Practical Secure Hardware Design for Embedded Systems (Part 2 of 2)
Part 1 of Joe Grand's discussion of the weaknesses of embedded security systems was posted last week. This article concludes his exploration of the vulnerabilities in such "secure" systems.
Many of the weaknesses, security vulnerabilities, and design flaws of a product are identified when analyzing the circuit board. A number of steps, both basic and advanced, can be implemented at the circuit board level to help prevent some attacks and mitigate some risk.
Simple attacks range from reading or modifying the contents of a microprocessor or memory device, to replacing components on the board. More advanced attacks involve , in which a chip package is opened, its internals accessed with semiconductor test equipment, and the internal data paths observed or manipulated; and fault-generation attacks, in which the device is operated under environmental stress conditions outside its designed operational range (such as extreme temperature, supply voltage variations and spikes, protocol violations, and partial system resets).