尊敬的 微信汇率:1円 ≈ 0.046239 元 支付宝汇率:1円 ≈ 0.04633元 [退出登录]
SlideShare a Scribd company logo

Embedded Systems Security

Malachi Jones
Malachi Jones

This document discusses embedded systems security and how it can be improved. It is difficult to design secure embedded systems because economic incentives often reward producing insecure products, and adding security after development is challenging. However, security can be improved by designing it in from the start using principles like minimal implementation, component architecture, and independent validation. The document provides an overview of embedded systems, operating systems, networked devices, and motivates the importance of security.

1 of 31
Download to read offline
Embedded Systems Security: (Why its difficult and what we can do about it) Malachi Jones, PhD Software Engineer
About me (Cyber-security Background) 2 • Intel Corporation (Summer 2011) – Software security internship – Designed/implemented an authentication method for mobile embedded devices • Georgia Tech (2007-2013) – Security research collaboration between Georgia Tech (GT) and University of California Santa Barbara (UCSB) – PhD thesis: “Asymmetric Information Games and Cyber Security” Giovanni Vigna, PhD Security Researcher Joao Hespana, PhD Game Theorist Jeff Shamma, PhD Game Theorist Georgios Kotsalis, PhD Game Theorist Malachi Jones, PhD Security Researcher
Outline 5 • Motivation • Cyber Security Overview • Embedded Systems Security – Networked Systems – Embedded Systems OS • Principles for Designing Secure Software – Minimal Implementation – Component Architecture – Independent Expert Validation • Conclusion • Additional Resources
Motivation 6 • Why should embedded security be important to YOU (and your loved ones)? Critical Infrastructure (Nuclear Power Plant) Life Critical Systems (Pace Maker) Transportation Systems (Flight Control) Financial Infrastructure (Banking & Investing) Information Systems (Patient MRI information) Consumer Products (Wireless Router)
Motivation 7 • What could possibly happen if your home router was attacked by a hacker? – Step 1: Hacker gains access to router settings – Step 2: Changes DNS settings on router – Step 3: Router now talks to hacker’s server to resolve name address – Step 4: www.yourbank.com now resolves to an IP address of the hacker’s server – Step 5: You think you are entering login information for your bank account, but you are handing it over to the hacker. – Step 6: pwn3d (Hacker speak for you’ve been owned) • True story (DNSChanger Trojan)
Main Takeaways 8 • Why is embedded security difficult? – Economic/Business incentive to produce bad security products: Oftentimes buyers (experts included) are unable to observe the difference in quality between a good security product and a lemon. – Increased software complexity: Linear growth in hardware/software content creates non-linear growth in overall system complexity. Complexity breeds flaws. – Security as an afterthought: Often financially and/or technically infeasible to retrofit security capabilities to an embedded system that was not originally designed for it
Main Takeaways 9 • How can we address these difficulties? – Balance the tradeoffs: Strike a balance between security, performance, cost, and schedule. – Control complexity: Aspire for a minimal implementation that provides the simplest solution to the problem with respect to tradeoffs (e.g. cost and schedule) mentioned above – Design in security from conception: Build in security from the start by following well-established security-design principles and techniques Theme of presentation
Cyber Security Overview 10 • Objectives of cyber security – Confidentiality: Prevention of unauthorized access to resources – Integrity: Prevention of modification or corruption of resources – Accessibility: Prevention of attacks that would keep a resource from being accessed or used according to its intended function
Cyber Security Overview 11 • Security topic areas include: Cryptography Penetration Testing Monitoring & Detection Social Engineering Cyber Situational Awareness Security System Design
Cyber Security Overview 12 • Cyber security principles – Without physical security, there is no security: If the physical system is compromised, so are the other components of the system that interact directly or indirectly with the physical system – Once “root”, always “root”: Once a system has been compromised, a hacker can install “backdoors” to access the system with root privileges later – Defense in depth: Complete prevention is impossible. Multiple layers of prevention and monitoring are necessary to achieve the optimum degree of protection (for a given budget). – Kerckhoffs’s Principle: Assume the hacker knows the system. Corollary: Security by obscurity is not secure. – Weakest Link Principle: Weakest link in the system is the most likely part of the system to be first attacked because it is the easiest
Cyber Security Overview 13 • What are some of the primary culprits for the abundant security vulnerabilities found in most mainstream products? Poor Implementation Flawed Design
Cyber Security Overview 14 • Why can it be rational to produce bad security products? • Market for Lemons – Paper written by the economist George Akerlof in the 1970s to discuss information asymmetry. – Information asymmetry: One party has better information than another party – Main Idea: When buyers don't have as much information about the quality of the products as sellers do, there will be severe downward pressure on both the price and quality of product
Cyber Security Overview 15 • Market for cyber security “lemons” – Buyers (security experts included) are often unable to distinguish a “good” security product from a “bad” security product – Difficult to evaluate a product’s claims when the source code and design architecture are proprietary and kept private. – Costs significant amount of money for an independent third party to evaluate and test the product claims. Testing is also slow. – Bottom line: Can be rational for companies to produce mediocre security products because users and experts are likely to make their purchasing decision on parameters (i.e. price) they can observe. – Rare Exception: Secustick was exposed by Tweakers.net for not encrypting data on USB drives when they claimed to have done so.
Embedded Security: Embedded Systems 16 • Definition: An embedded system is an electronic product that contains a microprocessor (one or more) and software to perform some constituent function within a larger entity • Key Point: Embedded systems may be constrained by cost, memory, energy, mass, and volume • Examples • What do all these embedded devices have in common? Smart Meter Raspberry Pi Smart Phone Router
Embedded Security: Networked Systems 17 • What are the advantages of networked embedded systems? • Remote management – Monitor performance of devices deployed in the field – Enables installation of patches or other software upgrades – Execute a plethora of management duties – Increases product lifetime, reliability, serviceability, and customer satisfaction while reducing maintenance cost and total cost of ownership • Example of remote management: Mars Pathfinder Mission
