Microprocessor vendors such as Andes have been saying for some time that security requires extensive hardware support. In particular, embedded processors in intelligent sensors inside IoT chips are now popular targets for hackers, who find it easy to change the program code and system parameters to alter the operation of the sensor or to use the system for their own purposes. Every time a major breach occurs, like the recent infiltration of Sony, the message that security cannot be left in software only becomes stronger.
There are different levels of hardware support for security. At the lowest level, the encryption keys need to be kept in hardware and the access carefully controlled. But there are a lot of other more subtle ways to attack a microprocessor-based system.
One point of vulnerability to hackers in an embedded system is the JTAG interface. An attacker able to put the system into debug mode has complete control of the system with complete access to the CPU’s registers, program memory and another memory in the system. To provide protection of embedded software and program data while keeping the debugging capability, Andes secure debugging feature requires pass code validation. Anyone accessing JTAG port must provide a pass code, which can be provided in a static or dynamic form. A static pass code is stored in non-volatile memory in the chip. Anyone attempting to access the JTAG interface must provide the stored code. The other alternative is storing the pass code on a remote server and anyone accessing the JTAG port must acquire the pass code from the server.
Another point of vulnerability in an embedded system is the memory interface brought out to the pins on the packaged part to access external memory. By probing the interface pins with a logic analyzer, attackers can capture all the traffic passing between external memory and the embedded CPU. To secure the memory interface, the Andes secure MPU scrambles the data and/or address thus displaying random information to a logic analyzer probe and making it impossible to copy the memory contents without the encryption key.
A third technique used to hack into embedded designs is differential power analysis. This is a technique developed by Cryptography Research and works by looking at the power consumption of the system cycle-by-cycle and by looking at small differences in repetitive operations (such as DES encryption) to try and deduce, for example, the key. It is especially important to protect against in smart cards, which are used in credit and debit cards in most of the world (and probably coming soon in the US). The Andes solution is to randomize the power profile to eliminate the repetitive patterns, thus making the CPU less vulnerable to this type of hacking. One technique used to achieve this result includes a hardware random-bit generator that randomizes the internal clock signal. Another technique is to use a hardware random-bit generator to schedule per instruction cycle between two or more threads of execution that run on the MPU’s register sets.
Of course security is a sort of war in which the attacks never get weaker. Andes continues to enhance their microprocessor solutions to keep their security strong.Share this post via: