016 14

Live Demo Building the firmware 1 Clone GitHub repo 2 Make firmware 3 Flash firmware ~$: git clone https://github.com/prplfoundation/prpl-hypervisor ~$: cd prpl-hypervisor ~/prplhypervisor$: git checkout demo-july-2016 ~/prplhypervisor$: make 15

Live Demo Building the firmware 1 Clone GitHub repo 2 Make firmware 3 Flash firmware ~$: git clone https://github.com/prplfoundation/prpl-hypervisor ~$: cd prpl-hypervisor ~/prplhypervisor$: git checkout demo-july-2016 ~/prplhypervisor$: make ~/prplhypervisor$: make load 16

Live Demo Running the demo 1 Ping 192.168.0.2 2 Telnet 192.168.0.2 3 Send commands 17

Live Demo Running the demo 1 Ping 192.168.0.2 2 Telnet 192.168.0.2 3 Send commands 18

Live Demo Running the demo 1 Ping 192.168.0.2 2 Telnet 192.168.0.2 3 Send commands 19

Live Demo - End

Takeaways IoT is already here but its security is fundamentally broken - and could soon result in human fatalities IoT security challenges include proprietary software, connectivity, firmware updates, lack of separation A new hardware security approach: open source APIs, interoperable protocols, virtualization, PUF, secure boot 1 2 3 Security, more than anything else, will drive the next wave of IoT adoption IoT security requires a multilayer approach that must include hardware-level security Hardware security technology will become mainstream only if based on cross-vendor open standards 21

Apply What You Have Learned Today Next week you should: Identify critical IoT devices within your organization In the first three months following this presentation you should: Assess the hardware security characteristics of these devices Define appropriate patching and pen-testing programs Within six months you should: Select IoT product and vendors compliant to multidomain security Participate to cross-industry associations to drive IoT security standards 22

Thanks! cesare@prplfoundation.org

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback