Practical Embedded Security

The great strides made over the past decade in the complexity and network functionality of embedded systems have significantly enhanced their attractiveness for use in critical applications such as medical devices and military communications. However, this expansion into critical areas has presented embedded engineers with a serious new problem: their designs are now being targeted by the same malicious attackers whose predations have plagued traditional systems for years. Rising concerns about data security in embedded devices are leading engineers to pay more attention to security assurance in their designs than ever before. This is particularly challenging due to embedded devices’ inherent resource constraints such as limited power and memory. Therefore, traditional security solutions must be customized to fit their profile, and entirely new security concepts must be explored. However, there are few resources available to help engineers understand how to implement security measures within the unique embedded context. This new book from embedded security expert Timothy Stapko is the first to provide engineers with a comprehensive guide to this pivotal topic. From a brief review of basic security concepts, through clear explanations of complex issues such as choosing the best cryptographic algorithms for embedded utilization, the reader is provided with all the information needed to successfully produce safe, secure embedded devices.

• The ONLY book dedicated to a comprehensive coverage of embedded security!
• Covers both hardware- and software-based embedded security solutions for preventing and dealing with attacks
• Application case studies support practical explanations of all key topics, including network protocols, wireless and cellular communications, languages (Java and C/++), compilers, web-based interfaces, cryptography, and an entire section on SSL

Embedded System Developers, Designers, Programmers and Engineers; Software, Firmware and System Developers, Designers, Programmers, and Engineers. Engineering Managers, Students in advanced courses on embedded system design topics

Preface

Chapter 1: Computer Security Introduction and Review

What Is Security?

What Can We Do?

Access Control and the Origins of Computer Security Theory

Security Policies

Cryptography

Data Integrity and Authentication

Wrap-Up

Recommended Reading

Chapter 2: Network Communications Protocols and Built-in Security

Low-Level Communications

Transport and Internet Layer Protocols

Other Network Protocols

Wrap-Up: Network Communications

Chapter 3: Security Protocols and Algorithms

Protocol Madness

Standardizing Security—A Brief History

Standardized Security in Practice

Cryptography and Protocols

Other Security Protocols

Chapter 4: The Secure Sockets Layer

SSL History

Pesky PKI

PKI Alternatives

SSL Under the Hood

The SSL Session

SSL in Practice

Wrap-Up

Chapter 5: Embedded Security

Networked Embedded Systems and Resource Constraints

Embedded Security Design

The KISS Principle

Modularity Is Key

Pick and Pull

Justification

Wrap-Up

Chapter 6: Wireless

Wireless Technologies

Bluetooth

ZigBee

Wireless Technologies and the Future

Wrap-Up

Chapter 7: Application-Layer and Client/Server Protocols

Introduction

The World Wide Web

Web-Based Interfaces

Server-Side HTTP Web Interfaces

HTTP Client Web Interfaces

Combination Client/Server HTTP Applications

Console Applications

File Transfer Protocol

Email, DNS, DHCP, and SNMP

Wrap-Up

Chapter 8: Choosing and Optimizing Cryptographic Algorithms for Resource-Constrained Systems

Do We Need Cryptography?

Hashing–Low Security, High Performance

To Optimize or Not to Optimize …

Choosing Cryptographic Algorithms

Tailoring Security for Your Application

Wrap-Up

Chapter 9: Hardware-Based Security

High Performance in Silicon

Wrap-Up: Security and Hardware

Chapter 10: Conclusion—Miscellaneous Security Issues and the Future of Embedded Applications Security

Programming Languages and Security

Dealing with Attacks

The Future of Security

Wrap-Up

Chapter 11: PIC Case Study

Microchip PIC with Ethernet Controller

PIC Example Application—Secure LED Blinking

Chapter 12: Rabbit Case Study

Rabbit 4000 CPU with Dynamic C

The History of Rabbit

Software on the Rabbit

Rabbit Case Study—Internet Enabled Vending Machine

Putting It All Together

The PC Side

Wrap-Up: A Secure Rabbit

Source Listings

Index