Hardware Based Security M odern applications like con- structure and components from attacks, nected industrial systems, fraud and sabotage; in brief, hardware that smartgrids, connected cars and enables to store, run and update software autonomous driving widely summarised in a protected way. under the term the Internet of Things (IoT), see Fig. 1, have a high demand Purely software based security Juergen Spaenkuch is division vice president, for reliable security. There are some typi- is not enough chip card and security, at cal use cases such as authentication of Several attempts have been made in Infineon Technologies AG components and their unique identities, the past to apply purely software based monitoring and safeguarding of system solutions for device authentication. Un- integrity and protection of data and com- fortunately, software, due to its nature, munication. To build trust in new servic- bears several significant weaknesses. It es and technologies, intellectual property is written in code, and code can be read (IP) protection is key, and data security and analysed. And once it is analysed, it and system integrity are a prerequisite can be modified as per the requirements for successful implementation of new of an attacker. And once the device is re- services and applications. programmed with the modified software, Fig. 1: The IoT and various To establish new solutions, we need the authentication process and system other connected applications integrated system solutions based on integrity can be broken. require secure communication, data and IP protection as well secured hardware that protects infra- Another severe weakness of software as system integrity based solutions can be the inappropri- ate storage of secret keys via all relevant processes and production steps. Typically, in software based protection systems, at- tackers can identify secret keys from the software in a very simple way; keys usually behave like random numbers, in total con- trast to the program code itself. So-called entropy analysers can scan the software and identify parts with high randomness (these parts typically contain the keys). Such a scan is done in seconds, and the keys found could directly be used to gener- ate falsified products in masses. Software-only solutions allow protection only in the case when none of the components used are physically accessible to an attacker. In real life, this exception would render such solutions unpractical. So soft- ware is usually not seen as a valid alternative for product authentication, system integrity and IP protection today.
42 November 2015 | Electronics For You www.efymag.com
INTERNET OF THINGS
However, software can be pro- addition, TPMs include a
tected by hardware; secured hard- comprehensive software ware protects the processing and stack enabling a secure storage of code using encryption, upgrade. fault and manipulation detection, Automotive is also an and secure code and data storage. upcoming field of appli- Software becomes trustworthy by cation, as there are many combining it with secured hardware. features and functions This has been proven by extensive already widely based experience from areas of trusted on hardware security, computing and the use of secure ele- designed in response ments in mobile phones and protec- to the level of security tive functions of smartgrids. required by the specific Fig. 2: OPTIGA TPMs are special MCUs that provide computer systems with comprehensive protection from unauthorised access application. Hardware based solutions and attacks MCUs of the AURIX provide more security family, for example, pro- A typical embedded control architec- error detection. Network end points vide special function blocks such ture with a standard microcontroller can be efficiently protected using this as security hardware extensions (MCU) on which a real-time operat- hardware based approach. (SHEs) or hardware security modules ing system (OS) and applications (HSMs). HSMs take care of secured are running can currently be found Hardware based security communication with other MCUs by in the majority of installed systems. is proven in the field signing messages or even using full Usually, security functionality is im- Coming back to the initial point encryption. Further, these can be used plemented using software based en- of discussion about new business to securely boot the MCU in order to cryption mechanisms. What is miss- models and opportunities in the prevent attacks from viruses and tro- ing is an efficient and secured trust context of the IoT, there are already jans and prevent unauthorised access. anchor (Hardware Roots of Trust, or numerous use cases and examples With regards to the fact that HRoT) with dedicated encryption demonstrating how hardware based the car is becoming an increasingly functionality for increased security. security solutions add real value in connected computing device com- This is why modern MCUs are terms of integrity and reliability of municating with other vehicles and an ideal solution to respond to in- connected devices. infrastructure, TPMs will become in- creasing security demands. On one For example, Infineon has been dispensable to protect the car’s com- hand, available standalone security shipping TPMs for devices running munication interfaces from hacker controllers are usually implemented Google’s Chrome based OS since attackers or malware during software with MCUs; on the other, there are 2011 and it is an integral part of updates. application-optimised MCUs with the security architecture of Google integrated security functions. Chromebooks, which were designed Conclusion Use of a standalone security to provide a fast, simple and secured It will only be possible to implement element (security processor or co- experience for people who use com- new connected technologies like the processor) that acts as an HRoT puting devices primarily to access the IoT by making comprehensive use of has proven itself for years in other Internet and use Web based applica- powerful safety and security technol- industries such as personal comput- tions. One key part of their design ogy in order to protect infrastructure ers, servers, chip cards and identity is called defence in depth, which and components that are used from documents. provides multiple levels of protection manipulation, attacks and malfunc- The concept is also recommend- against malware. tions. Secured hardware is an im- ed for industrial applications. For Meanwhile, structure of the TPM portant prerequisite, since maximum example, a trusted platform module standard was enhanced with some security requires secured hardware (TPM) (Fig. 2) can be used as an specific functions and interfaces and cannot be achieved with soft- HRoT in conjunction with other se- added to support new applications. ware based concepts alone. curity elements in order to provide New profiles of TPMs can address Infineon provides MCUs with an industrial controller with com- security-relevant applications not integrated security functions and of- prehensive security functions such only in the IT industry but also in fers efficient and secured solutions as integrated crypto-processors, embedded systems, smartphones, tailored to the applications’ needs, encrypted storage, buses and periph- communications equipment, indus- whether industrial, automotive or eral functions as well as integrated trial automation or automotive. In consumer-oriented.
www.efymag.com Electronics For You | November 2015 43