embedded_security_extended_flashcards - embedded_security_extended_flashcards
Embedded Security
Implementation of protective mechanisms to ensure confidentiality, integrity, and availability of embedded systems.
Threats to Embedded Systems
Common threats include malware, side-channel attacks, buffer overflows, supply chain attacks, and hardware trojans.
Secure Boot
Ensures only trusted software runs on an embedded device by verifying digital signatures during the boot process.
Hardware Root of Trust (RoT)
A secure hardware foundation providing cryptographic functionalities like secure key storage and firmware validation.
Secure Firmware Updates
Firmware updates that are authenticated and encrypted to prevent unauthorized modifications and mitigate vulnerabilities.
Side-Channel Attacks
Attacks exploiting indirect data leaks such as power consumption, electromagnetic emissions, or timing information.
Trusted Execution Environment (TEE)
A secure area of a processor that runs security-critical code separately from the main OS.
Cryptographic Hardware Modules
Dedicated hardware components like TPM and HSM for cryptographic operations and secure key storage.
Secure Element (SE)
A tamper-resistant microcontroller that securely hosts applications and sensitive data.
Supply Chain Attacks
Exploiting vulnerabilities in the manufacturing and distribution chain to compromise embedded systems.
Buffer Overflow Attacks
Exploiting memory vulnerabilities by overwriting adjacent memory areas to execute malicious code.
JTAG and Debug Port Security
Restricting access to debug interfaces like JTAG to prevent unauthorized access to embedded systems.
Physical Security Attacks
Attacks involving direct access to hardware, such as probing memory chips and reverse engineering components.
Firmware Encryption
Encrypting firmware to prevent reverse engineering and unauthorized modifications.
Code Obfuscation
Transforming code into a less human-readable format to deter reverse engineering.
Hardware Security Modules (HSM)
Dedicated security devices that manage and protect cryptographic keys and operations.
Hardware-Based Random Number Generation
Using dedicated hardware to generate secure and unpredictable random numbers for cryptography.
Tamper Detection and Response
Mechanisms that detect physical tampering and take actions such as wiping sensitive data.
Secure Key Storage
Storing cryptographic keys in a secure and isolated manner to prevent unauthorized access.
Two-Factor Authentication (2FA) in Embedded Devices
Adding an additional layer of authentication for device access or operations.
Remote Attestation
Verifying the integrity of a device’s software and hardware remotely to ensure trustworthiness.
Secure Communication Protocols
Using TLS, DTLS, or IPsec to protect data transmitted between embedded systems and networks.
IoT Security Standards
Frameworks like NIST IoT Security, IEC 62443, and ISO 27001 to ensure secure embedded system development.
Zero Trust Architecture for Embedded Systems
Implementing the principle of ‘never trust, always verify’ to minimize attack surfaces.
Post-Quantum Cryptography for Embedded Systems
Future-proofing embedded security by adopting cryptographic algorithms resilient to quantum attacks.
Fault Injection Attacks
Introducing environmental disturbances like voltage spikes or laser pulses to manipulate embedded system behavior.
Authentication Mechanisms for Embedded Devices
Techniques such as biometric authentication, hardware tokens, and digital certificates.
Secure Software Development Lifecycle (SDLC)
Integrating security into every phase of embedded system development.
Patch Management in Embedded Systems
Ensuring timely updates and security patches to mitigate vulnerabilities in embedded software.
Embedded AI Security
Protecting AI-driven embedded systems from adversarial attacks and data manipulation.
Defensive Cyber Operations
Passive and active cyberspace operations intended to preserve the ability to utilize friendly cyberspace capabilities and protect data, networks, net-centric capabilities, and other designated systems
SPARTA
A space specific cybersecurity matrix intended to provide unclassified information to space professionals about how spacecraft may be compromised via cyber means. The matrix defines and categorizes commonly identified activities that contribute to spacecraft compromises.
TTP
Tactic, Technique, and Procedures
MITRE ATT&CK
A knowledge base of adversary tactics and techniques based on real-world observations. Used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
Defense in Depth
The application of multiple countermeasures in a layered or stepwise manner to achieve security objectives. The methodology involves layering heterogeneous security technologies in the common attack vectors to ensure that attacks missed by one technology are caught by another.
