Presentation is loading. Please wait.

Presentation is loading. Please wait.

Development of an Embedded Platform for Secure CPS Services

Published byProsper Norton Modified over 6 years ago

Similar presentations

Presentation on theme: "Development of an Embedded Platform for Secure CPS Services"— Presentation transcript:

1 Development of an Embedded Platform for Secure CPS Services
Vincent Raes, Jan Vossaert and Vincent Naessens CyberICPS /09/2017

2 Contents Problem Statement The Platform Evaluation of the Prototype
Conclusion

3 Problem Statement

4 Problem Statement A Cyber-Physical System links the physical world with the virtual world

5 Problem Statement Previously isolated systems, now connected
Systems receive more calculating power Opportunities for new products and services Introduces new challenges Privacy Security

6 Problem Statement Onboard computer Proprietary Local Data Processing
Critical (eg: engine start) and non-critical (eg infotainment) services In-vehicle networks and external networking Ensure critical services while allowing extensible non-critical software Proprietary Local Data Processing Services for monitoring, analysing and managing industrial systems Typically runs in back-end to prevent exposure Cases where analysis is needed in location with poor Internet connectivity Protect algorithm in the field while less trusted code gathers and displays data Insert voorbeelden van application domains hier!!!!!! Fleet Management is een ervan  Onboard computer

7 Goals Create an open platform to run secure services
Protect the service using Trusted Computing Technology Allow integration of third-party software

8 The Platform

9 Overview Used Technologies Threat Model Requirements
Design of the Platform

10 ARM TrustZone Hardware extensions on ARM processors
Splits device in Secure and Normal World Division on hardware and software level 1 Figuur maar overlaten Het zal wss de rechtse worden die het overleeft

11 Genode Open source framework for highly secure OS
Modular microkernel with strong hierarchical isolation Application specific TCB Supports wide range of embedded systems

12 Attacker Model Commodity OS is untrusted due to large code base
Communication channels are untrusted Attacker is unable to break cryptographic primitives Secure World and applications in Secure World are trusted Hardware attacks are out of scope Sexy figuurtje voor maken!!! Iets waar al men attack vectoren opstaan preferably

13 Requirements of the Platform
Isolated execution Protect integrity and privacy of a service Secure boot Attest the services upon booting Secure service development Build environment for development and deployment of secure services Rich Normal world Easily develop applications using secure services

14 Design of the Platform Software Architecture Inter-World Communication
Software Development Support System Boot

15 Software Architecture
2 Software stacks Android as Normal World Genode as Secure World

16 Software Architecture
Android Offers familiar environment Easily install new applications Rich UI for touchscreens Kernel

17 Software Architecture
Android Genode Services as applications Secure monitor as application Monitor manages list of references to services Service 1 Monitor S1 S2 Service 2 Kernel Kernel

18 Inter-World Communication
Genode acts as slave to Android If an application requires a secure service, a request is issued New driver was added to enable requests Service 1 Monitor S1 S2 Service 2 Kernel Kernel Genode driver

19 Inter-World Communication
Application contacts driver with request Driver passes request to secure monitor Monitor calls requested service Service handles request 3 Service 1 Monitor S1 S2 Service 2 2 1 Kernel Kernel Genode driver

20 Inter-World Communication
Application contacts driver with request Driver passes request to secure monitor Monitor calls requested service Service handles request Service responds to monitor Monitor notifies driver Driver responds to application 5 Service 1 Monitor S1 S2 Service 2 6 7 Kernel Kernel Genode driver

21 Software Development Support
Android application development Use regular development environment Java library to enable communication with secure services Library provides generic communication API Developers of secure services can build service-specific library

22 Software Development Support
Android application development Secure service development Developed in Genode framework Use C or C++ based on FreeBSD Additional libraries can be ported (eg OpenSSL) Script is provided to build the Genode world and add the written services

23 System Boot Guarantees authenticity of Secure World on startup
3-stage boot process Authenticated start of the bootloader Bootloader authenticates and boots Genode Genode starts Android Guarantees authenticity of Secure World on startup Bootloader Genode Android

24 Evaluation of the Prototype

25 Evaluation of the Prototype
Prototype has been developed on i.MX6 SABRE Lite board Security analysis Currently ~ LOC Sharply reduces risk of bugs and exploits compared to commodity OS Main attack vector is interface with Normal World Service should provide a strict communication API between the world Current calls have a very specific purpose

