This chapter is about applying the aforementioned security engineering process and services. It shows an excerpt of specific technical security aspects that we typically work on and tailor to the technical as well as non-technical objectives of our customers.
Risk analysis is crucial to identifying the security mechanisms that are actually worth investing in. There are many risk assessment methods on the market that are structured around a trade-off between the effort that is required to model the system and the accuracy of results.
Attacks that survive a reboot of a control system can be used by attackers for a variety of purposes, including tuning and exploration of whether additional system components can be attacked.
A system update feature is a double-edged sword. On the one hand, an update functionality is crucial to be able to patch newly identified vulnerabilities in a connected world.
Diagnostic capabilities are an essential feature of any ECU, no matter if in the development or out in the field.
“Defense-in-Depth” is an important paradigm of modern security architectures. In simple words it means “Security mechanisms can fail, so do not trust single mechanisms.”
Cryptographic communication protocols are omnipresent in the connected world of today. Examples include pairing of smart devices, over-the-air updates and diagnostic access.
Key management is the foundation of most security concepts. Regardless of whether a Secure Boot concept has to be established or updates have to be secured, cryptographically strong keys are necessary and have to be managed.
Hardware Security Modules (HSMs), ARM Trustzone and Trusted Platform Modules (TPMs) are hardware enclaves that are separated from the much more complex and potentially vulnerable main system.
A common goal is to reduce the physical complexity of, for example, a car network and all its attached systems. In order to achieve that goal, fewer but more powerful processors must be utilized that, in turn, handle many different tasks at once.
Intrusion detection systems (IDS) are the “immune system” of products that enable companies to detect and be able to react to attacks that are in progress.
Theft of intellectual property and product counterfeiting has continuously increased in recent years. As product counterfeits have a direct impact on revenue and constitutes a risk to return-on-investment calculations, preventing it is one of the top priorities with most of our customers.
In the Internet-of-Things, embedded systems are often connected with a backend that is hosted in the cloud. This leads to a system that includes embedded devices as well as a communication channel and an IT backend.
AUTOSAR is a standard for modern vehicle E/E architectures that can be applied to embedded control units (classic AUTOSAR) and vehicle computers (adaptive AUTOSAR). AUTOSAR can be applied in the Automotive domain, to off-highway machines and sometimes even to medical equipment.
Risk analysis is crucial to identifying the security mechanisms that are actually worth investing in. There are many risk assessment methods on the market that are structured around a trade-off between the effort that is required to model the system and the accuracy of results.
Attacks that survive a reboot of a control system can be used by attackers for a variety of purposes. This includes tuning and exploration of whether additional system components can be attacked.
A system update feature is a double-edged sword. On the one hand, an update functionality is crucial to be able to patch newly identified vulnerabilities in a connected world.
Diagnostic capabilities are an essential feature of any ECU, no matter if in the development or out in the field.
“Defense-in-Depth” is an important paradigm of modern security architectures. In simple words it means “Security mechanisms can fail, so do not trust single mechanisms.”
Cryptographic communication protocols are omnipresent in the connected world of today. Examples include pairing of smart devices, over-the-air updates and diagnostic access.
Key management is the foundation of most security concepts. Regardless of whether a Secure Boot concept has to be established or updates have to be secured, cryptographically strong keys are necessary and have to be managed.
Hardware Security Modules (HSMs), ARM Trustzone and Trusted Platform Modules (TPMs) are hardware enclaves that are separated from the much more complex and potentially vulnerable main system.
A common goal is to reduce the physical complexity of, for example, a car network and all its attached systems. In order to achieve that goal, fewer but more powerful processors must be utilized that, in turn, handle many different tasks at once.
Intrusion detection systems (IDS) are the “immune system” of products that enable companies to detect and be able to react to attacks that are in progress.
Theft of intellectual property and product counterfeiting has continuously increased in recent years. As product counterfeits have a direct impact on revenue and constitutes a risk to return-on-investment calculations. Preventing it is one of the top priorities with most of our customers.
In the Internet-of-Things, embedded systems are often connected with a backend that is hosted in the cloud. This leads to a system that includes embedded devices as well as a communication channel and an IT backend.
AUTOSAR is a standard for modern vehicle E/E architectures. That can be applied to embedded control units (classic AUTOSAR) and vehicle computers (adaptive AUTOSAR). AUTOSAR can be applied in the Automotive domain, to off-highway machines and sometimes even to medical equipment.
