![Show Menu](styles/mobile-menu.png)
![Page Background](./../common/page-substrates/page0042.jpg)
42 l New-Tech Magazine Europe
verybody is talking about
security these days. For the
embedded developer, getting the
system running as the marketing
specification stipulated and on time,
used to be a challenge in itself. Today,
the need to build security into every
aspect of the design, whether it is
a simple IoT sensor communicating
with a server or a more sophisticated
multicore application, requires
thought and a careful appraisal of
potential security attack points. In a
perfect world, a design could be built
from scratch with every functional
block designed and developed within
one team. However, the pressures
of time-to-market and embracing
a higher level of integration using,
for example, pre-certified and type
approved wireless modules, means
that a more holistic approach to
security needs to be considered.
When we look at, for example, an IoT
sensor using a microcontroller and a
wireless module, it is necessary to
establish a chain of trust, from the
sensor to the host, via the wireless
antenna to the end application.
Building a secure solution requires a
holistic viewpoint to take into account
all the technical and operation
aspects of the system components
and is not only limited to the wireless
communication. The application
might also encompass and utilise
GNSS positional data, which has its
own security consideration.
One potential approach to
implementing the chain of trust is
to divide it into a number of trusted
domains. By investigating the
fundamental methods necessary to
protect each domain, the following
define the areas of potential attack;
device firmware, communications
to the server, interface security,
enforcing API control and robustness
that includes handling spoofing/
jamming.
Ensuring that your device is
executing the code it should be
requires a secure boot method to
be implemented. When booting the
system, it is crucial that each stage
is authenticated prior to booting
the next set of processes. When
reviewing firmware security you also
need to be mindful of how it might
be updated. For many physically
E
Establishing a Chain of Trust
Pascal Herczog, u-blox