Embedded Security: Remote Management 18 • Mars Pathfinder Mission (1997) – Malfunction was diagnosed down to a software defect during mission – Priority inversion issue between communication tasks (medium priority), meteorological tasks (low priority), and information bus thread (high priority) – Patch to remedy defect by implementing priority inheritance was installed via radio link from Earth – Remote management saved the mission from disaster
Embedded Security: Remote Management 19 • Security implications of remote management – Remote device management is the answer to the hacker’s wildest dreams – The embedded system is imbued not only with internet access, but also a means to remotely modify and patch software • What could go wrong? – Critical and widespread vulnerability in VxWorks OS discovered in 2010 – A debug communication port that provided remote diagnostics was used to commandeer the system – Using the debug interface, a remote attacker could read or write to any memory location: – Hacker could install malware and even replace the OS itself – Key Point: Even if your software is perfect, you still have to take into account the security of the third-party OS
Embedded Security: Operating Systems 20 • Why is the operating system important to security? – Recall: Even with perfect software, the OS can allow the system to be vulnerable to a cyber attack – Operating system (OS) controls the resources of the embedded system (e.g. memory and CPU) – The OS has the power to prevent unauthorized use of resources
Embedded Security: Operating Systems 21 • Design decisions emphasize performance over security because more profitable (Market for Lemons) • Monolithic kernel: Popular OS design – User applications able to access most services (TCP/IP, files, and I/O devices) with a simple system call into kernel – Services typically reside within a single process • Microkernel: Secure OS design – Implements services in separate processes – Requires inter-process communication (added overhead) – Extra context switching
Embedded Security: Operating Systems 22 Traditional Kernel (Monolithic) Microkernel (Implemented in MILS)
Embedded Security: Operating Systems 23 • Good News: A few OS technologies have taken a new approach to embedded security that is based on a design concept originally developed in the 1980’s. • Design concept: Multiple Independent Levels of Security (MILS) • Foundation of MILS-based embedded system is a special type of microkernel called the separation kernel.
Embedded Security: Operating Systems 24 • Separation Kernel: A small microkernel that implements a limited set of critical functional security polices that include data isolation, damage limitation, and information flow – Data Isolation: Data within partitioned applications cannot be read or modified by other applications – Damage limitation: If a bug or attack damages a partitioned application, this damage cannot spread to other application – Information flow: Information cannot flow between partitioned applications unless explicitly permitted by the system security policy
Designing secure embedded systems 25 • Why not bolt on security after the fact? • Key Concept: Often financially and/or technically infeasible to retrofit security capability to a system that was not originally designed for it • Think about the difficulty of retrofitting these systems: • These systems can have a lifespan of 10+ years • Moore's Law doesn’t apply!! (Very difficult to add/upgrade hardware) Pace Maker Smart Meter Nuclear reactor controller
Designing secure embedded systems 26 • Software assurance: Refers to the level of confidence that software end user and other stakeholders have that security policies and functions claimed by software are actually fulfilled • Key Point: Simply meeting functional requirements does not achieve the assurance required for security-critical embedded systems • Principles of High Assurance Software Engineering [2] – Minimal Implementation – Component Architecture – Independent expert validation – Least privilege – Secure development process
Designing secure embedded systems: Minimal Implementation 27 • Minimal Implementation – Linear growth in hardware/software content creates non-linear growth in overall complexity of the system – Complexity increases nonlinearly because of the exponential increase in interactions between functions and components – Complexity breeds flaws, and those flaws can be exploited to breach the system’s security – Ideally: Implement the simplest system needed to solve the problem. – Design Concept: Find a balance between schedule, performance, design, and cost that doesn’t compromise the required security of the system
Designing secure embedded systems: Component Architecture 28 • Component Architecture – Difficult/infeasible for a single engineer to understand every single line of code of a large monolithic system – Design Concept: Compose large software systems from small components. Each component should be easily maintained by a single engineer who understands every single line of code – Design Concept: Safety and/or security enforcing functionality should be placed into separate components that allow critical operations to be protected from compromise by noncritical portions of the system
Designing secure embedded systems: Component Architecture 29 • Component Architecture – Modern OS provides memory protected processes – Design Concept: Designers should strive for a one-to-one ratio between threads and processes – Security/Performance Tradeoff: Threads are lighter weight than processes, but processes can provide memory protection
Designing secure systems: Independent Expert Validation 30 • Independent Expert Validation – Security claims are a dime-a-dozen (e.g. Secustick) – Design Concept: Evidence of a secure system must be evaluated by independent experts – Anyone can produce a security design that is so clever, they can’t defeat it – Very difficult to produce a design that is so secure, others can’t defeat it – Independent experts provide another set of eyes that can spot security vulnerabilities that the designers can’t see
Conclusion 31 “The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable” —The Art of War, Sun Tzu
Additional Resources 32 1. M. Jones, G. Kotsalis, and J. Shamma, “Cyber-attack forecast modeling and complexity reduction using a game-theoretic framework,” in Control of Cyber- Physical Systems (D. C. Tarraf, ed.), vol. 449 of Lecture Notes in Control and Information Sciences, pp. 65–84, Springer International Publishing, 2013. 2. Kleidermacher, D. & Kleidermacher, M. (2012). Embedded Systems Security: Practical Methods for Safe and Secure Software and Systems Development. 3. Ferguson, Niels, Schneier, Bruce & Kohno, Tadayoshi (2010). Cryptography Engineering: Design Principles and Practical Applications. Wiley Publishing 4. Gebotys, C.H. (2009). Security in Embedded Devices. Springer 5. Anderson, R., "Why information security is hard - an economic perspective," Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual , vol., no., pp.358,365, 10-14 Dec. 2001
Questions? 33

