2.6 Security implications of embedded & specialized systems Flashcards
Embedded system: what is an embedded system ?
It’s an hardware or software build for a very specific purpose. Usually build with specific harware or to fits into particular sizes/cost.
Ex: traffic light controllers, digital watches, medical imaging systems
Embedded system: what is a SoC and why it can be a security concern ?
System on a Chip allow the embedded system to run. The SoC has multiple components running on a single chip.
Security concerns are important because of the small size of the device (difficult to upgrade hardware, limited off-the-shelf security options)
Ex: raspberry pi
Embedded system: what is an FPGA?
Field-programmable gate array is a type of hardware that can be find on embedded system. It is an integrated circuit that can be configured after manufacturing. It provide flexibility to the dev in case they want to add new software.
Ex: can be find in switches, router, firewall etc
Embedded system: what is SCADA / ICS ?
- Supervisory Control and Data Acquisition System is a combination of hardware and software that enables the automation of industrial processes by capturing Operational Technology (OT) real-time data. SCADA connects the sensors that monitor equipment like motors, pumps, and valves to an onsite or remote server.
- SCADA requires extensive segment on the network and to be connect to internet for security reasons
Embedded system: what is smart devices / IoT ?
- IoT are smart devices that can be connected to other types of systems insides homes and businesses.
- Important security concern as they are connected to internet
Ex: connected to phone AC, home automation (video doorbells), wearable technologies (watches, health monitors), faciility automation (temperature etc),
Embedded system: what is a specialized embedded system ?
Type of embedded system that is very specialized:
- medical devices >because they are very specialized they may be running on older OS version
- Vehicles > internal network often accessible from mobile network (can control internal electronics)
- Aircraft > DoS could damage the aircraft and an outage would be problematic
- smart meter (temperature, water etc)
Embedded system: what is VoIP?
Voice over Internet Protocol is a type of phone system that uses an internet connection to make and receive calls. It is a embedded system and each device is a computer (separate boot process, individual configurations, different capabilities)
Embedded system: what is HVAC ?
Heating Ventilation and Air Conditioning (thermodynamics, fluid mechanics etc) are complex embedded system
Traditionnally not build with security in mind
Embedded system: what are multifunction devices ?
All in one or multifunctions devices are everything you need in one single device. It uses sophisticated firmware
Ex: Printers, scanners and fax machines in one
Embedded system: what is RTOS ?
- Real-Time Operating System is an OS with a deterministic processing schedule
- Extremely sensitive to security issues because it needs to be always available
Ex: military environment, indutrial, automobile
Embedded system: is surveillance camera an embbeded system ?
Yes.
Embedded system: is drone an embbeded system ?
Yes.
Embedded system communication: how embedded system communicate to each other ?
Can use:
- 5G
- SIM card
- Narrowband
- Baseband
- Zigbee
Embedded system communication: what is 5G ?
- Fith generation cellular networking (launched in 2020)
- Significant performance improvements (higher frequencies, 10 GB/second
- Significant impact on IoT: larger data transfers, faster networking
Embedded system communication: what is SIM card ?
- Used to provide information to a cellular network provider (phone, tablets, embedded systems)
- Contains mobile details (IMSI, authentication info)
- Important to manage in large organization
