1 / 19

Securing Embedded Systems Against Reverse Engineering Threats

This paper by Ian McLoughlin, published in IEEE in 2004, explores the serious threat that reverse engineering (RE) poses to embedded systems. Although RE can drive innovation, it ultimately undermines the economic benefits of product development by enabling competitors to cheaply replicate designs. The paper discusses design piracy, potential attack vectors, and discusses strategies to mitigate the risks associated with RE, including increasing the costs of reverse engineering and employing specialized security techniques. Understanding these threats is crucial for safeguarding valuable intellectual property in embedded devices.

glynn
Télécharger la présentation

Securing Embedded Systems Against Reverse Engineering Threats

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Embedded Systems Presentation David Tietz EEL6935 Spring 2009

  2. Paper Selected: “Secure Embedded Systems: The Threat of Reverse Engineering” • ByIan McLoughlin • Published in IEEE • 2004

  3. Reverse Engineering (RE) • What is it? • Purpose: To Gain A Better Understanding For Design Piracy

  4. Methods of Piracy • Network attacks • Insider attacks • Head-hunters • Full on RE process

  5. Creating A Product • A company spends time and money in development of a product • The company releases the product • The company benefits from sales • In time, competition enters the market Which helps to improve the original design.

  6. Why RE is bad economics • A company spends time and money in development of a product • The company releases the product • A competitor cheaply and rapidly reverse engineers the pioneering design Can greatly undercut the selling price • Hinders risk-taking

  7. Economic Analysis • Foiling RE takes money and time • Best outcome: You stop them You never see the benefit Competitors break into the market anyhow • Difficult to sell a strategy • Even more difficult to gauge success

  8. Bad for Embedded Systems • By nature, they are generally small, portable, widely available devices • They tend to embody valuable intellectual property designs

  9. Goal • Maximize reverse engineering cost • Keep increased development cost low

  10. Reverse Engineering Process • Functionality • Physical Structure • Bill of Materials • System Architecture • Detailed Physical Layout • Schematic of Electrical Connectivity • Software

  11. How to Increase RE Costs • Additional time taken to reverse engineer the system • Greater levels of expertise required • The need for specialized equipment

  12. RE Mitigation • Not possible to completely prevent it • Two Methods: Passive Active

  13. RE Mitigation Costs • Increases NRE Costs • Increase in BOM • Delay in time to market

  14. Low Cost Mitigation Techniques • Protecting documentation • Monitor and limit information that employees may inadvertently provide • Custom casings • Missing silk screen • Wiring unused pins • Leaving unused planes on layers of the PCB

  15. RE Mitigation of Programmable Devices • Custom Silicon • Ball Grid Array (BGA) Packaging • Back to Back BGA Layout

  16. RE Mitigation of Programmable Devices • Don’t build ports onto PCB (jtag,etc) • Some provide security setting prevent readout of programmed bit stream • Use mesh overlays in custom ASICs

  17. RE Mitigation of Programmable Devices FPGAs: • Use Antifuse devices • Use encryption for flashing Flash: • Fill Unused space • Encrypt

  18. Costs of Anti Reverse Engineering

  19. Questions?

More Related