Konzept und Implementierung einer Hardware-Security
Quang Hai Nguyen,
Arrow Central Europe
Security concern in the connected world
Since the advance of technology, especially the rise of the internet of things, more protocols have been specified, devices are getting smarter, connecting and communicating with each other. Consequently, a huge amount of data is generated and transferred to the network. Data is the new currency of the modern world, who has control of it could take control of the economy. Because of that, any device, system can be a victim of being compromised and data is stolen, particularly systems running in industrial, automotive and medical areas. A security breach impacts not only the business but also the company’s reputation and causes legal consequences. Therefore, security is getting more concern than ever.
Embedded hardware security
When applying security to the products, some embedded software developers are facing the challenges of new terminologies, knowledge, and standards in this area. Moreover, in the world of breaking is easier than protecting, online courses about “ethical hacking” can be found easily online, sniffing tools are better developed, the goals of developing a secure system is getting more complex. To cope with the increasing threats, new approaches must be created. One of the current trends is hardware security or embedded security with the implementation of secured elements. With the secured elements, one can be sure that the Confidentiality - protection against eavesdropping by encryption, Integrity - proof that data is not alternated, and Authentication – devices are genuine, of his system can be achieved. In addition to the data and the identity of the system, the Intellectual Properties (IP), i.e. the actual code running on the device and the communication stack also required protection. With ARM TrustZone Technology, important pieces of code or communication stack can be isolated and stored in secured memory of the microcontroller or microprocessor.
Targets of this lecture
To create a secure system, a lot of effort must be spent on integrating new security hardware and technology but the pressure of reducing the time to market remains the same. Not to mention, the chain of trust for the whole system, key management, and devices provisioning must be ensured. Therefore, this lecture aims to provide the audience with the general block function of the secure element, how they are implemented in the system, used cases, and good practices. Furthermore, the usage of ARM TrustZone, focused on the microcontroller, is also addressed. Finally, the lecture indicates the big picture of security implementation to give the audience a better understanding of what must be considered in their embedded design to achieve a secure system.