Embedded computing systems are everywhere these days. Unlike a traditional PC or laptop, embedded systems are computer-based systems designed to work hidden (embedded) in everyday equipment and devices. They transmit data between your mobile phone and the mobile network, they manage your home internet connection and prevent network attacks, they control the traffic lights on your street; they're in airplanes, cars, even power stations and energy-saving smart electricity grids. But as more embedded systems are used in devices that are always turned on and always connected to the internet, they are also becoming increasingly vulnerable to being hacked or infected with viruses and other malicious software (malware).
Mobile botnets, created by malware operating on thousands of infected smart phones, are not just a nightmare scenario but a reality today. They can be used to steal personal information or to make unwanted calls and data communications, costing users and service providers millions. And there can be even more serious consequences.
'Take the Stuxnet attack: that was a prime example of the vulnerabilities of embedded systems,' says Klaus-Michael Koch, the head of Austrian technology group Technikon.
Stuxnet, a highly advanced computer worm discovered last year, specifically targeted Siemens industrial software assumed to be used in nuclear fuel enrichment plants.
'Whereas previously a lot of embedded systems were used in “always-on” devices, now they are being used for applications for which they always have to be online,' Mr Koch adds. 'It is a situation that, from a security and safety perspective, desperately needs to be addressed.'
Technikon coordinated a 10-member European consortium in an industry-focused project called 'Trusted embedded computing' (TECOM), which with significant funding from the European Commission, set out to greatly advance security and trust in embedded systems. To do so, the team adapted 'Trusted computing' (TC) techniques originally developed for PCs and servers for embedded systems.
'There are different ways to secure embedded systems, but the methods we used provide the highest possible level of security available today,' Mr Koch says.
Trusted computing uses both hardware and software to create a trusted and secure environment and to verify system integrity, unlike traditional security technology that operates only at the software level and is therefore more vulnerable to being hacked, infected or tampered with.
At the core of the technology is the 'Trusted platform module' (TPM), a chip that, among other security-boosting features, generates and manages cryptographic keys, verifies the identity of the device and checks software and data integrity in order to detect changes. Through a process known as 'virtualisation', it also allows different pieces of software and data to be compartmentalised, so there is no exchange or transfer of attack vectors between them even as they share the same computing and/or network resources.
The TECOM researchers built on work carried out in a previous EU-funded project, OpenTC, which developed open source TC technology for PCs and servers.
'In TECOM we have taken the technology we developed in OpenTC and adapted it for an embedded environment, which in many ways is much more complex,' Mr Koch explains.
The TECOM researchers had to strip down the TPM implementation to reduce the length of the code and hence energy use - crucial for mobile devices - and develop new interfaces suitable for embedded systems. They also adapted it to function with widely used hardware/infrastructure developed by ARM, which is employed in many different devices, including smart phones, games consoles and navigation tools.
Greater trust: from smart phones to smart grids
The technology was validated and demonstrated in a range of prototype applications. Implementations with a Nokia smart phone or an Android operating system showed how TC features could be used to send secure, digitally signed SMS messages, with each party knowing that the message is authentic and has not been tampered with.
'This could open up a whole new market for secure contracts and signatures via SMS,' Mr Koch notes.
Also for smart phones, the team developed a 'dialling firewall' to stop applications from dialling out or using data communications services without the user's consent. Using TrustZone virtualisation technology running on an Android operating system inside a virtual machine environment, outgoing communications are first checked against a white list and the user asked to agree to the application making the call. Because it operates separately from Android, the security system continues to function even if the operating system is compromised.
'Given that users are downloading thousands of apps for their smart phones these days, and are not always sure about what they contain, this is a very useful feature,' Mr Koch notes. 'I wouldn't be surprised if some of the partners who work in the mobile industry start to commercialise this very soon.'
Besides smart phones, the TECOM team also looked at some of the other sectors where TC for embedded systems could be employed. They demonstrated their technology for trusted communications over 'Virtual private networks' (VPNs), which could be used between company offices or between different networked devices. And they developed a 'trusted meter' for monitoring electricity consumption.
'This is a key field. Smart meters and smart grids, which closely monitor energy use and can turn on or off devices depending on power demands and needs, are crucial for saving energy and are already being rolled out. But if these networked embedded systems are compromised, it could knock out power to whole areas,' Mr Koch explains.
TECOM's trusted meter uses TC technology to verify that meter readings from different sources are authentic and have not been tampered with, while also ensuring that data on consumption and user behaviour is kept private when sent over the network.
'The range of applications for TC in embedded systems is huge. In TECOM, we have built the technological framework that makes implementing this technology possible, and we have shown how it can work,' Mr Koch says.
The project partners plan to release an open source development platform so anyone can develop applications for the technology.
'Over the coming years, we will start to see this in use in many different environments. Companies are extremely interested in it. The change probably won't be very visible to the public at large, but it will ensure that the devices people use in their everyday lives are more secure and reliable,' Mr Koch concludes.
The TECOM project received EUR 6.14 million (of project total EUR 9.02 million) in research funding under the EU's Seventh Framework Programme, 'Secure, dependable and trusted infrastructures' sub-programme.