1. Welcome to our site! Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.
    Dismiss Notice

Security im Embedded Systems

Discussion in 'IoT - Internet of Things' started by Hellmut1956, Oct 2, 2017.

  1. Hellmut1956

    Hellmut1956 New Member

    Joined:
    Aug 20, 2013
    Messages:
    12
    Likes:
    6
    Location:
    Deutschland
    As IoT consists of embedded systems connected to the Internet, here the reason I am creating this thread. A couple of years ago I started experiments with RaspBerry Pis. Background information: I am a naval modeler and I am building the model of a sailboat from scratch. I also did work at US semiconductor companies, starting as it often happens as a technical person. I was hired as a Field Application Engineer for one of the 2 first processor systems for graphics. One was TI 34010, the other one I was hired for was the DP8500 from National Semiconductor. As I did loose my job when the Internet hype collapsed and later health problems made it impossible to work I did reactivate my hobby as a modeler and as my financial resources were limited I did switch from building model planes, sail planes, to naval modelling and here a sailboat. At the beginning focus was on working with wood, epoxy and fiber glass, later adding aluminium. When it came to the RC electronics I was disappointed with how electronics performed used to expand the number of channel of a transmitter and decoding this at the receiving end. So I used a AVR mega8 controller to digitize the PWM signals coming out of the receiver channels. having started to play with my own electronics I decided to switch from using a comercial winch to using a hybrid stepper motor as this offered the opportunity to implement a sheet control system to control the sails in a way much more similar to the way it was done on the original true sail boats of the J-class at the beginning of las century. I do not go into details, but my planned approach created very emotional reactions from expert model sailboat modelers on one side and of people from the physics community. The modelers claimed that friction would render my solution inoperable, while physics claimed that in the way I was planing to do it friction would be neglectable. This brought into my mind the intention to model the relevant part of the planned system as a topic of interest in itself. Well established and mature suppliers like Matlab and Simulink and Maple and MapleSim. Both products where far to expensive, as in those days there was no version for personal none comercial usage. So searching for other solutions I found Mathematica and SystemModeler and decided to buy a license for Mathematica, specially as Mathematica was offered for free running on a RaspBerry Pi. Now whoever has dealt with modeling knows that modeling and the resulting simulations are only as good as the models used. So it made sense to think about what is called "Software-in-the-Loop" and "Hardware-in-the-Loop". The goal is to verify and develop in iterations algorithms for the models that gave a best fit to experimental data. Wolfram Software just started in those days to implement the related functionality, i.e. using Teensy 3.1 and a specific protocol and a bit later the RaspBerry Pi to link Mathematica and SystemModeler to external devices, a requirement for the job required. But Wolfram and Matlab implement Models using different kind of modeling schemes. Matlab uses so called causal modeling, while Wofram and Maple offered "acausal" scheme. The difference is best described comparing the model of an electrical motor. In causal models as in Matlab and Simulink there is a fixed "direction". A tension is applied to a motor and a torque is the result. When you use this same motor as a generator, torque is the input and an electrical tension the output. In Matlab the model of such a physical motor is totally different for the 2 uses of a motor. Maple and Wolfram use the modelling language "Modelica". Here the model is the same for both uses of such a physical motor. I found the topic very interesting in itself and even found a profesor from Switzerland that uses the language Modelica to have its student model the physical tasks related to the physical topics taught. This was of big interest to me, as using modeling schemes on my sailboat project, as such a sailboat navigates in a physical environment.

    So I started learning and experimenting with the RaspBerry Pi, with Linux I had not dealt with earlier and used my electronic lab, part of my workshop. So one day I found my PC rendered inoperable due to a cyber attack that used the Raspberry Pi as a port of entry infecting my PC. I need to say, that my PC is usually very well protected and kept fully up-to-date! After many intents to cure my system I decided to update my PC to Windows 10 Pro, as this was offered by Microsoft for free from my Windows 7 Ultimate 64 bits. Luckily doing so I could recover my PC and all the stuff on it. I do have a Raid 10 storage using 4 TB hard drives. So backing up an image of the system was impossible to the size of the required backup storage. Today it is possible to get multi-TB hard disks with a USB 3.0 I/F, so now I do have a backup of my Raid System! The consequence of this painful experience was that I have stopped all experiments and focused to learn about security, cryptography and to understand which kind of areas exist with their related risks. Also this proved to be a topic of interest in its own right. So all the stuff I have presented so far proved to me that my mathematical skills has eroded since I was at the university more then 3 decades ago. Also the requirements for certain mathematical, electronic and physics skills led to have me find out that many universities and specific portals offer access to university courses in many fields for free by giving access to video recordings of the lectures, access to the related reading materials and the opportunity to participate in learning groups online.

    So in all this processes I met with the ARM concept of Trusted Zones as implemented in Controller IP for their 8th generation and in ARM Cortex M controllers 23 and 33. So about 2 years ago I went to the biggest embedded trade show in the world, Embedded World 2016 in Nurenberg, Germany and investigated who was available there that had knowledge of security in embedded systems. I just met 2 persons from 2 companies that had a clue what I was speaking about and the one from Renesas was probably the most knowledged person I met but said that the market in general was not willing to spend die extra cost when using specialized devices. That has changed since then and now is a hype you hear the people talk about everywhere.

    The most advanced offering for secure devices is offered by former Freescale, today NXP and maybe soon Qualcomm! It is their i.MX 8 controller family. As I did work for nearly a decade for Motorola Semiconductor, the parent company to Freescale, I am aware of their focus in the automotive market and the i.MX 8 product family is tailored to fit into this market. Now their i.MX 8 product family offers functionality for a whole range of functions available in current cars and even more required in future cars. So taking advantage of all the functionality available in this controllers you need expert teams for each of the application areas involved. Companies like Volkswagen, Mercedes, BMW i.e. and Bosch as an example of a supplier to those companies can afford to have expert team for all the areas involved, makers and small companies cannot cope with this. This, to my personal believe is the reason why the i.MX 8 controllers have been announced for years approaching what is called vaporware, but until now not accesible for normal users. Now there is to be soon a so called "Automotive Grade LInux", AGL Linux version that already has all the low level drivers included, so that customers can use the i.MX 8 devices by just accessing the API for those functions. I am waiting for the makers of inexpensive boards to have them made available. So far they are only announced as being in development.

    I would like to know if there are any forum members also interested in the topic of security in embedded systems and to get into an exchange of information.
     
  2. atferrari

    atferrari Well-Known Member

    Joined:
    Oct 8, 2003
    Messages:
    2,814
    Likes:
    121
    Location:
    Buenos Aires - Argentina
    I would read your text but such a mass with little of paragraphs is not for me. Could you edit it?
     
  3. Hellmut1956

    Hellmut1956 New Member

    Joined:
    Aug 20, 2013
    Messages:
    12
    Likes:
    6
    Location:
    Deutschland
    Realmente soy malo escribiendo. Los párrafos que ves ya son una estructura que he tratado de imponer al texto. Si el tema es de interés para tí, responde por favor.
     
  4. dave

    Dave New Member

    Joined:
    Jan 12, 1997
    Messages:
    -
    Likes:
    0


     
  5. ronsimpson

    ronsimpson Well-Known Member Most Helpful Member

    Joined:
    Apr 17, 2007
    Messages:
    7,304
    Likes:
    969
    Location:
    Loveland, CO USA

    Spanish-->English translation.
    I'm really bad writing. The paragraphs you see are already a structure that I have tried to impose on the text. If the subject is of interest to you, please respond.
     
  6. Little Ghostman

    Little Ghostman Well-Known Member Most Helpful Member

    Joined:
    Jan 7, 2011
    Messages:
    3,737
    Likes:
    433
    Location:
    SCOTLAND
    Just on the off chance someone wants to know what the above said, here it is reformatted.


    "As IoT consists of embedded systems connected to the Internet, here the reason I am creating this thread. A couple of years ago I started experiments with RaspBerry Pis. Background information: I am a naval modeler and I am building the model of a sailboat from scratch. I also did work at US semiconductor companies, starting as it often happens as a technical person. I was hired as a Field Application Engineer for one of the 2 first processor systems for graphics. One was TI 34010, the other one I was hired for was the DP8500 from National Semiconductor.

    As I did loose my job when the Internet hype collapsed and later health problems made it impossible to work I did reactivate my hobby as a modeler and as my financial resources were limited I did switch from building model planes, sail planes, to naval modelling and here a sailboat. At the beginning focus was on working with wood, epoxy and fiber glass, later adding aluminum. When it came to the RC electronics I was disappointed with how electronics performed used to expand the number of channel of a transmitter and decoding this at the receiving end.

    So I used a AVR mega8 controller to digitize the PWM signals coming out of the receiver channels. having started to play with my own electronics I decided to switch from using a commercial winch to using a hybrid stepper motor as this offered the opportunity to implement a sheet control system to control the sails in a way much more similar to the way it was done on the original true sail boats of the J-class at the beginning of las century.

    I do not go into details, but my planned approach created very emotional reactions from expert model sailboat modelers on one side and of people from the physics community. The modelers claimed that friction would render my solution inoperable, while physics claimed that in the way I was planing to do it friction would be neglectable. This brought into my mind the intention to model the relevant part of the planned system as a topic of interest in itself. Well established and mature suppliers like Matlab and Simulink and Maple and MapleSim.

    Both products where far to expensive, as in those days there was no version for personal none comercial usage. So searching for other solutions I found Mathematica and SystemModeler and decided to buy a license for Mathematica, specially as Mathematica was offered for free running on a RaspBerry Pi. Now whoever has dealt with modeling knows that modeling and the resulting simulations are only as good as the models used. So it made sense to think about what is called "Software-in-the-Loop" and "Hardware-in-the-Loop".

    The goal is to verify and develop in iterations algorithms for the models that gave a best fit to experimental data. Wolfram Software just started in those days to implement the related functionality, i.e. using Teensy 3.1 and a specific protocol and a bit later the RaspBerry Pi to link Mathematica and SystemModeler to external devices, a requirement for the job required. But Wolfram and Matlab implement Models using different kind of modeling schemes.

    Matlab uses so called causal modeling, while Wofram and Maple offered "acausal" scheme. The difference is best described comparing the model of an electrical motor. In causal models as in Matlab and Simulink there is a fixed "direction". A tension is applied to a motor and a torque is the result. When you use this same motor as a generator, torque is the input and an electrical tension the output. In Matlab the model of such a physical motor is totally different for the 2 uses of a motor. Maple and Wolfram use the modelling language "Modelica".

    Here the model is the same for both uses of such a physical motor. I found the topic very interesting in itself and even found a profesor from Switzerland that uses the language Modelica to have its student model the physical tasks related to the physical topics taught. This was of big interest to me, as using modeling schemes on my sailboat project, as such a sailboat navigates in a physical environment.

    So I started learning and experimenting with the RaspBerry Pi, with Linux I had not dealt with earlier and used my electronic lab, part of my workshop. So one day I found my PC rendered inoperable due to a cyber attack that used the Raspberry Pi as a port of entry infecting my PC. I need to say, that my PC is usually very well protected and kept fully up-to-date! After many intents to cure my system I decided to update my PC to Windows 10 Pro, as this was offered by Microsoft for free from my Windows 7 Ultimate 64 bits.Luckily doing so I could recover my PC and all the stuff on it. I do have a Raid 10 storage using 4 TB hard drives.

    So backing up an image of the system was impossible to the size of the required backup storage. Today it is possible to get multi-TB hard disks with a USB 3.0 I/F, so now I do have a backup of my Raid System! The consequence of this painful experience was that I have stopped all experiments and focused to learn about security, cryptography and to understand which kind of areas exist with their related risks. Also this proved to be a topic of interest in its own right.

    So all the stuff I have presented so far proved to me that my mathematical skills has eroded since I was at the university more then 3 decades ago. Also the requirements for certain mathematical, electronic and physics skills led to have me find out that many universities and specific portals offer access to university courses in many fields for free by giving access to video recordings of the lectures, access to the related reading materials and the opportunity to participate in learning groups online.

    So in all this processes I met with the ARM concept of Trusted Zones as implemented in Controller IP for their 8th generation and in ARM Cortex M controllers 23 and 33. So about 2 years ago I went to the biggest embedded trade show in the world, Embedded World 2016 in Nurenberg, Germany and investigated who was available there that had knowledge of security in embedded systems. I just met 2 persons from 2 companies that had a clue what I was speaking about and the one from Renesas was probably the most knowledged person I met but said that the market in general was not willing to spend die extra cost when using specialized devices. That has changed since then and now is a hype you hear the people talk about everywhere.

    The most advanced offering for secure devices is offered by former Freescale, today NXP and maybe soon Qualcomm! It is their i.MX 8 controller family. As I did work for nearly a decade for Motorola Semiconductor, the parent company to Freescale, I am aware of their focus in the automotive market and the i.MX 8 product family is tailored to fit into this market. Now their i.MX 8 product family offers functionality for a whole range of functions available in current cars and even more required in future cars.

    So taking advantage of all the functionality available in this controllers you need expert teams for each of the application areas involved. Companies like Volkswagen, Mercedes, BMW i.e. and Bosch as an example of a supplier to those companies can afford to have expert team for all the areas involved, makers and small companies cannot cope with this. This, to my personal believe is the reason why the i.MX 8 controllers have been announced for years approaching what is called vaporware, but until now not accesible for normal users. Now there is to be soon a so called "Automotive Grade LInux", AGL Linux version that already has all the low level drivers included, so that customers can use the i.MX 8 devices by just accessing the API for those functions. I am waiting for the makers of inexpensive boards to have them made available. So far they are only announced as being in development.

    I would like to know if there are any forum members also interested in the topic of security in embedded systems and to get into an exchange of information."


    ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    The Above is the reformatted version of what the OP said.


    First off, embedded world is not the place to go when talking security and IOT. Yes I know it sounds a bit stupid, but then again a double glazing convention might not be the best place to talk about locks.
    A convention on locks might be better.

    So does the embedded world have a lock type convention? Indeed it does, its known as Black Hat and the other major one completely escapes my memory! But its basically a poor mans Black hat convention. I hate to say this but, much of what you said is not correct. There is alot of products and techniques for security in the embedded systems world. I suggest you attend one of the two specialist conventions on security to find out about these.

    Keep in mind that as long as someone has physical access to a device, there is NO SECURE way to stop someone getting into a system. many of the newer chips have ways to encrypt etc, and I doubt Linux based systems will be the way the car industry goes. Linux by default has way too much information on itself. Also there is a great deal of knowledge out there on how to 'break' into linux (etal) systems.

    Never heard of the chip you mentioned and with your reluctance I nearly called this spam, but being in a nice mood i decided to reformat for you, you now owe me 10 mins of life.
     
  7. JimB

    JimB Super Moderator Most Helpful Member

    Joined:
    Sep 11, 2004
    Messages:
    6,353
    Likes:
    586
    Location:
    Peterhead, Scotland
    Don't sell yourself short there LG, you should be asking for a nice bacon roll!

    JimB
     
  8. Little Ghostman

    Little Ghostman Well-Known Member Most Helpful Member

    Joined:
    Jan 7, 2011
    Messages:
    3,737
    Likes:
    433
    Location:
    SCOTLAND
    Ok then he owes me 10 mins of life and 6 months of life for the heart attack :D.

    Dont forget the brown sauce!! none that woos red sauce
     
  9. JimB

    JimB Super Moderator Most Helpful Member

    Joined:
    Sep 11, 2004
    Messages:
    6,353
    Likes:
    586
    Location:
    Peterhead, Scotland
    Hmm...
    I am not sure that I agree with your choice there LG.

    Brown sauce is good, in fact I had some (genuine HP) with my pork chop this lunch time.

    But when it comes to bacon rolls, my preference is for no sauce, on the odd occasion I will partake of a quick dash of tomato sauce on a bacon roll, but generally I prefer them un-sauced.

    JimB
     
  10. Little Ghostman

    Little Ghostman Well-Known Member Most Helpful Member

    Joined:
    Jan 7, 2011
    Messages:
    3,737
    Likes:
    433
    Location:
    SCOTLAND
    Genuine HP!!! The choice of sauce connoisseurs. I agree with Bacon roles generally, but today I fancy a bit of a bite to my bacon butty. Normally I like them naked, or rarely with English mustard and melted blue cheese. But today its brown sauce day.
     
  11. Rich D.

    Rich D. Member

    Joined:
    Feb 3, 2014
    Messages:
    243
    Likes:
    20
    Location:
    West Chester, PA
    You got me all excited at about this point, but then went all computer-geeky on me. What about the sail boats?!
     
  12. Little Ghostman

    Little Ghostman Well-Known Member Most Helpful Member

    Joined:
    Jan 7, 2011
    Messages:
    3,737
    Likes:
    433
    Location:
    SCOTLAND
    The stuff in bold is not my post! I just reformatted the OP post and made it bold as it was a mare to read.

    Funny enough I didnt bother reading much of it. Just the security stuff and the odd bit here and there. Its written almost like spam but with less point to it.
     
  13. Rich D.

    Rich D. Member

    Joined:
    Feb 3, 2014
    Messages:
    243
    Likes:
    20
    Location:
    West Chester, PA
    I saw that massive block of words and decided not to read it.
    I scrolled down to comment on the use of paragraphs and read the reformatted version.
    I kept slogging through the read because I thought there would be more boat stuff.
    No boats, no joy.
     

Share This Page