A Cryptographically Secure On-chip Firewall for Memory Address Space Control Roberto Rivoir Director of Security Development Rambus France IoT & Security Innovation Day Sophia Antipolis, France 26 November 2015
Outline IoTs, Smart Connected Objects vs. Security Threats Systems-On-Chip, Networks-On-Chip and HW Security Challenges for IoTs A Cryptographically Secure On-Chip Firewall for Memory Address Space Control Embedded Security Platforms for IoTs Conclusions and Challenges 2
IoTs, Smart Connected Objects vs. Security Threats Next-Gen Smart Connected Objects Different devices: - Interconnected objects, IoT - Wireless Sensor Networks - Smart Micro-Systems - M2M - Paradigms: Smart Intercommunicating Everything, from Smartdust to Big Data Smart: sensing, actuating, processing, storing data Autonomous: energy harvesting, inductive coupling, wireless charging, vibrational, thermo-electric, PVT Ubiquitous, Multi-mode Connectivity Technologies: - Cellular (for M2M) - Wireless LAN (Wi-Fi) - Wireless PAN (BT) - Wireless BAN (BT LE) - Contactless (NFC) - Contact, Human Body Communications (HBC) 3 4 2014 Rambus Inc. Confidential Security Threats are Softw are Firmw Apple ts OS Hardware IC Software Attacks: - Most common and easy ones to implement - Low-cost attacks - Aiming at memory data theft or device malfunctioning - High impact on volume of attacked devices - Powerful SW attacks may penetrate deeper layers of embedded systems BUT ALSO Hardware Attacks - Tampering HW, ex.: Applications: e-health, telemedicine, rehabilitation, assisted living, energy meters, cameras for sport & fitness, well-being, food & beverage, environment, industrial control, surveillance, implantedrobotics, smart grid, energy metering, civil engineering, smart buildings & city, wearable devices, etc. home appliance, automotive & avionics, video-surveillance, harsh environment, - Very high potential impact oil-gas pipelines, safety plants, homeland security, military, defense and consequences on safety, security, privacy, health, financial damages, etc.
Systems-On-Chip, Networks-On-Chip and HW Security Challenges for IoTs
IoT and SoC Interconnect/Security Challenges Energy Harvesting RF RX/TX, freq. conversion Power Management Mod/demod, Scrambling, coding RF, Analog Digital HBC Actuators RF/ Radio Channel Clock System Base-Band Processing Need to connect trust multi-vendor IPs target initiator Need to implement security mechanisms (i.e. access credentials between IPs communications) RAM target NVM Too many different buses ( spaghetti ) ROM MCU Core Sensors Drivers Amplifiers (D/A) SI Sensor Interfaces (A/D) DSP Noise shaping, filtering Intelligent Data Processing initiator Data fusion, auto-learning, Interconnects between IPs increasing in quantity/density create issues in physical design / P&R 5
Networks-On-Chip (NoCs) CPU Secure CPU GPU Creating an interconnect infrastructure between different IPs Pack et- Switch N oc INI INI INI TNI TNI TNI RAM ROM Peripherals Initiators Network Interfaces P acket R outing Nodes P acket R outing Nodes Targets Network Interfaces Transport: network link, routing nodes Interface: Initiators Network Interfaces (INI), Target Network Interfaces (TNI) Protocol: packetization, serialization Each IP receives an ID but security mechanisms still missing 6
Adding Security on NoCs: HW Firewalls Pack et- Switch N oc 7 CPU Secure CPU GPU INI INI INI FW FW FW TNI TNI TNI RAM ROM Peripherals Initiators Network Interfaces P acket R outing Nodes F irewalls on R outing Nodes Targets Network Interfaces Protecting data or information that is private, secure or valuable and is available unencrypted: financial information, personal health, clinical data, How do HW firewalls work? - Embedded in NoCs interconnects - Partitioning Initiator and Target IPs in different security domains - On-the-fly re-programming access policy or hardcoded rules
Programming On-Chip HW Firewalls Initiator1 Initiator2 Initiator3 Initiator4 Programming Agent INI INI INI INI INI Programming Sequence (SW) TNI TNI TNI TNI Target1 Target2 Target3 Target4 8
Programming On-Chip HW Firewalls Initiator1 Initiator2 Initiator3 Initiator4 Programming Agent INI INI INI INI INI Programming Sequence (SW) TNI TNI TNI TNI Need of a Trusted Execution Environment (TEE) and Authentication Target1 Target2 Target3 Target4 9
Security Threats in NoCs & Attacks on Firewalls Traditional attacks on NoCs Hijacking: writing to restricted addresses of LUT to change system configuration Extraction of secret information: reading from secure addresses Denial of Service: reducing system throughput by Replying of forging request over the NoC Firewalls Attacks Request path (by glitching a packet header or impersonate an authorized initiator) Firewall reprogramming path (impersonating the reprogramming agent) Firewall state at rest (modifying previously stored data in registers/lut at rest) 10
A Cryptographically Secure On-chip Firewall for Memory Address Space Control
Cryptographically Secure HW Firewall for Memory Address Space Control HW / connectivity feature security feature Interconnect compatible with Network-On-Chips 2 to 16 initiators HMAC-SHA256 algorithm for programming authentication Cryptographically Secure HW Firewall Secure SW 1 to 15 targets Address space width from 12-bits (4kB) to 48-bits (256TB) HW/SW KMS HW or SW Key Management System Integrity checking of secret key and firewall regions Replay attacks prevention 12
Example of Embedded Security Platform for IoTs Energy Harvesting RF RX/TX, freq. conversion Power Management Mod/demod, Scrambling, coding RF, Analog Digital Security HBC Actuators Sensors RF/ Radio Channel Clock System Drivers Amplifiers (D/A) SI Sensor Interfaces (A/D) Base-Band Processing DSP Noise shaping, filtering Encrypt Block Chiper- Modes Decrypt RAM Intelligent Data Processing Data fusion, auto-learning, Security credentials monitoring NVM Security credentials monitoring ROM Cryptographi- Cally Firewall Secure HW Secured MCU Core KMS 13
Conclusion and Challenges Complete system level Software-Firmware-Hardware security solutions required for IoTs Highest level of embedded security in Hardware is crucial Specific security functionalities for IoTs such as cryptographically secure HW firewalls, authenticated encryption modes, TEE, KMS, etc. are necessary in the embedded security sub-system Challenge: how to fill the gap between security technology platforms, IoT devices and many verticals applications and services - 14
Thank you