Recommended

Security in Embedded systems
Security in Embedded systems Security in Embedded systems
Security in Embedded systems
Naveen Jakhar, I.T.S
 
Secure Embedded Systems
Secure Embedded SystemsSecure Embedded Systems
Secure Embedded Systems
Informatik-Forum Stuttgart e.V.
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System Security
Adel Barkam
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
Motorola Solutions
 
Sguil
SguilSguil
Sguil
Michael Boman
 
Web application vulnerabilities
Web application vulnerabilitiesWeb application vulnerabilities
Web application vulnerabilities
ebusinessmantra
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
Filip Maertens
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in Cybersecurity
Teri Radichel
 

Recommended

Security in Embedded systems
Security in Embedded systems Security in Embedded systems
Security in Embedded systems
Naveen Jakhar, I.T.S
 
Secure Embedded Systems
Secure Embedded SystemsSecure Embedded Systems
Secure Embedded Systems
Informatik-Forum Stuttgart e.V.
 
introduction to Embedded System Security
introduction to Embedded System Securityintroduction to Embedded System Security
introduction to Embedded System Security
Adel Barkam
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
Motorola Solutions
 
Sguil
SguilSguil
Sguil
Michael Boman
 
Web application vulnerabilities
Web application vulnerabilitiesWeb application vulnerabilities
Web application vulnerabilities
ebusinessmantra
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
Filip Maertens
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in Cybersecurity
Teri Radichel
 
