Embedded security - how to implement the security process to the development of embedded systems – Blog Solwit

Embedded security – how to implement the security process to the development of embedded systems

SHARE

Written by: Piotr Strzałkowski, expert, Embedded Domain Expert

We’ve been involved in projects, where security plays a crucial role, for many years now. With cyberattacks on the rise, we all know that resilience against them is absolutely vital these days. And that also goes for embedded systems. In this article, I will cover everything you need to know on the implementation of the cyber security process to embedded systems, starting with the first steps, and explaining each stage in detail as we go along.

System analysis

There is one major question we should all ask ourselves: is implementing a cyber security process really worth the hassle? To learn the answer we need to carry out a security analysis of our soon-to-be-developed embedded system first.

Keep in mind that cyber security cannot be implemented in the final stage of development. This process heavily impacts the system architecture, hardware, and software, hence why it must be introduced in the first phase of system development. The subsequent stages and tasks are related to it and must be performed simultaneously to the “normal” HW (hardware) and SW (software) development work. It’s worth mentioning that there is no point in implementing the process only partially, for instance, implementing SW security, without the required HW protection would make no sense whatsoever. Metaphorically speaking, it would be like building a fortress with holes in the defence walls rather than fully-armed gates.

The analysis of threats and risks does not have to be complicated. It can be accomplished with the team while brainstorming. And while you’re at it, you should also think about the possible threats to which your system is exposed. Consider the probability of these taking place, too. Identify the potential consequences of hacking attacks for both the system and your organization.

To keep things easier, you can use a three-point scale to determine the level of impact as well as the probability of an attack.

When analysing the potential risks and threats, ask yourself a few questions:

  • What would be the financial consequences of a hacking attack on an embedded system for your company?
  • How would the professional image and branding of your organization be affected?
  • What would be the repercussions on the operation of the system and the infrastructure supporting it, after a hacking attack?
  • What would be the consequences for system users’ data?
  • Would the hacker attack affect a single system/device or the entire infrastructure of systems/devices?
  • To what extent does the normal operation of the device expose it to attacks and what are they?

To sum things up, the more high-probability risks we deal with, the more we can predict the consequences of them; and the bigger their impact on our system or organization is, the more we become absolutely certain that the cyber security process must be included when creating an embedded system.

Concept stage

If the initial analysis of threats and risks indicated the need for the cyber security process to be implemented, we would have to plan specific actions to be undertaken for the given project and the entire organization. This is because cyber security is not just about projects. Company employees should also be trained in cyber security.

Let’s go through the concept phase stages:

  • Functionality definition.
  • Setting out the plan of cyber security activities within the project timeline.
  • Analysis of threats and risks.
  • Concept of cyber security.
  • Identification of functional cyber security requirements.
  • Commencement of the cyber security assessment process.
  • Review of the cyber security concept phase.

More details on these stages will follow as we go along. Once everything is planned, it’s time to act – we move on to the development phase.

Development phase

At this stage, we focus on verifying the security on three levels: system, hardware, and software.

System security

Here you need to define threats and vulnerabilities at the system level. This is also the time to describe the interfaces, the way of exchanging and managing data between the software and hardware. The documents created at this stage will serve as a base for the next phases of the CS (cyber security) process, e.g., HW (hardware) and SW (software). At this stage, integration tests between software and hardware are conducted. Pen testing and vulnerability testing can also be performed if needed. In addition to these, it would also be good to perform verification and validation tests of cyber security functionalities here.

Hardware resistant to cyber attacks

So as before, first you need to define threats and vulnerabilities to hacker attacks at the hardware level. At this stage, the cyber security requirements for the hardware should be specified too. This is also the right time to perform an in-depth analysis of the IC’s vulnerability and hardware architecture. This step will allow you to detect potential threats and help to manage these, i.e. reducing their number. During this stage, you can also carry out tests of units and hardware integration, or to some extent, penetration and vulnerability tests.

Cyber secure software

As in the previous steps, start with defining threats and vulnerabilities at the software level. During this stage, the software’s cyber security requirements are specified, and at this point, an in-depth analysis of the software architecture and vulnerabilities should be carried out, such as the open-source code analysis. As you could probably guess, just like in previous steps, you need to run an analysis that enables the detection of potential threats in individual software modules and how to prevent them. In this stage, unit and software integration tests need to be completed, or to a certain extent, penetration and vulnerability tests, too.

Production, maintenance, and use

Now it’s time to focus on the description and management of activities correlated with cyber security at the stage of production of the embedded system, its servicing, and daily use.

‘The fun’ begins after the creation (development) of a system. That’s because our previously-made assumptions will now have to face the real threats and users’ problems out there. To minimize the drasticity of this confrontation, you may want to prepare some case scenarios in advance and have appropriate procedures in place.

Here’s what you need to take into account:

  • Production and service management process in terms of cyber security (keys, servers, crypto elements, replacement of key systems or device elements).
  • Software update process management during the service and everyday use (keys, servers).
  • The update process management after a reported vulnerability (detection, analysis, tests, development, patches).
  • Managing the process of cyclical vulnerability reviews.
  • Managing the process of storing the source code, test source code, as well as the development and testing infrastructures.
  • Managing the maintenance process and monitoring of systems in daily use.

There is one more important consideration, while not being the next step in the process of implementing cyber security into embedded systems, that should not be overlooked.

Support processes

This topic cannot be missed in the context of cooperation with subcontractors and the compliance with industry and company standards.

Supporting processes may be encountered at different stages of the cyber security process and should be carried out under set out tasks. These may be related to the standards that the product must meet or to selected company standards. In addition to this, these processes may describe how to work with HW and SW subcontractors.

By introducing standard and project-consistent guidelines, that describe how to verify the quality of the delivered code from the subcontractor, the repeatability of the process regardless of who performs it from within the team is guaranteed. It also contributes to boosting the efficiency of the task.

Check out some examples of requirement descriptions for support processes:

  • any changes that may affect cyber security are assessed and approved by a selected team of experts,
  • appropriate communication channels between the supplier and the customer are established and maintained is a requirement,
  • any cyber security issues that the supplier may find, must be reported to the customer at the right time,
  • appropriate code/documentation reviews are agreed upon at key stages of the project, taking into account customer access to the final product of a given stage,
  • the code produced by the subcontractor always goes through the set of required tests for a given part of the system.

So for now, we’ve covered the respective stages of the cyber security implementation process to design embedded systems. Stay tuned as next time I will be sharing more useful insights on the conceptual phase, to help you stay fully prepared to protect your firmware against hacker attacks.

 
No time to learn since your system needs the protection here and now? Our experts in cyber security for embedded systems have delivered many projects with great success. Maybe yours is the next one? Get in touch.

Latest blog posts