Monitoring transactions occurring during the boot sequence to protect connected vehicles.
A good example of the wider adoption and application of IoT devices is in automotive uses. It’s a growing market, with the worldwide number of IoT-connected devices projected to increase to 43 billion by 2023, an almost threefold increase from 2018.
The modern vehicles that host so many IoT devices are increasingly connected—for cellular over-the-air updates, but also potentially to communicate with other vehicles and city infrastructure. The ever-growing volumes of electronic systems creates unprecedented systemic complexity. Even an average vehicle design will include over 150 electronic control units (ECUs), which control not just infotainment and communications, but powertrain, safety, and driving systems (figure 1). Supporting all these functions requires not just an increase in the volume and complexity of electronics, but a commiserate growth in software, driving the growth of the Software-Defined Vehicle (SDV) and turning the modern vehicle into a IoT device on wheels.
Fig. 1: Components of a security by design solution.
The need for security in these devices is now critical to their success and a required part of the overall IoT infrastructure. The IoT Security Foundation provides a well-defined and established assurance framework, which gives guidance on requirements for IoT security based on the end application and the overall objective of adding security. They define requirements for four assurance classes, as outlined in table 1.
Table 1: Cyber Security Assurance objectives. (IoT Security Foundation – https://www.iotsecurityfoundation.org/)
With the security objectives in mind, chip makers must then take the rather large step of implementing them.
At Siemens EDA, we have been exploring the application of Tessent Embedded Analytics for an overall hardware security strategy that includes many of the elements that are needed to address IoT security requirements across a broad spectrum of applications.
What security features can be addressed with Tessent Embedded Analytics?
Secure boot is the first critical step in ensuring that an IoT device comes online, even before any form of authentication takes place. Figure 2 shows a typical architecture for a simple IoT device, comprised of a processor, some memory, and some peripherals.
Fig. 2: Regular IoT device architecture.
During the system boot process, the device will load and execute a small piece of boot loader code from the ROM, before the device is ready to authenticate and run any application software. It is here during the boot sequence that a hack to bypass or interfere with authentication process takes place. If we take the same system, here shown in figure 3, we can see several embedded analytics monitors used to monitor the transactions occurring during the boot sequence and indicate a pass/fail to the boot sequence based on the transactions monitored.
Figure 3: Regular IoT device architecture including Embedded Analytics (EA) monitors.
Using embedded analytics technology to actively monitor an IoT device boot sequence will enable a trusted boot sequence to be identified and the system to subsequently be unlocked. Because the monitoring is done in hardware, it ensures that both the hardware and software elements of the IoT device are correct. Also, the monitors can be placed at any number of locations around the system, to make sure the locking mechanism is well distributed.
Leave a Reply