1. Information Security of Embedded Systems 2.12.2009: Foundations of Security II Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST

2. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 20092 Structure 1. Introductory example 2. Embedded systems engineering 1.definitions and terms 2.design principles 3. Foundations of security 1.threats, attacks, measures 2.construction of safe systems 4. Design of secure systems 1.design challenges 2.safety modelling and assessment 3.cryptographic algorithms 5. Communication of embedded systems 1.remote access 2.sensor networks 6. Algorithms and measures 1.digital signatures 2.key management 3.authentification 4.authorization 7. Formal methods for security 1.protocol verification 2.logics and proof methods

3. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 20093 Security – Basic Terms System, computational system  ownership of information RAMS Safety vs. security Threats, attacks, security holes  Modelling system, stakeholders, boundaries, intentions Example: Internet Thermostat

4. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 20094 More Basic Terms Access (Zugriff)  interaction between a subject (with intentions) and an object (a computational system)  If the access modifies the object, it is a write access, otherwise a read access  in embedded systems, read access to sensor values, write access to actuator values, read/write access to internal data  An access is authorized, if the owner of the information appreciates it at the time it occurs (the access is in the intent of the owner) Security (Informationssicherheit)  ability of a system to inhibit or restrict unauthorized access to the system (No threats from outside subjects for the system’s information)  confidentiality (Vertraulichkeit): no unauthorized read access  integrity (Integrität): no unauthorized write access

5. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 20095 Communication Threats e.g., TCP/IP protocol stack Example packet

6. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 20096 Homework: Monitor your connections! e.g., Microsoft Network Monitor

7. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 20097

8. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 20098 Link layer attacks Security hole via physical access to a wired network (hardware monitoring devices) e.g. ARP masquerading: rerouting of information  send unrequested ARP-reply which associates own HW-id with IP-address of victim  server “updates” cache information WLAN, bluetooth, zigbee security?  embedded devices communicate wireless  security measures in increasing sophistication  cf. ch. 5.2

9. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 20099 Network layer attacks (1) Address spoofing: Attacker pretends to be somebody else (via manipulated IP-headers)  Flooding attacks - direct: SYN-Flooding - indirect: Smurf

10. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200910

11. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200911 Network layer attacks (2) Eavesdropping of IP-packets (tcpdump)  IP provides unencrypted communication (no confidentiality, integrity, authenticity,...)  routing nondeterministic - strict source routing attack - RIP (routing inf. protocol) and redirect attack

12. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200912 Transport layer attacks (1) Access via faked packets  TCP: sequence numbering / acknowledgement  upon receipt of a connection request, the server generates a new sequence number, sends it back, and waits for an acknowledgement  “guessing” of ack numbers allows write access blocking of receipt at victim’s site

13. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200913 Transport layer attacks (2) “session hijacking”  eavesdrop communication  kill client  use false packets to continue communication, e.g., install backdoor on server

14. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200914

15. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200915 Application Layer Threats (1) Web Applications, E-Mail: viruses, worms, trojans, …  responsible for 90% of present-day security problems  mobile code, e.g. ActiveX, VB Scripts  MIME-threats: attachments, links, …  no security guaranteed (esp. authenticity) ftp, telnet, rlogin, rsh  password encryption?  anonymous FTP: write access? NFS: false mounting of exported files  NFS masquerading: UID on untrusted hosts can be arbitrarily manipulated  faking of NFS file handles (replay attack)  similar problems with NetBIOS  (workgroup or password-level access)

16. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200916 Application Layer Threats (2) NIS  supplies password information to outside  password shadowing HTTP Cookies: Write access  “permission assumed”  personal data, e.g., passwords, user profiles  disallow by default! CGI-scripts  execution of arbitrary commands on server  errors in scripts can open security holes  minimal rights principle! DNS poisoning: Attacker fudges IP number / name assignment  system access via.rhosts and rlogin

17. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200917 General Construction Principles Fail-safe defaults principle  access denied if not explicitly allowed Complete mediation principle  each access hat to be supervised Need-to-know principle  each subject has exactly the rights needed for its tasks Open design principle  security does not depend on design knowledge  “no security by obscurity” Economy of mechanisms principle  measures must be efficient and easy to use

18. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200918 System Construction Phases (1) “Design for security”: respect security issues in each phase, enrich life cyle by special (sub-) phases 1. System requirements analysis  System environment, functionality, use scenarios  necessary components, available resources 2. Threat and risk analysis  list vulnerabilities and possible attacks  estimate potential damage and occurrence probability 3. Security strategy and security model  derive and classify necessary security mechanisms - effort, cost, importance,...  build a model of the system and prove properties

19. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200919 System Construction Phases (2) 4. System architecture (coarse-grained design)  Realisation of the model  Interface definitions, services and protocols, module decomposition 5. Module definition (fine-grained design)  algorithms, data and control structures,...  adaption or extension of existing architectures and modules 6. Module and system implementation  Coding and integration of components

20. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200920 System Construction Phases (3) 7. Validation, testing and evaluation  code-inspection, module testing, integration testing - (e.g., find logical time bombs, security holes, hidden channels)  testing of security measures  validation of implementation of security model 8. Security classification  according to different criteria catalogues (TCSEC, ITSEC,...)  certification authorities, e.g., TÜV, BSI 9. Installation, maintenance  establishment of security infrastructure  assert that security policy is being followed, fixing of known security holes etc.

21. 2.12.2009Embedded Security © Prof. Dr. H. Schlingloff 200921 Construction of Secure Systems Security engineering: “The effort to achieve and maintain optimal security and survivability of a system throughout its life cycle” [InfoSec 1999]  Integration with the SW-engineering process  New phases: Threat and risk analysis, security strategy; Security classification, infrastructure Lit.:  Ross Andersen, Security Engineering; Addison-Wesley, 2001 (Case Studies)  Nancy G. Leveson, Safeware; Addison-Wesley 1995 (Safety)  Ed Amoroso, Fundamentals of Computer Security Technology