1 / 20

Ensuring Security and Integrity of IoT Systems through Firmware Security Checking

This workshop discusses the importance of firmware security checking in IoT systems and explores methods to ensure privacy, security, and safety. It highlights the potential risks posed by malicious firmware and presents a unified approach towards firmware security and integrity.

montes
Télécharger la présentation

Ensuring Security and Integrity of IoT Systems through Firmware Security Checking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CHARIOT-VESSEDIA Workshop “THE ROAD AHEAD FOR A COGNITIVE COMPUTING PLATFORM SUPPORTING A UNIFIED APPROACH TOWARDS PRIVACY, SECURITY AND SAFETY (PSS) OF IOT SYSTEMS” Firmware security integrity checkingAndrea Battaglia, Aspisec IT CHARIOT-VESSEDIA Workshop 9 May 2019, Dublin, Ireland CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  2. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  3. Introduction 01

  4. Firmware security integrity checking • The technology companies producing evolved systems and smart devices tend to underestimate the potential risks to which they are exposed since are continuously connected to the Internet. • A firmware provided by a malicious entity can cause significant problems to the IoT network. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  5. Firmware security integrity checking About Firmware update • Be surethat the firmware in a smartsensoriscorrectly running • Be surethatitruns the latest firmware • Be confident the firmware isnottampered • Be sure the connection between devices and gateway isdeemedsecure • Have a secure method to ensurethatonlyauthorised/latest firmware isuploaded to the sensor in remote mode • Be sure the connection between devices and gateway isdeemedsecure CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  6. Firmware threats and exploitations 02

  7. Firmware security integrity checking In a hacking scenario, an attacker can modify the firmware image: • during its presence on the manufacturer device OR • during its download or the writing process to the chip, in order to take control of a machine compromising the OS in the firmware file. The greatest danger is caused by superficial behaviour conducted by the manufacturers that allows hackers to take advantage of a vast amount of potentially vulnerable devices. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  8. Firmware security integrity checking Regardless of the chosen exploitation vector, an attacker can: • reverse-engineering the entire firmware and understand how the entire device works; • insert a firmware backdoor; • change the device behaviour and altering its performance; • find hard-coded private symmetric-cryptography keys/passwords/user-names or private certificates used to encrypt communications between the device and other systems; • roll-back the firmware to a previous legitimate version with known vulnerabilities he wants to exploit. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  9. Firmware security integrity checking State of the Art in Firmware Security for Industrial IoT: • To achieve a high level of security for IoT devices, it is necessary to introduce a shared standard that can guarantee a common methodology during the design, development and above all the issue of updates. • The firmware checking must be done ad-hoc in current systems. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  10. Firmware Security Integrityarchitecture 03

  11. Firmware security integrity checking The security of the firmware of IoT gateways and devicesisperformed by threedifferentprocesses: • The static code analyzer provides guarantees on the quality of the firmware • The Security Engine exclude firmware not permitted and those with dubious behaviour • The gateway is responsible for the integrity of the firmware by checking it with the blockchain CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  12. Firmware security integrity checking • The Firmware Security integrity of CHARIOT runs in a blockchain environmentusing a distributed approach • A fog-baseddecentralizedinfrastructure isadopted for checking the Integrity of Firmware • Eachsensorobtainsits firmware update by blockchain nodes CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  13. Firmware security integrity checking • The firmware security integrityleverages a Blockchain ledger to enhance physical, operational and functional security of IoT systems • In the blockchain, a block is used to securely store information • Every block contains a hash value of the previous block header that forms a type of chain • It is then used to authenticate the data and guarantee the block’sintegrity CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  14. Firmware Security Engine 04

  15. Firmware security integrity checking • Firmware Security Engine: Integrity checking with specializeddecompiler to help mitigate safety defects and cyber-attacks • The service scans the pre-OS (firmware) of devices provided by the Static source code analysis module, then it checks its integrity and it gives the approval for storage in the Blockchain • Security Engine analyzes the firmware binary that will be flashed on the sensor • Its purpose is to exclude that any vulnerabilities could be exploited for firmware tampering and could lead to cyber-attacks CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  16. Firmware security integrity checking • The service scan binary files of the pre-OS (firmware) of new releases of firmware devices against the olderversions • The Firmware Security Integrity checks if newer versions may have unexpected behaviour leading to security issues • This is achieved by using an heuristic approach through observing behavioral variations of the firmware • This functionality enhances system security functionality by complementing device authentication with an additional security check carried out through signing the compiled firmware to the CHARIOT Blockchain in case of compliance when it passes the security check CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  17. Firmware security integrity checking • Heuristic technique and mechanism for IoT Firmware Security verification The Firmware Security Verificationisachieved by using an HEURISTIC APPROACH and building a STANDARD BEHAVIOUR throughobservingbehavioralvariations from a “reference” version of the firmware, performing automaticanalysis by comparing a collection of firmware features like: • jump addresses, • the number of defined functions, • I/O access • other things related to the firmware. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  18. Firmware security integrity checking The result of the Analysis is a kind of COMPARISON between the parsed data of two different versions of the same firmware. 1 2 • In case of substantialdifferences in functions and behaviour inside the firmware, the engineindicates that a potential security breach has occurred and firmware is marked as tampered and not secure. • Otherwise the firmware passes the security check and will be ready to update the devices under Blockchain signature. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  19. Firmware security integrity checking The Security Engine inside the FSI • is liable to raise the guard level when any security related issue occurs • is able to detect tampered firmware which could contain potential threats by checking consolidated firmware and subsequent firmware updates to guarantee no security breaches • is able to indicate when a potential security breach has occurred and firmware is marked as tampered and not secure CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

  20. Contact Details Aspisec Srl Andrea Battaglia a.battaglia@aspisec.com The projects CHARIOT & VESSEDIA have received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 780075 & No 731453. CHARIOT – VESSEDIA Workshop, 9 May 2019, Dublin, Ireland

More Related