Understanding Threat Models for Embedded Devices

Slides:



Advertisements
Similar presentations
Breaking Trust On The Internet
Advertisements

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
1 Securing Passwords Against Dictionary Attacks Base on an article by Benny Pinkas & Tomas Sander 2002 Presented by Tomer Conforti.
Introduction Our Topic: Mobile Security Why is mobile security important?
Social impacts of the use of it By: Mohamed Abdalla.
{ Active Directory Security Why bother?.   Law #1: Nobody believes anything bad can happen to them, until it does   Law #2: Security only works if.
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Module 6: Designing Security for Network Hosts
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Group Policy for Laptops and Printers. Order of Operations Computer Policies Things that apply to the hardware or all users Firewall Settings Disable.
Group Policy for Laptops and Printers. Order of Operations Computer Policies Things that apply to the hardware or all users Firewall Settings Disable.
Computer Security By Duncan Hall.
Mobile Security By Jenish Jariwala. What is Mobile Security?  Mobile Security is the protection of smartphones, tablets, laptops and other portable computing.
Safe’n’Sec IT security solutions for enterprises of any size.
Sniper Corporation. Sniper Corporation is an IT security solution company that has introduced security products for the comprehensive protection related.
1 Outline of this module By the end of this module you will be able to: Understand why computer security is important; Name the different threats to.
SMOOTHWALL FIREWALL By Nitheish Kumarr. INTRODUCTION  Smooth wall Express is a Linux based firewall produced by the Smooth wall Open Source Project Team.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Embedded Linux Conference6 April 2009Jake Edge - LWN.net Security Issues for Embedded Devices Jake Edge LWN.net Slides:
Understanding Threat Models for Embedded Devices Jake Edge LWN.net Embedded Linux Conference Europe October 28, 2010.
Cyber Security and Computer Safety
Windows Tutorial 5 Protecting Your Computer
Debra Mann Reference Librarian Innisfil Public Library
Advanced Endpoint Security Data Connectors-Charlotte January 2016
What they are and how to protect against them
Outline The basic authentication problem
Manuel Brugnoli, Elisa Heymann UAB
Network Security Fundamentals
Common Methods Used to Commit Computer Crimes
Unit 4 IT Security.
Cloud Computing I hear this question often. It is not easy to explain, because it means different things depending on who you talk to. Today’s Webinar.
Ways to protect yourself against hackers
Wireless Network Security
Overview 1. Phishing Scams
Evaluating Existing Systems
Wireless Network Security
Evaluating Existing Systems
Security of Mobile Operating Systems
The next generation of collaboration
Introduction to Networking
Fix Windows 10 Activation Error 0x80072ee2
Security of a Local Area Network
How to Fix Windows 10 Update Error 0x ?.
Determined Human Adversaries: Mitigations
Risk of the Internet At Home
A quick look into today’s APTs
Nessus Vulnerability Scanning
Internet of Things Vulnerabilities
The Internet of Unsecure Things
Cyber Security and Computer Safety
Securing the Internet of Things: Key Insights and Best Practices Across the Industry Theresa Bui Revon IoT Cloud Strategy.
Local Administrator Rights
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Topic 5: Communication and the Internet
BACHELOR’S THESIS DEFENSE
Engineering Secure Software
Cyber security and Computer Misuse
Chapter 3 – Operating Systems
Determined Human Adversaries: Mitigations
LO1 - Know about aspects of cyber security
What Are Our Security Goals?
Data Recovery: Why Secure Deletion is so Important.
1.2.2 Security aspects • Show understanding of the security aspects of using the Internet and understand what methods are available to help minimise the.
6. Application Software Security
IoT: Privacy and Security
Outline The concept of perimeter defense and networks Firewalls.
WTF… About the unsecurity of IoT
Cleaning Up the Internet of Evil Things
Presented by Shashank Shekhar Sahoo
Presentation transcript:

Understanding Threat Models for Embedded Devices Jake Edge LWN.net jake@lwn.net Embedded Linux Conference April 13, 2010

Introduction Analyzing threats to a device should be done during the product design phase Initial analysis is not based on the software installed on the device Potential threats are based on the planned functionality of the device Some thought should be given to other uses 13 April 2010 ELC 2010

Threat model Based on the possible threats to a system Threats are based on several aspects of the device's intended use Once the threats are identified, a subset is targeted to defend Impossible to defend against all threats Narrowing down the threats to be defended allows developers to prioritize their efforts 13 April 2010 ELC 2010

What is being protected? What data is being protected by or stored on the device? Alternatively: what are the consequences for the user if the device is compromised? Proper functioning of the device is the most basic – denial of service As the value of a compromise increases for an attacker, the attacks get more sophisticated 13 April 2010 ELC 2010

What is being protected? A television or microwave probably has little data of interest to an attacker Network router/firewall or storage server either have or protect fairly high-value data Snoop on internet traffic/phone calls/... Drain a bank account through phishing Delete the family photo album Basic security tenet: Make the cost of an attack more than the data is worth to an attacker 13 April 2010 ELC 2010

Inputs Inputs are the device's connections to the external world Network/wireless are obvious – Bluetooth, cellular voice/data, GPS a bit less obvious Remote controls, front panel buttons are still inputs – still vulnerable depending on location Weirder stuff: cameras, microphones, USB ... The only way into the system is via inputs 13 April 2010 ELC 2010

Inputs All inputs should at least be considered May reject attacks against some Require physical access Implausible attack scenarios Implies targeted attack at individual/organization Inputs “walled off” from the rest of the system 13 April 2010 ELC 2010

Installation location Embedded devices may be “installed” in unfriendly environments Often can't assume physical security Even “home” devices can be installed elsewhere Internet router/firewall used in coffee shop TVs/DVRs installed in bars/restaurants Unexpected uses may lead to increased exposure to threats 13 April 2010 ELC 2010

Users Based on the target market, the technical knowledge of the users should be considered Non-technical users may use the device in highly insecure ways Connecting devices directly to the internet Sharing much more data than they realize Are security updates planned? How are users supposed to find out? Without easy update, more hardening needed 13 April 2010 ELC 2010

Example: Television Low-value data (if any at all) Few inputs (HDMI, remote control, front panel) Non-technical users Installed “everywhere” Relatively few security concerns Denial of service via crash Annoying folks with universal remotes (not really an issue that TV makers can be expected to fix) 13 April 2010 ELC 2010

Example: Home NAS server Data is high-value to user, probably low value to attacker (except possibly targeted attacks) Network is the only real input (on/off switch) Non-technical users Generally installed behind router/firewall Could be attacked from inside the network (browser-based or other malware) Might be installed/configured insecurely 13 April 2010 ELC 2010

Example: Home NAS server Attacker could deny access, get ransom Encrypt the contents Disable the device Has enough compute power to be used in a botnet Could be used to store attacker data Common flaw: default admin password Doesn't require the user to change it 13 April 2010 ELC 2010

Other devices A similar analysis can be done early in the product development cycle Explicitly deciding not to defend against certain kinds of attacks allows developers to focus Customer expectations should be set correctly Security is always about tradeoffs 13 April 2010 ELC 2010

Conclusion Seen as a PR problem, but it is really a customer relations issue Customers that get burned (or hear of others that got burned) won't return Once a reputation for lax security is established, it can be very hard to break (ask Microsoft) Starting early allows you to “bake security in” and not try to bolt in on later 13 April 2010 ELC 2010

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.