Embedded Memory Security

Abstract

The Internet of Things (IoT) has grown dramatically over the past years. Largely autonomous, lightweight devices with an internet connection have been integrated into many aspects of daily life; from consumer products to industrial processes and from medical applications to critical infrastructures. Cisco predicts that by 2023, more than half of the internet connections will belong to IoT devices. With the impact of cybercrime ever growing, currently leading to a loss of 600 billion US dollar per year according to McAfee, the Internet of Things has become an attractive target. Successful attacks have already been demonstrated on smart cars, home security cameras, heart defibrillators, the Ukrainian power grid and military drones, just to name a few. Attacks of this nature are expected to intensify as more ’things’ are connected to the internet, either by criminals looking for quick money, companies sabotaging com­ petitors or countries waging cyber warfare. This demonstrates the need for strong security for IoT devices. Attacks on IoT devices can come from three distinct direction: The network, the software or the hardware level. Where network protocols and software applications can be updated when issues are found, this is not the case for hardware, which must be designed to be secure from the start. Further­ more, the way IoT devices are installed in the field makes hardware based attacks particularly relevant. Examples include the probing of traces and pins, fault injections to cause unintended behaviour, mod­ ifications of the firmware, side­channel analysis, stealing of data etcetera. Countering many of these attacks requires integrity verification of the attached memory chips of a device, to make sure that the ap­ plications have not been tampered with. Existing security measures implemented in high performance processors, such as Intel SGX and more recently AMD SEV, can encrypt and secure the memory of a system. These implementations however are not available for the lightweight microcontrollers and processors generally found in IoT devices. ARM TrustZone is a common security solution found in embedded devices to provide protection against untrusted software, but does not defend against hard­ ware tampering. As such, a lightweight solution is required aimed at the constrained environments presented by IoT devices, to ensure the integrity of external memory modules. This thesis presents the Embedded Memory Security (EMS) module as a way to ensure the integrity and authenticity of data and applications, as well as its confidentiality if required. It is targeted at lightweight systems with a small hardware budget. The module sits on­die with the central processor of the device and secures all data being transferred between it and external memory. Integrity is verified through Message Authentication Codes (MAC) generated with SipHash for each memory transfer. The lightweight block cipher Prince is used to provide confidentiality through encryption. Five variants of this module with different levels of security and optimizations are developed and integrated into a processor development platform. Benchmark runs showed that under realistic cache conditions, their impact was limited to a 25% increase in execution time at worst. Three attacks were performed on the platform with the modules, indicating that they protect against several types of hardware attacks on memory. Finally, the hardware cost in area requirements was determined and found to be less than half of the microcontroller­class RI5CY core, excluding its caches, and only 3% of the Linux­capable Ariane core. In addition to the EMS modules, two security extensions are proposed that utilize the modules to provide a secure method of updating devices.