Cyber security
Cyber securityCyber security
Cyber security
Krishanu Ghosh
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
Akshay Kurhade
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
Prashant Chopra
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
Raghav Bisht
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
Piyush Jain
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations Center
Siemplify
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
Joe McCarthy
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
Yvonne Marambanyika
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Database Security Management
Database Security Management Database Security Management
Database Security Management
Ahsin Yousaf
 
The need for security
The need for securityThe need for security
The need for security
Dhani Ahmad
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
ONE BCG
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
Jim Gilsinn
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 
Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1
Mohamed Loey
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
lfh663
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 
Robot supervisor
Robot supervisorRobot supervisor
Robot supervisor
Malak Talbi
 
Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment Industry
Narudom Roongsiriwong, CISSP
 

More Related Content

What's hot

Cyber security
Cyber securityCyber security
Cyber security
Krishanu Ghosh
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
Akshay Kurhade
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
Prashant Chopra
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
Raghav Bisht
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
Piyush Jain
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Edureka!
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations Center
Siemplify
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
Joe McCarthy
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
Yvonne Marambanyika
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Database Security Management
Database Security Management Database Security Management
Database Security Management
Ahsin Yousaf
 
The need for security
The need for securityThe need for security
The need for security
Dhani Ahmad
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
ONE BCG
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
Jim Gilsinn
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
ANIKETKUMARSHARMA3
 
Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1
Mohamed Loey
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
lfh663
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Edureka!
 

What's hot (20)

Cyber security
Cyber securityCyber security
Cyber security
 
Vapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) servicesVapt( vulnerabilty and penetration testing ) services
Vapt( vulnerabilty and penetration testing ) services
 
Malware Classification and Analysis
Malware Classification and AnalysisMalware Classification and Analysis
Malware Classification and Analysis
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations Center
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Database Security Management
Database Security Management Database Security Management
Database Security Management
 
The need for security
The need for securityThe need for security
The need for security
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1Computer Security - CCNA Security - Lecture 1
Computer Security - CCNA Security - Lecture 1
 
A Career in Cybersecurity
A Career in CybersecurityA Career in Cybersecurity
A Career in Cybersecurity
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 

Viewers also liked

Robot supervisor
Robot supervisorRobot supervisor
Robot supervisor
Malak Talbi
 
Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment Industry
Narudom Roongsiriwong, CISSP
 
121115 Présentation Arduino Cocoaheads
121115 Présentation Arduino Cocoaheads121115 Présentation Arduino Cocoaheads
121115 Présentation Arduino Cocoaheads
cgodefroy
 
Embedded based home security system
Embedded based home security systemEmbedded based home security system
Embedded based home security system
NIT srinagar
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
Işınsu Akçetin
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systems
Raghav S
 
Présentation des IoT
Présentation des IoTPrésentation des IoT
Présentation des IoT
Lakhdar Meftah
 
Les systèmes embarqués arduino
Les systèmes embarqués arduinoLes systèmes embarqués arduino
Les systèmes embarqués arduino
CHERIET Mohammed El Amine
 

Viewers also liked (8)

Robot supervisor
Robot supervisorRobot supervisor
Robot supervisor
 
Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment Industry
 
121115 Présentation Arduino Cocoaheads
121115 Présentation Arduino Cocoaheads121115 Présentation Arduino Cocoaheads
121115 Présentation Arduino Cocoaheads
 
Embedded based home security system
Embedded based home security systemEmbedded based home security system
Embedded based home security system
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systems
 
Présentation des IoT
Présentation des IoTPrésentation des IoT
Présentation des IoT
 
Les systèmes embarqués arduino
Les systèmes embarqués arduinoLes systèmes embarqués arduino
Les systèmes embarqués arduino
 

Similar to Embedded Systems Security

Cyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed ActionsCyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed Actions
John Gilligan
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
Priyanka Aash
 
Lesson 4
Lesson 4Lesson 4
Lesson 4
MLG College of Learning, Inc
 
Information Assurance And Security - Chapter 2 - Lesson 4
Information Assurance And Security - Chapter 2 - Lesson 4Information Assurance And Security - Chapter 2 - Lesson 4
Information Assurance And Security - Chapter 2 - Lesson 4
MLG College of Learning, Inc
 
