Explain the security implications of embedded and specialized systems

Question 1

Embedded systems

Answer 1

Raspberry Pi
Field-programmable gate array (FPGA)
Arduino

A computer system that is designed to perform a specific, dedicated function, such as a microcontroller in a medical drip or components in a control system managing a water treatment plant.

Question 2

Raspberry Pi

Answer 2

The Raspberry Pi is a low cost, credit-card sized computer that plugs into a computer monitor or TV, and uses a standard keyboard and mouse. It is a capable little device that enables people of all ages to explore computing, and to learn how to program in languages like Scratch and Python. It’s capable of doing everything you’d expect a desktop computer to do, from browsing the internet and playing high-definition video, to making spreadsheets, word-processing, and playing games.

Question 3

Field-programmable gate array (FPGA)

Answer 3

A field-programmable gate array (FPGA) is an integrated circuit designed to be configured by a customer or a designer after manufacturing – hence the term field-programmable. The FPGA configuration is generally specified using a hardware description language (HDL), similar to that used for an application-specific integrated circuit (ASIC). Circuit diagrams were previously used to specify the configuration, but this is increasingly rare due to the advent of electronic design automation tools.

Question 4

Arduino

Answer 4

The main difference between them is: Arduino is microcontroller board, while Raspberry Pi is a microprocessor based mini computer (SBC). The Microcontroller on the Arduino board contains the CPU, RAM and ROM. All the additional hardware on Arduino Board is for power supply, programming and IO Connectivity.

Question 5

Supervisory control and data acquisition (SCADA)/industrial control system (ICS)

Answer 5

Facilities
Industrial
Manufacturing
Energy
Logistics

A type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographically large areas.

Question 6

Facilities

Answer 6

Facilities refers to site and building management systems, typically operating automated heating, ventilation, and air conditioning (HVAC), lighting, and security systems.

Question 7

Industrial

Answer 7

Industrial can refer specifically to the process of mining and refining raw materials, involving hazardous high heat and pressure furnaces, presses, centrifuges, pumps, and so on.

Question 8

Manufacturing

Answer 8

Fabrication and manufacturing refer to creating components and assembling them into products. Embedded systems are used to control automated production systems, such as forges, mills, and assembly lines. These systems must work to extremely high precisions.

Question 9

Energy

Answer 9

Energy refers to power generation and distribution. More widely, utilities includes water/sewage and transportation networks.

Question 10

Logistics

Answer 10

Logistics refers to moving things from where they were made or assembled to where they need to be, either within a factory or for distribution to customers. Embedded technology is used in control of automated transport and lift systems plus sensors for component tracking.

Question 11

Internet of Things (IoT)

Answer 11

Sensors
Smart devices
Wearables
Facility automation
Weak defaults

Devices that can report state and configuration data and be remotely managed over IP networks.

Question 12

Sensors

Answer 12

Sensors—IoT devices need to measure all kinds of things, including temperature, light levels, humidity, pressure, proximity, motion, gas/chemicals/smoke, heart/breathing rates, and so on. These are implemented as thermocouples/thermistors, infrared detectors, inductive, photoelectric, and capacitative cells, accelerometers, gyroscopes, and more.

Question 13

Smart devices

Answer 13

Smart devices—IoT endpoints implement the function, such as a smart lightbulb or a video entryphone that you can operate remotely. These devices implement compute, storage, and network functions that are all potentially vulnerable to exploits. Most smart devices use a Linux or Android kernel. Because they’re effectively running mini-computers, smart devices are vulnerable to some of the standard attacks associated with web applications and network functions. Integrated peripherals such as cameras or microphones could be compromised to facilitate surveillance.

Question 14

Wearables

Answer 14

Wearables—some IoT devices are designed as personal accessories, such as smart watches, bracelets and pendant fitness monitors, and eyeglasses. Current competing technologies are based on FitBit, Android Wear OS, Samsung’s Tizen OS, and Apple iOS, each with their own separate app ecosystems.

Question 15

Facility automation

Answer 15

Components and protocols that facilitate the centralized configuration and monitoring of mechanical and electrical systems within offices and data centers.

Question 16

Weak defaults

Answer 16

When they are designed for residential use, IoT devices can suffer from weak defaults. They may be configured to “work” with a minimum of configuration effort. There may be recommended steps to secure the device that the customer never takes.

Question 17

Specialized

Answer 17

Medical systems
Vehicles
Aircraft
Smart meters

There are also specialized systems installed within office networks, such as printer and Voice over IP (VoIP) equipment. These systems must not be overlooked by security monitoring procedures.

Question 18

Medical systems

Answer 18

Medical devices represent an array of systems potentially vulnerable to a wide range of attacks. It is important to recognize that use of these devices is not confined to hospitals and clinics but includes portable devices such as cardiac monitors/defibrillators and insulin pumps. As well as unsecure communication protocols, many of the control systems for these devices run on unsupported versions of operating systems (such as Windows XP) because the costs of updating the software to work with newer OS versions is high and disruptive to patient services. Some of the goals of attacks on medical devices and services are as follows:

Use compromised devices to pivot to networks storing medical data with the aim of stealing protected health information (PHI).
Hold medical units ransom by threatening to disrupt services.
Kill or injure patients (or threaten to do so) by tampering with dosage levels or device settings.

