Understanding cyber attacks in embedded computing enables integrators and suppliers to consider options
By Paul Hart
BOURNEMOUTH, England – Cyber attacks on embedded computing systems are an ever-increasing threat, and system integrators need to have an understanding of cybersecurity concepts to design-in sufficient protections. This includes understanding what commercial off-the-shelf (COTS) vendors can bring to the table to mitigate the effects of cyber attacks and ensure that their suppliers have the necessary expertise to meet their system protection requirements.
The trusted-computing task is to apply practical measures that can mitigate the effects of known cyber threats to aerospace and defense systems. Meanwhile, the battlespace is becoming ever-more computerized, from the infantry soldier with his personal radio and situational awareness, to communications with the battle group, and information coming from datalinks and intelligence, surveillance, target acquisition and reconnaissance feeds from unmanned aerial vehicles (UAVs).
Consider the basic computer architecture of a personal computer. It has a processor, memory of different types, a BIOS to initialize the system and a clock to step through the program counter. There also are I/O ports that connect the system to the outside world, and perhaps graphics for displaying data and user interfaces.
Related: Trusted computing and the challenges of cryptographic algorithms in quantum computing
Military embedded computing systems generally share the same generic architecture as a personal computer, yet with different levels of processing power. Like the personal computer, the embedded computer also has a processor surrounded by memory. It has a clock, some form of initialization, I/O, and sometimes some graphics and power supply. One main difference is the military system may not have a keyboard, mouse, or electronic display.
Instead, the computer is part of a subsystem such as an aircraft flight-control computer, with applications that launch straight from power-up and have the ability to monitor themselves. Also, the applications might communicate with other nearby embedded computers that essentially are doing the same thing.
The first step is to understand the cyber vulnerabilities of a given hardware system, called attack surfaces, which typically are the interfaces that connect the computer to the outside world. Everyone is familiar with the interfaces on his or her own laptop computer, such as the USB, Ethernet, and WiFi interfaces. Still, an attack surface also can be a switch, a mouse, keyboard.
One well-known method of exploiting an attack surface on a personal computer is via a phishing email with a subject line like “Congratulations, you’ve won a vacation! Just click here." If the unsuspecting user follows the email’s call to action, he actually will launch an application that gives a hacker access to the computer's data, and perform all sorts of nefarious activities.
Cyber attacks that threaten the integrity of personal computers and embedded systems include software viruses, worms, and denial of service (DoS) attacks. A virus is malicious software that can replicate itself and modify the code stored in the system’s memory. The infection typically comes via the inputs.
A worm doesn’t require a host application to run, but can execute itself in code. Worms can extract data from memory and send it to the outside world, without anyone realizing it. For example, it a worm can move from an output port, to a switch, to a remote Internet Protocol address. A Trojan Horse is a type of “back-door” software that can capture and log a computer user’s keystrokes to obtain passwords and other valuable data.
In the last year or two, the industry has become aware of a different sort of sophisticated malicious software that manipulate very low-level microprocessor cycling, and enable them to execute machine instructions. Spectre, Meltdown, and Rowhammer are examples of these microprocessor attacks, which are very hard to detect, and can bypass all anti-malware defense mechanisms.
In a DoS attack, a malicious actor overloads the network so that messages can’t get through because it claims all of the network bandwidth. These sophisticated software techniques identify large numbers of IP addresses, figures out who's online, and send out enough messages to overload that network. DoS attacks become even more likely as AI and machine learning applications become more common.
Cybersecurity in the military also includes authenticating datalinks that update the equipment and identify if there’s a DoS. While embedded systems don’t typically connect to the Internet, they often have connectivity to the battlefield to receive new uploads on communications code.
Related: Cryptography in trusted computing: an introduction to secure hashing
Today, with software-defined radio, systems designers implement new communications waveforms in software that must update regularly. It’s critical to ensure that these updates aren’t being jammed. The communications must be authenticated so that anyone legitimately sending an update to a computer on the battlefield can establish that connection with absolute assurance that no one is mimicking or spoofing that message or intercepting and understanding the transmitted protocols.
Protecting the data and hardware of deployed embedded military systems is an increasingly critical task facing today’s systems integrators. Once designers understand basic concepts and requirements, they can have a true dialogue with their hardware suppliers to ensure the availability of appropriate mitigating technologies and techniques to support the warfighter and help ensure a successful mission.
Paul Hart is chief technology officer at Curtiss-Wright Controls Avionics and Electronics in Bournemouth, England. Contact him by email at [email protected].