What is an Embedded Security Assessment?
Embedded systems are computer systems that are integrated into a specific technical context. An Embedded Security Assessment (sometimes also known as IoT Security Testing) systematically evaluates these systems for security vulnerabilities. Typical tasks of embedded systems are monitoring or controlling as well as data and signal processing in the context of larger mechanical or electrical systems.
While embedded systems are commonly used in industrial areas, they are becoming more and more prevalent in consumer products (e.g., in the smart home area) and often are equipped with connections to internal networks or the Internet. In this context, the terms Internet of Things (IoT) or cyber-physical systems (CPS) are often used to describe the connectivity of everyday objects. Typical use cases are as follows:
- Industry 4.0, Process IT (systems to control and monitor machines and facilities in the areas of production and logistics)
- Automotive (automobiles, control units, head units or combined instruments, sensor technology, driver assistance systems, etc.)
- Consumer products (smart home, office and network technology, multimedia systems, household appliances, home automation and monitoring, electronic fitness devices, etc.)
- Health and medical technology (clinical devices, systems to monitor patients and important body functions)
- Home automation and process control
Objective
Identification of vulnerabilities in IoT devices or other embedded systems with a risk assessment for specific threat scenarios
Question
How secure is the embedded system and what can external attackers or malicious users and employees achieve in the worst case?
Scope
IoT devices or other embedded systems including hardware and interfaces
Embedded Security Assessment Process: Methodology & Approach
In an assessment of embedded systems, the hardware as well as the software of the embedded system is analyzed and examined with respect to existing vulnerabilities. Here, the auditor is in the position of an external attacker or a privileged user. Examples for attack vectors range from the reading of storage chips and man-in-the-middle attacks, up to the infiltration of systems by exploiting vulnerabilities in exposed interfaces.
In general, the assessment is based on the approach of an examination that is as comprehensive as possible. However, depending on the type of application or system and the relevant threats, a risk-based approach is also possible (comparable to a penetration test ). In this case, the focus is on particularly security-critical or endangered areas, whereby the scope of the test is determined by the time budget agreed upon in advance.
Core Components of a SCHUTZWERK Embedded Security Assessment
The embedded security assessment usually consists of the following parts:
- Analysis of hardware (e.g., data extraction from chips, access to debug and diagnostic interfaces)
- Analysis of firmware and operating systems together with existing update processes
- Analysis of specific security features (e.g., secure boot or HSM integration)
- Analysis of cryptographic methods (e.g., for encryption, signature verification, challenge-response procedures, or entropy of RNGs)
- Analysis of SoC-specific features (e.g., boot chain security, memory isolation, TEE isolation)
- Analysis of communication within the embedded system (e.g., data transfer between chips or processors)
- Analysis of communication with external components or backend services (e.g., via field buses, Bluetooth, NFC, Wi-Fi, or mobile connections)
- Analysis of passive and active side channel attacks (e.g., power analysis or fault injection via power glitching)
- Analysis of application layer (e.g., user inputs or backup functionality)
- Documentation, including a risk evaluation and proposed measures
Embedded Security Assessments and Relevant Regulations & Standards
The security of embedded systems is subject to a variety of regulations and standards that can be relevant depending on industry and application area. A comprehensive embedded security assessment takes these requirements into account and helps you achieve regulatory compliance:
Cyber Resilience Act (CRA) - This new EU regulation establishes concrete requirements for the cybersecurity of connected products. An embedded security assessment helps you meet these requirements and prepares your product for market launch.
IEC 62443 - This series of standards defines security requirements for industrial automation systems and covers both technical and organizational aspects. Our assessments are conducted with these requirements in mind.
EU Radio Equipment Directive (RED) - Products with radio interfaces are subject to specific security requirements according to EU RED. We verify compliance with the relevant security provisions.
ISO/SAE 21434 - This standard for cybersecurity in the automotive industry defines requirements for cybersecurity management throughout the entire vehicle life cycle, for example with regard to threat analysis and risk assessment (TARA) or the verification of security measures. Our embedded security assessments for automotive components for automotive components are tailored to this standard and meet the requirements of technical verification in particular.
UNECE R 155 - This regulation contains binding requirements for cybersecurity in vehicle type approval. We support you with our automotive security assessment in meeting these requirements during the homologation process.
By working with our experts, you ensure that your embedded systems are not only technically secure but also comply with relevant regulatory requirements.
Embedded Security Assessment Results: Risk Evaluation & Countermeasures
As a result of the assessment we will provide a detailed report. Depending on the type and scope of the project, the final report will include the following parts:
- Management summary with a description of the results and the security level
- Description of the project approach, scope, schedule and methodology
- Detailed description of identified vulnerabilities in order to understand underlying issues and to enable reconstruction of possible attacks (where necessary with proof-of-concept implementation)
- Detailed description of the iterative exploitation process when using chained vulnerabilities
- Risk assessment of identified vulnerabilities taking into account the IT environment or the application context (risk classification: low, medium, high, critical)
- Description of measures to remedy the vulnerabilities
- If necessary, a description of higher-level strategy, concept and process-related measures or optimization suggestions.
Blog & News Archive
Blogposts about: embedded security