Question 19

Vehicles

Answer 19

Automobiles and unmanned aerial vehicles (UAV), or drones, contain sophisticated electronics to control engine and power systems, braking and landing, and suspension/stability. Modern vehicles are increasingly likely to have navigation and entertainment systems, plus driver-assist or even driverless features, where the vehicle’s automated systems can take control of steering and braking. The locking, alarm, and engine immobilizer mechanisms are also likely to be part of the same system. Each of these subsystems is implemented as an electronic control unit (ECU), connected via one or more controller area network (CAN) serial communications buses.

Question 20

Aircraft

Question 21

Smart meters

Answer 21

A utility meter that can submit readings to the supplier without user intervention.

Question 22

Voice over IP (VoIP)

Answer 22

Types of embedded systems are used to implement both Voice over IP (VoIP) endpoints and media gateways. Endpoints can be individual handsets or conferencing units. A media gateway might use a separate firmware/OS to implement integration with telephone and cellular networks.

Question 23

Heating, ventilation, air conditioning (HVAC)

Question 24

Drones

Answer 24

See Vehicles

Question 25

Multifunction printer (MFP)

Answer 25

Any device that performs more than one function, but typically print devices that can also scan and fax.

Question 26

Real-time operating system (RTOS)

Answer 26

A type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks.

Question 27

Surveillance systems

Answer 27

A physical access control system (PACS) is a network of monitored locks, intruder alarms, and video surveillance. A PACS can either be implemented as part of a building automation system or a separate system in its own right. Gaining physical access to premises, or even just access to video monitoring systems, gives an adversary many opportunities to develop additional attacks. As with building automation, a PACS is likely to be installed and maintained by an external supplier.

Question 28

System on chip (SoC)

Answer 28

A processor that integrates the platform functionality of multiple logical controllers onto a single chip.

Question 29

Communication considerations

Answer 29

5G
Narrow-band
Baseband radio
Subscriber identity module (SIM) cards
Zigbee

Question 30

5G

Question 31

Narrow-band

Answer 31

Narrowband-IoT (NB-IoT)—this refers to a low-power version of the Long Term Evolution (LTE) or 4G cellular standard. The signal occupies less bandwidth than regular cellular. This means that data rates are limited (20-100 kbps), but most sensors need to send small packets with low latency, rather than making large data transfers. Narrowband also has greater penetrating power, making it more suitable for use in inaccessible locations, such as tunnels or deep within buildings, where ordinary cellular connectivity would be impossible.

Question 32

Baseband radio

Answer 32

The chip and firmware in a smartphone that acts as a cellular modem.

Question 33

Subscriber identity module (SIM) cards

Answer 33

A small chip card that identifies the user and phone number of a mobile device, via an International Mobile Subscriber Identity (ISMI).

Question 34

Zigbee

Answer 34

Low-power wireless communications open source protocol used primarily for home automation. ZigBee uses radio frequencies in the 2.4 GHz band and a mesh topology.

Question 35

Constraints

Answer 35

Power
Compute
Network
Crypto
Inability to patch
Authentication
Range
Cost
Implied trust

Question 36

Power

Answer 36

Many embedded devices are battery-powered, and may need to run for years without having to replace the cells. This means that processing must be kept to the minimum possible level.

Question 37

Compute

Question 38

Network

Answer 38

Minimizing compute functions also has an impact on choices for network connectivity. The Wi-Fi and 4G/5G standards developed for use with computer and smartphone networking use power-hungry antennas to maximize data rates and range, plus processing to encrypt the communications. Networks for embedded systems emphasize power-efficient transfer of small amounts of data with a high degree of reliability and low latency.

Question 39

Crypto

Answer 39

they need to use cryptoprocessors to ensure confidentiality, integrity, and availability. This is prompting the development of ciphers that do not require such large processing resources.

Question 40

Inability to patch

Answer 40

Many embedded systems require manual updates, which are perceived as too time-consuming for a security department with other priorities to perform.

Question 41

Authentication

Answer 41

The lack of compute resources means that embedded systems are not well-matched to the cryptographic identification and authentication technologies that are widely used on computer networks. As embedded systems become more accessible via those networks, however, they need to use cryptoprocessors to ensure confidentiality, integrity, and availability. This is prompting the development of ciphers that do not require such large processing resources.

Question 42

Range

Answer 42

Minimizing compute functions also has an impact on choices for network connectivity. The Wi-Fi and 4G/5G standards developed for use with computer and smartphone networking use power-hungry antennas to maximize data rates and range, plus processing to encrypt the communications. Networks for embedded systems emphasize power-efficient transfer of small amounts of data with a high degree of reliability and low latency.

Question 43

Cost

Answer 43

Cost is an important factor. As devices may be used in large numbers and are designed for fairly predictable processing workloads, there is no obvious reason to over-provision compute resources and the price per unit can be driven as low as possible.

Question 44

Implied trust

Answer 44

On PC hardware, a root of trust is established at the hardware level by a TPM. Without this explicit trust anchor, a network has to use an implied trust model. Implied trust means that every device that has been added to the network is trusted, on the assumption that it was added and continues to be operated by a legitimate administrator.