Adding trust to an embedded system with a secure anchor pointStory
December 23, 2009
Keeping unwanted components and malware out of embedded systems requires monitoring of both the supply chain and systems in operation. The secure anchor point is a solution to the second half of this equation; it offers the capability to monitor systems in operation by becoming the root of trust in an embedded system.
The integration of high-speed, low-cost embedded processing power has had revolutionary impacts on warfighter equipment. It is also slowly enabling the long-anticipated vision of net-centric warfare. However, integrating commercial technology without a complete history of its origin creates a whole host of new problems with “trust” among potential suppliers. Trust is the quality of a product or manufacturer whose identity and intentions can be assumed to a high degree of accuracy. Low levels of trust in the supply chain create significant issues in military operations; solving this problem revolves around improving the trust levels of either the supply chain or the embedded systems themselves.
One way to address the problem of trust in the electronic domain is the same way it is approached in the social world: relying on a handful of trusted sources to vouch for the authenticity of others, which can be called “secure anchor points.” These can be official documents, badges, and personal references in the social world; the secure anchor point in a digital electronics system allows management functions and system monitors to validate the operational integrity of their networks and any persons who have access to their systems. Implementing the secure anchor point in a highly tamper-resistant secure processor raises both the trust and security level of the entire system. Our discussion examines the problems resulting from a lack of trust, how the secure anchor point is utilized, where it fits into the military’s net-centric vision, and how to efficiently field the secure anchor point.
Problems caused by lack of trust
When players (human or electronic) cannot be identified or trusted in a network or embedded system, vulnerabilities are created. One of the top trust problems today is in the electronics supply chain for commercial enterprise, government, and military electronic equipment. Multiple counterfeit parts have been found and reported. The unknown content of these components could lead to Trojan horse insertion, malicious circuits, or back doors that can allow unwanted and illegal access to individual, corporate, medical, financial, or government data and systems.
A survey sponsored by the U.S. Navy and the Commerce Department’s Bureau of Industry and Security (BIS) found more than 7,000 counterfeiting incidents in 2008, up more than 25 percent from 2007. Counterfeit electronics were defined as either “re-marked as higher grade,” salvaged, or cheap copies. The impact of these counterfeits results in nonfunctional design, failure earlier than design-in, and inability to meet environmental conditions. Many of these were in military equipment, resulting in early failure of line replaceable units in tactical aircraft and vehicles.
Utilizing a secure anchor point
Building more trustworthy systems does not mean rearchitecting them from the ground up or replacing every single system component without a known origin. This is too great a task for nearly all military systems and would not be cost-effective. Rather, system integrity and trusted operation can be improved simply by adding several roots of trust to the system, with out-of-band authentication and monitoring capabilities. These can be called secure anchor points.
The secure anchor point is a trusted processing node that can serve as the point of departure for authenticating other components and communication nodes in a system. Using virtualization technologies and applications developed specifically for the hardware, trusted and secure applications can be run on the secure processor. There are several recommended features that lead to this trusted status:
- Trusted design and manufacture
- Secure boot code
- Resistance to tampering and reverse engineering
- Encrypted message passing and memory interfaces
As depicted in Figure 1, a secure processor hosts a set of activities that collects system bus information, processes the data, correlates the data streams to one another to look for unusual activity or component identities, and generates appropriate responses or tailored interrogations. This data is collected over various embedded system data lines, to include VME backplanes, PCIe and Serial RapidIO traces, or proprietary data formats. An FPGA or other commercially available bridging device is used to connect the secure processor to its data sources. An FPGA is preferred for two reasons: FPGA technology has progressed to allow a large number of data formats to be bridged within a single device; in addition, a block of Secure IP can be executed to support data encryption to further protect the functions of the secure processor.
Figure 1: Block diagram of a secure anchor point using a secure processor
One of the primary objectives of the secure anchor point is to control the “vulnerability point” of an embedded system. When an adversary attempts to reverse engineer, clone, or hack an embedded system, one of the first steps is to identify a single communications node that will allow clandestine control using malware or inserted code. The secure anchor point attempts to become that single communications node, making hacking extremely difficult or impossible through several layers of tamper resistance, encryption, and obfuscation. This is similar to the rationale of DoD Instruction 5200.39, which calls for military system developers to identify their Critical Program Information (CPI) and protect it.
Authenticating other network nodes
It is too daunting a task to implement in one step a distributed guarantee of trust across a net-centric military. Therefore, it is important to implement what Lynn Robert Carter of Carnegie Mellon University calls “asymmetric security”, or the capability of trusted agents to provide authenticated data and identity management to network participants.
The role of a secure anchor point in asymmetric security is to serve as the “referral” for other components or processors in a system. This referral will be based on the best available knowledge of threats, expected operating code, and known system elements. Because the secure anchor point is a secure processor, it can adapt to new threats over time without modifying the system through secure encrypted firmware updates. The verification and behavior monitoring information is provided through secure boot programming by the user. Secure anchor point interrogations enable strict inventory control and IP monitoring for highly sensitive or costly IP elements.
Controlled by system designers and/or administrators, the secure anchor point executes techniques like unique interrogations, hashes, serial ID queries, timing measurements, or other schemes. It then defines the response to any trust violations encountered from simple administrative warning notification to system shutdown or memory zeroization.
To make a secure anchor point application scalable across a net-centric operation, it is crucial to have a common set of building blocks and reference designs available. In this way, new anchor points can be added cost-effectively as enterprises expand, but they can still be modified and updated to monitor for recent and localized threats, counterfeit equipment, and out-of-bounds behavior.
Efficiently fielding the secure anchor point
The secure anchor point is designed to be extremely difficult to reverse engineer in both hardware and software. A secure processor such as CPU Tech’s Acalis can serve as a secure anchor point because it was designed to resist cloning and reverse engineering and contains unique chip serialization (done in the IBM Trusted Foundry). These secure processors also have proprietary “watermark” characteristics as part of their manufacture that can be utilized for authentication both in the supply chain and while in operation. Adding an Acalis secure anchor point to a system requires adding labor hours in hardware design, software design, and IT infrastructure, but does not necessitate architectural changes or redesign to an existing system.
Figure 2: Secure anchor point implemented on embedded hardware system
Figure 2 shows the implementation of a secure anchor point on existing hardware modeled by CPU Tech. High-fidelity hardware models are a great place to start in identifying the list of signals and components that should be monitored by the secure anchor point. Building the anchor point into the model offers the ability to identify threats and vulnerabilities, then implement a secure anchor point with a full range of response and system warning capabilities.
- Manufacturing and Technology News. “U.S. Government Finds Thousands of Counterfeit Electronics from China in Avionics Weapon Supply Chain,” Nov. 17, 2008. www.manufacturingnews.com/news/08/1117/counterfeitelectronics.html
- Carter, Lynn Robert. “Computing Infrastructure Risk, Issue, Analysis, and Recommendation.” Dec. 23, 2008. Carnegie Mellon University. Issued to White House call for inputs on Cyber Security Policy.
J. Ryan Kenny is a product manager at CPU Tech. He is responsible for developing security requirements and certification roadmaps for the Acalis line of secure embedded processors. He joined CPU Tech in February 2009 and has more than 10 years of experience in space and defense electronics in the U.S. Air Force and defense systems engineering. He graduated from the U.S. Air Force Academy and completed an MSEE and MBA from California State University Northridge and Santa Clara University, respectively. He can be contacted at [email protected]
CPU Tech 925-224-9920 www.cputech.com