2.6 Explain the security implications of embedded and specialized systems. Flashcards
Embedded System
Hardware or Software designed for a specific function
Or to operate as a part of a larger system
- Built with only a task in mind\
- Can be optimized for size/cost
- low-cost and purpose-built
Examples: Traffic controllers
digital watches
medical imaging system
Pros:
low cost
Cons:
Limits in communication options
upgradability limits
limited or missing features
Ther may not be a direct power source ( batteries)
Low power CPUs (cost and heat considerations)
Wireless is a limiting factor.
Cryptography options are limited.
Upgrade options are limited.
Security is an after thought
Range- usually does just one thing well
SoC
System on a Chip - Multiple components running on a single chip
Common with embedded systems
example - raspberry pi
It is very flexible, and you can customize the software
Small form factor
Cache memory, flash memory
usually lower power consumption
Difficult to upgrade hardware
limited off-shelf security options
FPGA
Field programmable gate array
common type of hardware you will find on embedded systems
An integrated circuit that can be configured after manufacturing
- Array of logic blocks
- Programmed in the field
A problem does not require a hardware replacement
a software update can reprogram the FPGA
Can add new capabilities via software
Common in infrastructure:
firewall logic
routers
SCADA
Supervisory control and Data Acquisition System
- Large Scale, Multi-site industrial control system (ICS)
- Commonly found in places where there are a large amount of industrial equipment.
- PC manages equipment
- Distributed Control systems
- requires extensive segmentation, no access from outside
IoT
Internet of things
Smart devices
- Sensors like heating and cooling
- Smart devices like home automation and doorbells.
- Wearable technology
- Facility automation
- Weak default security settings.
Describe some Specialized embedded systems
Medical devices - heart monitors , insulin pumps, often using older OS
Vehicles - internal networks often accessible from mobile networks.
Control internal electronics
Aircraft - Dos could damage the aircraft, an outage would be problematic
Smart meters - Measure power and water usage
VoIP
Voice over IP
instead of the analog phone line to the POTS(Plain old telephone service)
It is a relatively complex embedded system but really important
Each device is a computer
- separate boot process
- individual configurations
- different capabilities and functionalities
HVAC
Heating, ventilation, and Air conditioning system
- Thermodynamics, fluid mechanics and heat transfer
Complex science
- must be integrated into the fire system
PC manages equipment
- makes cooling and heating decisions for workspaces and data centers
Traditional not built with security in mind.
- difficult to recover from and infrastructure Dos.
Drones
Flying Vehicle
RTOS
Real time operating system
OS designed to work on a deterministic processing schedule
- no time to wait for other processes
- industrial equipment, automobiles, military environments
extremely sensitive to security issues
- non-trivial systems
need to always be available
difficult to know what type of security is in place
Surveillance systems
Video/Audo surveillance
- embedded systems in the cameras and monitoring stations
Secure the security systems
- restrict access from others
- Prevent a denial of service
Physically difficult to replace cameras
- Accessible independently over the network
- May allow for firmware upgrades.
5G
fifth generation cellular networking
- launched in 2020 worldwide
Significant performance improvements
- at higher frequcnies
- Eventually 10 gigabits per second
- slow speeds from 100-900 Mbit/s
Significant impact to IoT
- Bandwidth becomes less of a constraint
-larger data transfers
- faster monitoring and notification
- additional cloud processing.
SIM
subscriber identity value
A universal integrated circuit card
Used to provide information to the cellular network provider(used in IoT devices as well as phones)
- phones, tablets, embedded systems
Contains module details
- IMSI ( international module subscriber identity)
- Authentication information, contact information
Important to manage
- many embedded systems, many SIM cards
Narrowband
Narrowband-IoT (NB-IoT) is a type of baseband radio that has limited data rates between 20 to 100 Kilobits per second (Kbps). This is more suitable for inaccessible locations that require signal penetrating power.
If the embedded device is not using the cellular network to communicate, then it may be using frequencies over a narrowband connection.
Communicates over a narrow range of frequencies.
- over a longer distance
- conserve the frequency of use
Many IoT devices can communicate offer a large distance
- SCADA equipment
- Sensors in oil fields
Baseband
General a single cable with a digital signal can be fiber or copper
Utilization is either 0% or 100%
Bidirectional comm
Ethernet standard
- 100base-tx, 1000base-t, 10gbase-t