ITT408_Unit#1_InformationSecurity_Fundamentals_STUDENTS.pptx
ITT408_Unit#1_InformationSecurity_Fundamentals_STUDENTS.pptxITT408_Unit#1_InformationSecurity_Fundamentals_STUDENTS.pptx
ITT408_Unit#1_InformationSecurity_Fundamentals_STUDENTS.pptx
srizvi9
 
01Introduction to Information Security.ppt
01Introduction to Information Security.ppt01Introduction to Information Security.ppt
01Introduction to Information Security.ppt
it160320737038
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
Kumawat Dharmpal
 
Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology Stakeholders
John Gilligan
 
Understanding Technology Stakeholders: Their Progress and Challenges
Understanding Technology Stakeholders: Their Progress and ChallengesUnderstanding Technology Stakeholders: Their Progress and Challenges
Understanding Technology Stakeholders: Their Progress and Challenges
John Gilligan
 
IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
Industrial Internet Consortium
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
team-WIBU
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
WSO2
 
security onion
security onionsecurity onion
security onion
Boni Yeamin
 
CISSP Domain 03 Security Architecture and Engineering.pptx
CISSP Domain 03 Security Architecture and Engineering.pptxCISSP Domain 03 Security Architecture and Engineering.pptx
CISSP Domain 03 Security Architecture and Engineering.pptx
gealehegn
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
Ahmad Haghighi
 
19-f15-mobile-security.pptx
19-f15-mobile-security.pptx19-f15-mobile-security.pptx
19-f15-mobile-security.pptx
Jhansigali
 
III SEM MCA-Module 4 -Ch2.pdf- Securing IoT
III SEM MCA-Module 4 -Ch2.pdf- Securing IoTIII SEM MCA-Module 4 -Ch2.pdf- Securing IoT
III SEM MCA-Module 4 -Ch2.pdf- Securing IoT
RAJESHWARI M
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best Practices
John Gilligan
 
Lessson 1
Lessson 1Lessson 1
Lessson 1
MLG College of Learning, Inc
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
Kenny Huang Ph.D.
 

Similar to Embedded Systems Security (20)

Cyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed ActionsCyber Security: Threats and Needed Actions
Cyber Security: Threats and Needed Actions
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
 
Lesson 4
Lesson 4Lesson 4
Lesson 4
 
Information Assurance And Security - Chapter 2 - Lesson 4
Information Assurance And Security - Chapter 2 - Lesson 4Information Assurance And Security - Chapter 2 - Lesson 4
Information Assurance And Security - Chapter 2 - Lesson 4
 
ITT408_Unit#1_InformationSecurity_Fundamentals_STUDENTS.pptx
ITT408_Unit#1_InformationSecurity_Fundamentals_STUDENTS.pptxITT408_Unit#1_InformationSecurity_Fundamentals_STUDENTS.pptx
ITT408_Unit#1_InformationSecurity_Fundamentals_STUDENTS.pptx
 
01Introduction to Information Security.ppt
01Introduction to Information Security.ppt01Introduction to Information Security.ppt
01Introduction to Information Security.ppt
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Understanding Technology Stakeholders
Understanding Technology StakeholdersUnderstanding Technology Stakeholders
Understanding Technology Stakeholders
 
Understanding Technology Stakeholders: Their Progress and Challenges
Understanding Technology Stakeholders: Their Progress and ChallengesUnderstanding Technology Stakeholders: Their Progress and Challenges
Understanding Technology Stakeholders: Their Progress and Challenges
 
IIoT Endpoint Security
IIoT Endpoint Security IIoT Endpoint Security
IIoT Endpoint Security
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
security onion
security onionsecurity onion
security onion
 
CISSP Domain 03 Security Architecture and Engineering.pptx
CISSP Domain 03 Security Architecture and Engineering.pptxCISSP Domain 03 Security Architecture and Engineering.pptx
CISSP Domain 03 Security Architecture and Engineering.pptx
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
19-f15-mobile-security.pptx
19-f15-mobile-security.pptx19-f15-mobile-security.pptx
19-f15-mobile-security.pptx
 
III SEM MCA-Module 4 -Ch2.pdf- Securing IoT
III SEM MCA-Module 4 -Ch2.pdf- Securing IoTIII SEM MCA-Module 4 -Ch2.pdf- Securing IoT
III SEM MCA-Module 4 -Ch2.pdf- Securing IoT
 
Cybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best PracticesCybersecurity: Challenges, Initiatives, and Best Practices
Cybersecurity: Challenges, Initiatives, and Best Practices
 
Lessson 1
Lessson 1Lessson 1
Lessson 1
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 

More from Malachi Jones

Automating Reverse Engineering: Function Classification and Matching
Automating Reverse Engineering: Function Classification and MatchingAutomating Reverse Engineering: Function Classification and Matching
Automating Reverse Engineering: Function Classification and Matching
Malachi Jones
 
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Malachi Jones
 
Embedded device hacking Session i
Embedded device hacking Session iEmbedded device hacking Session i
Embedded device hacking Session i
Malachi Jones
 
SmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationSmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_Exploitation
Malachi Jones
 
Automating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device FirmwareAutomating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device Firmware
Malachi Jones
 
Offensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with PythonOffensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with Python
Malachi Jones
 
Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015
Malachi Jones
 

More from Malachi Jones (7)

Automating Reverse Engineering: Function Classification and Matching
Automating Reverse Engineering: Function Classification and MatchingAutomating Reverse Engineering: Function Classification and Matching
Automating Reverse Engineering: Function Classification and Matching
 
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
 
Embedded device hacking Session i
Embedded device hacking Session iEmbedded device hacking Session i
Embedded device hacking Session i
 
SmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationSmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_Exploitation
 
Automating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device FirmwareAutomating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device Firmware
 
Offensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with PythonOffensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with Python
 
Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015
 

Embedded Systems Security

  • 1. Embedded Systems Security: (Why its difficult and what we can do about it) Malachi Jones, PhD Software Engineer
  • 2. About me (Cyber-security Background) 2 • Intel Corporation (Summer 2011) – Software security internship – Designed/implemented an authentication method for mobile embedded devices • Georgia Tech (2007-2013) – Security research collaboration between Georgia Tech (GT) and University of California Santa Barbara (UCSB) – PhD thesis: “Asymmetric Information Games and Cyber Security” Giovanni Vigna, PhD Security Researcher Joao Hespana, PhD Game Theorist Jeff Shamma, PhD Game Theorist Georgios Kotsalis, PhD Game Theorist Malachi Jones, PhD Security Researcher
  • 3. Outline 5 • Motivation • Cyber Security Overview • Embedded Systems Security – Networked Systems – Embedded Systems OS • Principles for Designing Secure Software – Minimal Implementation – Component Architecture – Independent Expert Validation • Conclusion • Additional Resources
  • 4. Motivation 6 • Why should embedded security be important to YOU (and your loved ones)? Critical Infrastructure (Nuclear Power Plant) Life Critical Systems (Pace Maker) Transportation Systems (Flight Control) Financial Infrastructure (Banking & Investing) Information Systems (Patient MRI information) Consumer Products (Wireless Router)
  • 5. Motivation 7 • What could possibly happen if your home router was attacked by a hacker? – Step 1: Hacker gains access to router settings – Step 2: Changes DNS settings on router – Step 3: Router now talks to hacker’s server to resolve name address – Step 4: www.yourbank.com now resolves to an IP address of the hacker’s server – Step 5: You think you are entering login information for your bank account, but you are handing it over to the hacker. – Step 6: pwn3d (Hacker speak for you’ve been owned) • True story (DNSChanger Trojan)
  • 6. Main Takeaways 8 • Why is embedded security difficult? – Economic/Business incentive to produce bad security products: Oftentimes buyers (experts included) are unable to observe the difference in quality between a good security product and a lemon. – Increased software complexity: Linear growth in hardware/software content creates non-linear growth in overall system complexity. Complexity breeds flaws. – Security as an afterthought: Often financially and/or technically infeasible to retrofit security capabilities to an embedded system that was not originally designed for it
  • 7. Main Takeaways 9 • How can we address these difficulties? – Balance the tradeoffs: Strike a balance between security, performance, cost, and schedule. – Control complexity: Aspire for a minimal implementation that provides the simplest solution to the problem with respect to tradeoffs (e.g. cost and schedule) mentioned above – Design in security from conception: Build in security from the start by following well-established security-design principles and techniques Theme of presentation
  • 8. Cyber Security Overview 10 • Objectives of cyber security – Confidentiality: Prevention of unauthorized access to resources – Integrity: Prevention of modification or corruption of resources – Accessibility: Prevention of attacks that would keep a resource from being accessed or used according to its intended function
  • 9. Cyber Security Overview 11 • Security topic areas include: Cryptography Penetration Testing Monitoring & Detection Social Engineering Cyber Situational Awareness Security System Design
  • 10. Cyber Security Overview 12 • Cyber security principles – Without physical security, there is no security: If the physical system is compromised, so are the other components of the system that interact directly or indirectly with the physical system – Once “root”, always “root”: Once a system has been compromised, a hacker can install “backdoors” to access the system with root privileges later – Defense in depth: Complete prevention is impossible. Multiple layers of prevention and monitoring are necessary to achieve the optimum degree of protection (for a given budget). – Kerckhoffs’s Principle: Assume the hacker knows the system. Corollary: Security by obscurity is not secure. – Weakest Link Principle: Weakest link in the system is the most likely part of the system to be first attacked because it is the easiest
  • 11. Cyber Security Overview 13 • What are some of the primary culprits for the abundant security vulnerabilities found in most mainstream products? Poor Implementation Flawed Design
  • 12. Cyber Security Overview 14 • Why can it be rational to produce bad security products? • Market for Lemons – Paper written by the economist George Akerlof in the 1970s to discuss information asymmetry. – Information asymmetry: One party has better information than another party – Main Idea: When buyers don't have as much information about the quality of the products as sellers do, there will be severe downward pressure on both the price and quality of product
  • 13. Cyber Security Overview 15 • Market for cyber security “lemons” – Buyers (security experts included) are often unable to distinguish a “good” security product from a “bad” security product – Difficult to evaluate a product’s claims when the source code and design architecture are proprietary and kept private. – Costs significant amount of money for an independent third party to evaluate and test the product claims. Testing is also slow. – Bottom line: Can be rational for companies to produce mediocre security products because users and experts are likely to make their purchasing decision on parameters (i.e. price) they can observe. – Rare Exception: Secustick was exposed by Tweakers.net for not encrypting data on USB drives when they claimed to have done so.
  • 14. Embedded Security: Embedded Systems 16 • Definition: An embedded system is an electronic product that contains a microprocessor (one or more) and software to perform some constituent function within a larger entity • Key Point: Embedded systems may be constrained by cost, memory, energy, mass, and volume • Examples • What do all these embedded devices have in common? Smart Meter Raspberry Pi Smart Phone Router
  • 15. Embedded Security: Networked Systems 17 • What are the advantages of networked embedded systems? • Remote management – Monitor performance of devices deployed in the field – Enables installation of patches or other software upgrades – Execute a plethora of management duties – Increases product lifetime, reliability, serviceability, and customer satisfaction while reducing maintenance cost and total cost of ownership • Example of remote management: Mars Pathfinder Mission
  • 16. Embedded Security: Remote Management 18 • Mars Pathfinder Mission (1997) – Malfunction was diagnosed down to a software defect during mission – Priority inversion issue between communication tasks (medium priority), meteorological tasks (low priority), and information bus thread (high priority) – Patch to remedy defect by implementing priority inheritance was installed via radio link from Earth – Remote management saved the mission from disaster
