REPORT TO DESCRIBE TYPES OF SECURITY WHICH ARE USED OR CAN BE IMPLEMENTED IN EMBEDDED SYSTEMS

BY: AVINASH MOLLYE ( 091610)

INTRODUCTION
Security regarding embedded systems are becoming more and more important since they have very

limited security options. It is very a hard task to implement high level of security in embedded system devices. Most users want to have a security aspect in most their devices when they are making use of them. Therefore by doing so this will protect their data from major security problem.

The security of embedded systems depend on many different factors which must be in the norms required or must be working in the way required. For example running software and external devices like network on a system have access to multiple resources which has been provided by the specific operating system. The role of the operating system is that it must be able to control requests. Meaning must distinguish with processed and unprocessed requests. For this the process of authentication is made. This is done to assign a username to the corresponding requester . The use of magnetic cards also can be use as a type of security. On the network it is different. Access can be made without authentication , therefore there we make use of high level security system which will offer auditing options. This will allow to track those people who has been reading the corresponding file. All these security are possible if all possible dangerous request are carried out through interrupts to the operating system. If there is direct access between hardware or resources and programs , they cannot be secured. Data transfer as well need to be secure when passing in public network. The secure data must be scrambled in such a way so that it becomes useless or unintelligible for any unauthorized person who want to access the secure data. This can be done by using Cryptographic methods such as encryption and decryption. In this process a secret (key) is used which only the communicating device will have access to.

The level of security here will depend on the secrecy of the key This allow a securer way to communicate or send data

Another type to secure devices is to make use of Tamper Mechanisms This mainly deal with physical or electronic action on the device. One such type is called Tamper Resistance. This method will increase the level of tampering by making use of specialized materials. We can find those kinds of steps such as hardened steel enclosures, locks, encapsulation, or security screws.

Its advantage is that it can be visually observed and also determine that the object was prone security threats Another type of protection can be the Tamper detection method. This enable the hardware devices to detect any case of tampering We may include the use of : i) switch such as micro switches, magnetic switches, mercury switches, and pressure contacts to detect if the device has been opened or misplace of any corresponding component

ii). Sensors to detect any changes in the product or the way it must be conserve, radiation sensors for Xrays to see what is the content of a sealed or any encapsulate device

iii) Circuitry to see if a system has been physical tampering.

Another threat for embedded system devices is the counterfeit creation of a product. To avoid this seal can be use of even appropriate tags for the corresponding are add up to make it more visible to the user or even the supplier if it is a counterfeit product.

Timing Analysis Attacks is another threat in the embedded system. In this type of attack the attacker will try to find a connection between the working period of the computer of a particular and the values implicated in the steps. Information like passwords and keys for cryptography are most at risk in this type of attacks. By doing so an attacker can predict important information that has been stored in the system.

Randomization is a solution for Timing analysis attack. To be able to achieve a timing analysis attack the attacker must be able to find out exactly when a particular operation is being performed. This is made complicated with Randomization since the reconstruction of the clock signal is made difficult by using a randomly switching activity and clock.

References: http://www.irma-international.org/viewtitle/56302/ http://en.wikibooks.org/wiki/Embedded_Systems/Embedded_Systems_Introduction Philip Koopman, Carnegie Mellon University articles