Take to secure it, and the technologies on which such security is based on. This documentĭescribes the startup sequence of the developed embedded device, the possible steps to
U BOOT SECURE BOOT VERIFICATION
Such verification can be achieved by utilizing cryptographic concepts, such as public key infrastructure, hashes and signatures.
U BOOT SECURE BOOT SOFTWARE
Secure data storage, so that ideally the software cannot be tampered with, but also the Procedure, form hereone referenced as a secure chain of trust. In short, we can protect against this attack vector by utilizing a secure boot and startup How do we protect against such an attack? TheĪnswer to the posed question is the subject of this paper. If given physical access to the hardware. While at runtime, external modification can be actively prevented and logged, but if theĭevice is in a state without power, software modification could prove trivial, especially Therefore, we have to guarantee that the software weĮxecute on the device is genuine, not only when read from storage but also at runtime. TheyĬould gain control of not only the device, but possibly the entire network, if every device Software on the device, or inject modifications into the provided onboard software. They possess the means to deploy arbitrary Tamper detection, but the case still stands). Imagine the following attack vector: An individual with malicious intent acquires physical access to the device (In the current project, the device will be outfitted with hardware Integrity of the deployed software is paramount. Therefore, protecting and guaranteeing the Execution of arbitrary software on a criticalĭevice could have catastrophic consequences. This scenario isįar from unique: In todays connected world, the usage of embedded devices in numerousįaccettes of every day life is ever increasing. This device is responsible for monitoring and logging the usage of electric current, for the explicit purpose of billing and logging.Īs tampering with the device could result in, among others, financial damages, a secureĪnd tamper-proof implementation of the on-board software is necessary. In a best case scenario, the device is kept behind lockĪnd key, worst case it is accessible to public access.
Internet of Things (IoT) device, which is to be installed in a public electricity grid andĭeployed with unmonitored access. The project this document is describing involves the design and development of an
0 kommentar(er)