26 Requirements Review Secure execution Secure boot
Services run isolated from untrusted world Narrow attack vector Secure boot Secure service development Rich normal world

27 Requirements Review Secure execution Secure boot
i.MX technology enables trusted bootloader Bootloader verifies authentic secure world Secure service development Rich normal world

28 Requirements Review Operation Genode (ms) Android (ms) RSA Public key
Secure execution Secure boot Secure service development Services can be developed in C++ Performance of secure world Rich normal world Operation Genode (ms) Android (ms) RSA Public key 53,6 1,4 RSA Private key 1774,1 41,1 AES Encrypt 76,0 63,9 AES Decrypt 75,3 49,9

29 Requirements Review Secure execution Secure boot
Secure service development Rich normal world Android applications developed as usual Java library allows contact to secure world Impact of secure world on performance is minimal

30 Conclusion

31 Conclusion Presented the design of a platform which can be used to offer secure services in a Cyber-Physical System environment The platform uses a Trusted Execution Environment to isolate critical services A prototype has been developed Future work Utilize this platform design in use cases to truly validate Currently working on onboard computer case for IoT trucks Conclusion fixen

32 https://distrinet.cs.kuleuven.be/ vincent.raes@kuleuven.be
Thank you! Eventjes pauzeren voor je een antwoord geeft op een vraag want je wil vaak te snel zijn wat voor onnauwkeurigheden zorgt in de antwoorden

Download ppt "Development of an Embedded Platform for Secure CPS Services"

Similar presentations

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.

MicroKernel Pattern Presented by Sahibzada Sami ud din Kashif Khurshid.
Content Overview Virtual Disk Port to Intel platform

Content Overview Virtual Disk Port to Intel platform
Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Dancing with Giants: Wimpy Kernels for On-demand Isolated I/O Presenter: Probir Roy Computer Science Department College of William & Mary.

Dancing with Giants: Wimpy Kernels for On-demand Isolated I/O Presenter: Probir Roy Computer Science Department College of William & Mary.
1 September 1, 2014.  Motivation  Background  TrustDump Architecture  Implementation Details  Evaluation  Summary 2.

1 September 1,  Motivation  Background  TrustDump Architecture  Implementation Details  Evaluation  Summary 2.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
DEPARTMENT OF COMPUTER ENGINEERING

DEPARTMENT OF COMPUTER ENGINEERING
Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.

Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.
Android Security GROUP MAY 1208 Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren.

Android Security GROUP MAY 1208 Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren.
Building Trusted Path on Untrusted Device Drivers for Mobile Devices

Building Trusted Path on Untrusted Device Drivers for Mobile Devices
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Bootstrapping Trust in Commodity Computers Bryan Parno, Jonathan McCune, Adrian Perrig 1 Carnegie Mellon University.

Bootstrapping Trust in Commodity Computers Bryan Parno, Jonathan McCune, Adrian Perrig 1 Carnegie Mellon University.
Jakub Szefer, Eric Keller, Ruby B. Lee Jennifer Rexford Princeton University CCS October, 2011 報告人:張逸文.

Jakub Szefer, Eric Keller, Ruby B. Lee Jennifer Rexford Princeton University CCS October, 2011 報告人:張逸文.
Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.

Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.
Virtualization: Not Just For Servers Hollis Blanchard PowerPC kernel hacker.

Virtualization: Not Just For Servers Hollis Blanchard PowerPC kernel hacker.
Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.

Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.
Bart Miller – October 22 nd, 2012.  TCB & Threat Model  Xen Platform  Xoar Architecture Overview  Xoar Components  Design Goals  Results  Security.

Bart Miller – October 22 nd,  TCB & Threat Model  Xen Platform  Xoar Architecture Overview  Xoar Components  Design Goals  Results  Security.
M. Alexander Helen J. Wang Yunxin Liu Microsoft Research 1 Presented by Zhaoliang Duan.

M. Alexander Helen J. Wang Yunxin Liu Microsoft Research 1 Presented by Zhaoliang Duan.
Operating Systems Security

Operating Systems Security
Graciela Saunders.  Introduction / Review  Challenges to Embedded Security  Approaches to Embedded Security  Security Analysis & Attack Taxonomy 

Graciela Saunders.  Introduction / Review  Challenges to Embedded Security  Approaches to Embedded Security  Security Analysis & Attack Taxonomy 

Similar presentations

Ads by Google