Embedded Systems
(OBJ 3.1 & 4.1)
Embedded Systems
- Specialized computing components designed for dedicated functions within larger devices
- They integrate hardware and mechanical elements and are essential for various daily-use devices
- These systems are essential, powering a myriad of devices we encounter daily.
- Example:
- Everyday consumer electronics such as smartphones, digital cameras, washing machines, and microwaves utilize embedded systems to manage their operations.
- Modern vehicles rely on embedded systems to oversee critical functions like engine control, anti-lock braking systems and airbag deployment.
- Life-saving medical devices
- Pivotal role in automation, process control, and robotics
Real-Time Operating System (RTOS)
- Designed for real-time applications that process data without significant delays
- Ensures that processes are executed in a timely and predictable manner
- Critical for time-sensitive applications like flight navigation and medical equipment
Risks and Vulnerabilities in Embedded Systems
- Hardware Failure
- Prone to failure in harsh environments
- Software Bugs
- Can cause system malfunctions and safety risks
- Security Vulnerabilities
- Vulnerable to cyber-attacks and unauthorized access or disruption of system operation
- Outdated Systems
- Aging software and hardware can be more susceptible to attacks
4 Key Security Strategies for Embedded Systems
- Network Segmentation
- Divide the network into segments to limit potential damage in case of a breach
- An attacker gaining access to one segment does not automatically have access to others.
- Wrappers (e.g., IPSec)
- Protect data during transfer by hiding data interception points
- Show only the entry and exit points of the data when travelling between networks
- Example:
- IPsec
- These wrappers make it so that anyone trying to intercept or tamper with the data can only see the IPsec header, which only shows the points where the data center enters and exits the network.
- IPsec
- Particularly useful when data needs to travel between secure networks via an unsecure network or between trusted points within the same network.
- Firmware Code Control
- Manage low-level software to maintain system integrity
- This can be achieved through secure coding practices, code reviews, and automated testing
- Measures like secure boot mechanisms and cryptographic signatures can ensure that only authorized and verified firmware runs on the device
- Crucial for maintaining the integrity of an embedded system
- Challenges in Patching
- Some systems may have not been designed with updating in mind lacking the necessary mechanisms for easy patch deployment.
- Updates face operational constraints; OTA updates demand meticulous planning and security measures
- Over-the-Air (OTA) Updates
- Patches are delivered and installed remotely
- Over-the-Air (OTA) Updates