  • 17. Embedded Security: Remote Management 19 • Security implications of remote management – Remote device management is the answer to the hacker’s wildest dreams – The embedded system is imbued not only with internet access, but also a means to remotely modify and patch software • What could go wrong? – Critical and widespread vulnerability in VxWorks OS discovered in 2010 – A debug communication port that provided remote diagnostics was used to commandeer the system – Using the debug interface, a remote attacker could read or write to any memory location: – Hacker could install malware and even replace the OS itself – Key Point: Even if your software is perfect, you still have to take into account the security of the third-party OS
  • 18. Embedded Security: Operating Systems 20 • Why is the operating system important to security? – Recall: Even with perfect software, the OS can allow the system to be vulnerable to a cyber attack – Operating system (OS) controls the resources of the embedded system (e.g. memory and CPU) – The OS has the power to prevent unauthorized use of resources
  • 19. Embedded Security: Operating Systems 21 • Design decisions emphasize performance over security because more profitable (Market for Lemons) • Monolithic kernel: Popular OS design – User applications able to access most services (TCP/IP, files, and I/O devices) with a simple system call into kernel – Services typically reside within a single process • Microkernel: Secure OS design – Implements services in separate processes – Requires inter-process communication (added overhead) – Extra context switching
  • 20. Embedded Security: Operating Systems 22 Traditional Kernel (Monolithic) Microkernel (Implemented in MILS)
  • 21. Embedded Security: Operating Systems 23 • Good News: A few OS technologies have taken a new approach to embedded security that is based on a design concept originally developed in the 1980’s. • Design concept: Multiple Independent Levels of Security (MILS) • Foundation of MILS-based embedded system is a special type of microkernel called the separation kernel.
  • 22. Embedded Security: Operating Systems 24 • Separation Kernel: A small microkernel that implements a limited set of critical functional security polices that include data isolation, damage limitation, and information flow – Data Isolation: Data within partitioned applications cannot be read or modified by other applications – Damage limitation: If a bug or attack damages a partitioned application, this damage cannot spread to other application – Information flow: Information cannot flow between partitioned applications unless explicitly permitted by the system security policy
  • 23. Designing secure embedded systems 25 • Why not bolt on security after the fact? • Key Concept: Often financially and/or technically infeasible to retrofit security capability to a system that was not originally designed for it • Think about the difficulty of retrofitting these systems: • These systems can have a lifespan of 10+ years • Moore's Law doesn’t apply!! (Very difficult to add/upgrade hardware) Pace Maker Smart Meter Nuclear reactor controller
  • 24. Designing secure embedded systems 26 • Software assurance: Refers to the level of confidence that software end user and other stakeholders have that security policies and functions claimed by software are actually fulfilled • Key Point: Simply meeting functional requirements does not achieve the assurance required for security-critical embedded systems • Principles of High Assurance Software Engineering [2] – Minimal Implementation – Component Architecture – Independent expert validation – Least privilege – Secure development process
  • 25. Designing secure embedded systems: Minimal Implementation 27 • Minimal Implementation – Linear growth in hardware/software content creates non-linear growth in overall complexity of the system – Complexity increases nonlinearly because of the exponential increase in interactions between functions and components – Complexity breeds flaws, and those flaws can be exploited to breach the system’s security – Ideally: Implement the simplest system needed to solve the problem. – Design Concept: Find a balance between schedule, performance, design, and cost that doesn’t compromise the required security of the system
  • 26. Designing secure embedded systems: Component Architecture 28 • Component Architecture – Difficult/infeasible for a single engineer to understand every single line of code of a large monolithic system – Design Concept: Compose large software systems from small components. Each component should be easily maintained by a single engineer who understands every single line of code – Design Concept: Safety and/or security enforcing functionality should be placed into separate components that allow critical operations to be protected from compromise by noncritical portions of the system
  • 27. Designing secure embedded systems: Component Architecture 29 • Component Architecture – Modern OS provides memory protected processes – Design Concept: Designers should strive for a one-to-one ratio between threads and processes – Security/Performance Tradeoff: Threads are lighter weight than processes, but processes can provide memory protection
  • 28. Designing secure systems: Independent Expert Validation 30 • Independent Expert Validation – Security claims are a dime-a-dozen (e.g. Secustick) – Design Concept: Evidence of a secure system must be evaluated by independent experts – Anyone can produce a security design that is so clever, they can’t defeat it – Very difficult to produce a design that is so secure, others can’t defeat it – Independent experts provide another set of eyes that can spot security vulnerabilities that the designers can’t see
  • 29. Conclusion 31 “The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable” —The Art of War, Sun Tzu
  • 30. Additional Resources 32 1. M. Jones, G. Kotsalis, and J. Shamma, “Cyber-attack forecast modeling and complexity reduction using a game-theoretic framework,” in Control of Cyber- Physical Systems (D. C. Tarraf, ed.), vol. 449 of Lecture Notes in Control and Information Sciences, pp. 65–84, Springer International Publishing, 2013. 2. Kleidermacher, D. & Kleidermacher, M. (2012). Embedded Systems Security: Practical Methods for Safe and Secure Software and Systems Development. 3. Ferguson, Niels, Schneier, Bruce & Kohno, Tadayoshi (2010). Cryptography Engineering: Design Principles and Practical Applications. Wiley Publishing 4. Gebotys, C.H. (2009). Security in Embedded Devices. Springer 5. Anderson, R., "Why information security is hard - an economic perspective," Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual , vol., no., pp.358,365, 10-14 Dec. 2001
  翻译: