Continue to Site

Welcome to our site!

Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

  • Welcome to our site! Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

Security im Embedded Systems

Status
Not open for further replies.
As IoT consists of embedded systems connected to the Internet, here the reason I am creating this thread. A couple of years ago I started experiments with RaspBerry Pis. Background information: I am a naval modeler and I am building the model of a sailboat from scratch. I also did work at US semiconductor companies, starting as it often happens as a technical person. I was hired as a Field Application Engineer for one of the 2 first processor systems for graphics. One was TI 34010, the other one I was hired for was the DP8500 from National Semiconductor. As I did loose my job when the Internet hype collapsed and later health problems made it impossible to work I did reactivate my hobby as a modeler and as my financial resources were limited I did switch from building model planes, sail planes, to naval modelling and here a sailboat. At the beginning focus was on working with wood, epoxy and fiber glass, later adding aluminium. When it came to the RC electronics I was disappointed with how electronics performed used to expand the number of channel of a transmitter and decoding this at the receiving end. So I used a AVR mega8 controller to digitize the PWM signals coming out of the receiver channels. having started to play with my own electronics I decided to switch from using a comercial winch to using a hybrid stepper motor as this offered the opportunity to implement a sheet control system to control the sails in a way much more similar to the way it was done on the original true sail boats of the J-class at the beginning of las century. I do not go into details, but my planned approach created very emotional reactions from expert model sailboat modelers on one side and of people from the physics community. The modelers claimed that friction would render my solution inoperable, while physics claimed that in the way I was planing to do it friction would be neglectable. This brought into my mind the intention to model the relevant part of the planned system as a topic of interest in itself. Well established and mature suppliers like Matlab and Simulink and Maple and MapleSim. Both products where far to expensive, as in those days there was no version for personal none comercial usage. So searching for other solutions I found Mathematica and SystemModeler and decided to buy a license for Mathematica, specially as Mathematica was offered for free running on a RaspBerry Pi. Now whoever has dealt with modeling knows that modeling and the resulting simulations are only as good as the models used. So it made sense to think about what is called "Software-in-the-Loop" and "Hardware-in-the-Loop". The goal is to verify and develop in iterations algorithms for the models that gave a best fit to experimental data. Wolfram Software just started in those days to implement the related functionality, i.e. using Teensy 3.1 and a specific protocol and a bit later the RaspBerry Pi to link Mathematica and SystemModeler to external devices, a requirement for the job required. But Wolfram and Matlab implement Models using different kind of modeling schemes. Matlab uses so called causal modeling, while Wofram and Maple offered "acausal" scheme. The difference is best described comparing the model of an electrical motor. In causal models as in Matlab and Simulink there is a fixed "direction". A tension is applied to a motor and a torque is the result. When you use this same motor as a generator, torque is the input and an electrical tension the output. In Matlab the model of such a physical motor is totally different for the 2 uses of a motor. Maple and Wolfram use the modelling language "Modelica". Here the model is the same for both uses of such a physical motor. I found the topic very interesting in itself and even found a profesor from Switzerland that uses the language Modelica to have its student model the physical tasks related to the physical topics taught. This was of big interest to me, as using modeling schemes on my sailboat project, as such a sailboat navigates in a physical environment.

So I started learning and experimenting with the RaspBerry Pi, with Linux I had not dealt with earlier and used my electronic lab, part of my workshop. So one day I found my PC rendered inoperable due to a cyber attack that used the Raspberry Pi as a port of entry infecting my PC. I need to say, that my PC is usually very well protected and kept fully up-to-date! After many intents to cure my system I decided to update my PC to Windows 10 Pro, as this was offered by Microsoft for free from my Windows 7 Ultimate 64 bits. Luckily doing so I could recover my PC and all the stuff on it. I do have a Raid 10 storage using 4 TB hard drives. So backing up an image of the system was impossible to the size of the required backup storage. Today it is possible to get multi-TB hard disks with a USB 3.0 I/F, so now I do have a backup of my Raid System! The consequence of this painful experience was that I have stopped all experiments and focused to learn about security, cryptography and to understand which kind of areas exist with their related risks. Also this proved to be a topic of interest in its own right. So all the stuff I have presented so far proved to me that my mathematical skills has eroded since I was at the university more then 3 decades ago. Also the requirements for certain mathematical, electronic and physics skills led to have me find out that many universities and specific portals offer access to university courses in many fields for free by giving access to video recordings of the lectures, access to the related reading materials and the opportunity to participate in learning groups online.

So in all this processes I met with the ARM concept of Trusted Zones as implemented in Controller IP for their 8th generation and in ARM Cortex M controllers 23 and 33. So about 2 years ago I went to the biggest embedded trade show in the world, Embedded World 2016 in Nurenberg, Germany and investigated who was available there that had knowledge of security in embedded systems. I just met 2 persons from 2 companies that had a clue what I was speaking about and the one from Renesas was probably the most knowledged person I met but said that the market in general was not willing to spend die extra cost when using specialized devices. That has changed since then and now is a hype you hear the people talk about everywhere.

The most advanced offering for secure devices is offered by former Freescale, today NXP and maybe soon Qualcomm! It is their i.MX 8 controller family. As I did work for nearly a decade for Motorola Semiconductor, the parent company to Freescale, I am aware of their focus in the automotive market and the i.MX 8 product family is tailored to fit into this market. Now their i.MX 8 product family offers functionality for a whole range of functions available in current cars and even more required in future cars. So taking advantage of all the functionality available in this controllers you need expert teams for each of the application areas involved. Companies like Volkswagen, Mercedes, BMW i.e. and Bosch as an example of a supplier to those companies can afford to have expert team for all the areas involved, makers and small companies cannot cope with this. This, to my personal believe is the reason why the i.MX 8 controllers have been announced for years approaching what is called vaporware, but until now not accesible for normal users. Now there is to be soon a so called "Automotive Grade LInux", AGL Linux version that already has all the low level drivers included, so that customers can use the i.MX 8 devices by just accessing the API for those functions. I am waiting for the makers of inexpensive boards to have them made available. So far they are only announced as being in development.

I would like to know if there are any forum members also interested in the topic of security in embedded systems and to get into an exchange of information.
 
I would read your text but such a mass with little of paragraphs is not for me. Could you edit it?
 
Realmente soy malo escribiendo. Los párrafos que ves ya son una estructura que he tratado de imponer al texto. Si el tema es de interés para tí, responde por favor.
 
Realmente soy malo escribiendo. Los párrafos que ves ya son una estructura que he tratado de imponer al texto. Si el tema es de interés para tí, responde por favor.
Spanish-->English translation.
I'm really bad writing. The paragraphs you see are already a structure that I have tried to impose on the text. If the subject is of interest to you, please respond.
 
Just on the off chance someone wants to know what the above said, here it is reformatted.


"As IoT consists of embedded systems connected to the Internet, here the reason I am creating this thread. A couple of years ago I started experiments with RaspBerry Pis. Background information: I am a naval modeler and I am building the model of a sailboat from scratch. I also did work at US semiconductor companies, starting as it often happens as a technical person. I was hired as a Field Application Engineer for one of the 2 first processor systems for graphics. One was TI 34010, the other one I was hired for was the DP8500 from National Semiconductor.

As I did loose my job when the Internet hype collapsed and later health problems made it impossible to work I did reactivate my hobby as a modeler and as my financial resources were limited I did switch from building model planes, sail planes, to naval modelling and here a sailboat. At the beginning focus was on working with wood, epoxy and fiber glass, later adding aluminum. When it came to the RC electronics I was disappointed with how electronics performed used to expand the number of channel of a transmitter and decoding this at the receiving end.

So I used a AVR mega8 controller to digitize the PWM signals coming out of the receiver channels. having started to play with my own electronics I decided to switch from using a commercial winch to using a hybrid stepper motor as this offered the opportunity to implement a sheet control system to control the sails in a way much more similar to the way it was done on the original true sail boats of the J-class at the beginning of las century.

I do not go into details, but my planned approach created very emotional reactions from expert model sailboat modelers on one side and of people from the physics community. The modelers claimed that friction would render my solution inoperable, while physics claimed that in the way I was planing to do it friction would be neglectable. This brought into my mind the intention to model the relevant part of the planned system as a topic of interest in itself. Well established and mature suppliers like Matlab and Simulink and Maple and MapleSim.

Both products where far to expensive, as in those days there was no version for personal none comercial usage. So searching for other solutions I found Mathematica and SystemModeler and decided to buy a license for Mathematica, specially as Mathematica was offered for free running on a RaspBerry Pi. Now whoever has dealt with modeling knows that modeling and the resulting simulations are only as good as the models used. So it made sense to think about what is called "Software-in-the-Loop" and "Hardware-in-the-Loop".

The goal is to verify and develop in iterations algorithms for the models that gave a best fit to experimental data. Wolfram Software just started in those days to implement the related functionality, i.e. using Teensy 3.1 and a specific protocol and a bit later the RaspBerry Pi to link Mathematica and SystemModeler to external devices, a requirement for the job required. But Wolfram and Matlab implement Models using different kind of modeling schemes.

Matlab uses so called causal modeling, while Wofram and Maple offered "acausal" scheme. The difference is best described comparing the model of an electrical motor. In causal models as in Matlab and Simulink there is a fixed "direction". A tension is applied to a motor and a torque is the result. When you use this same motor as a generator, torque is the input and an electrical tension the output. In Matlab the model of such a physical motor is totally different for the 2 uses of a motor. Maple and Wolfram use the modelling language "Modelica".

Here the model is the same for both uses of such a physical motor. I found the topic very interesting in itself and even found a profesor from Switzerland that uses the language Modelica to have its student model the physical tasks related to the physical topics taught. This was of big interest to me, as using modeling schemes on my sailboat project, as such a sailboat navigates in a physical environment.

So I started learning and experimenting with the RaspBerry Pi, with Linux I had not dealt with earlier and used my electronic lab, part of my workshop. So one day I found my PC rendered inoperable due to a cyber attack that used the Raspberry Pi as a port of entry infecting my PC. I need to say, that my PC is usually very well protected and kept fully up-to-date! After many intents to cure my system I decided to update my PC to Windows 10 Pro, as this was offered by Microsoft for free from my Windows 7 Ultimate 64 bits.Luckily doing so I could recover my PC and all the stuff on it. I do have a Raid 10 storage using 4 TB hard drives.

So backing up an image of the system was impossible to the size of the required backup storage. Today it is possible to get multi-TB hard disks with a USB 3.0 I/F, so now I do have a backup of my Raid System! The consequence of this painful experience was that I have stopped all experiments and focused to learn about security, cryptography and to understand which kind of areas exist with their related risks. Also this proved to be a topic of interest in its own right.

So all the stuff I have presented so far proved to me that my mathematical skills has eroded since I was at the university more then 3 decades ago. Also the requirements for certain mathematical, electronic and physics skills led to have me find out that many universities and specific portals offer access to university courses in many fields for free by giving access to video recordings of the lectures, access to the related reading materials and the opportunity to participate in learning groups online.

So in all this processes I met with the ARM concept of Trusted Zones as implemented in Controller IP for their 8th generation and in ARM Cortex M controllers 23 and 33. So about 2 years ago I went to the biggest embedded trade show in the world, Embedded World 2016 in Nurenberg, Germany and investigated who was available there that had knowledge of security in embedded systems. I just met 2 persons from 2 companies that had a clue what I was speaking about and the one from Renesas was probably the most knowledged person I met but said that the market in general was not willing to spend die extra cost when using specialized devices. That has changed since then and now is a hype you hear the people talk about everywhere.

The most advanced offering for secure devices is offered by former Freescale, today NXP and maybe soon Qualcomm! It is their i.MX 8 controller family. As I did work for nearly a decade for Motorola Semiconductor, the parent company to Freescale, I am aware of their focus in the automotive market and the i.MX 8 product family is tailored to fit into this market. Now their i.MX 8 product family offers functionality for a whole range of functions available in current cars and even more required in future cars.

So taking advantage of all the functionality available in this controllers you need expert teams for each of the application areas involved. Companies like Volkswagen, Mercedes, BMW i.e. and Bosch as an example of a supplier to those companies can afford to have expert team for all the areas involved, makers and small companies cannot cope with this. This, to my personal believe is the reason why the i.MX 8 controllers have been announced for years approaching what is called vaporware, but until now not accesible for normal users. Now there is to be soon a so called "Automotive Grade LInux", AGL Linux version that already has all the low level drivers included, so that customers can use the i.MX 8 devices by just accessing the API for those functions. I am waiting for the makers of inexpensive boards to have them made available. So far they are only announced as being in development.

I would like to know if there are any forum members also interested in the topic of security in embedded systems and to get into an exchange of information."


----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
The Above is the reformatted version of what the OP said.


First off, embedded world is not the place to go when talking security and IOT. Yes I know it sounds a bit stupid, but then again a double glazing convention might not be the best place to talk about locks.
A convention on locks might be better.

So does the embedded world have a lock type convention? Indeed it does, its known as Black Hat and the other major one completely escapes my memory! But its basically a poor mans Black hat convention. I hate to say this but, much of what you said is not correct. There is alot of products and techniques for security in the embedded systems world. I suggest you attend one of the two specialist conventions on security to find out about these.

Keep in mind that as long as someone has physical access to a device, there is NO SECURE way to stop someone getting into a system. many of the newer chips have ways to encrypt etc, and I doubt Linux based systems will be the way the car industry goes. Linux by default has way too much information on itself. Also there is a great deal of knowledge out there on how to 'break' into linux (etal) systems.

Never heard of the chip you mentioned and with your reluctance I nearly called this spam, but being in a nice mood i decided to reformat for you, you now owe me 10 mins of life.
 
being in a nice mood i decided to reformat for you, you now owe me 10 mins of life.
Don't sell yourself short there LG, you should be asking for a nice bacon roll!

JimB
 
Don't sell yourself short there LG, you should be asking for a nice bacon roll!

JimB
Ok then he owes me 10 mins of life and 6 months of life for the heart attack :D.

Dont forget the brown sauce!! none that woos red sauce
 
Dont forget the brown sauce!! none that woos red sauce
Hmm...
I am not sure that I agree with your choice there LG.

Brown sauce is good, in fact I had some (genuine HP) with my pork chop this lunch time.

But when it comes to bacon rolls, my preference is for no sauce, on the odd occasion I will partake of a quick dash of tomato sauce on a bacon roll, but generally I prefer them un-sauced.

JimB
 
Genuine HP!!! The choice of sauce connoisseurs. I agree with Bacon roles generally, but today I fancy a bit of a bite to my bacon butty. Normally I like them naked, or rarely with English mustard and melted blue cheese. But today its brown sauce day.
 
using a hybrid stepper motor as this offered the opportunity to implement a sheet control system to control the sails in a way much more similar to the way it was done on the original true sail boats
You got me all excited at about this point, but then went all computer-geeky on me. What about the sail boats?!
 
You got me all excited at about this point, but then went all computer-geeky on me. What about the sail boats?!
The stuff in bold is not my post! I just reformatted the OP post and made it bold as it was a mare to read.

Funny enough I didnt bother reading much of it. Just the security stuff and the odd bit here and there. Its written almost like spam but with less point to it.
 
I saw that massive block of words and decided not to read it.
I scrolled down to comment on the use of paragraphs and read the reformatted version.
I kept slogging through the read because I thought there would be more boat stuff.
No boats, no joy.
 
Status
Not open for further replies.

Latest threads

New Articles From Microcontroller Tips

Back
Top