Embedded Systems Security

Practical Methods for Safe and Secure Software and Systems Development

By: David Kleidermacher

Write A Review

Paperback | 16 March 2012

At a Glance

Paperback
416 Pages

Dimensions(cm)
24.13 x 19.68 x 2.54

Paperback

RRP $101.95

$93.75

or 4 interest-free payments of $23.44 with

Ships in 5 to 7 business days

The ultimate resource for making embedded systems reliable, safe, and secure

Embedded Systems Security provides:

A broad understanding of security principles, concerns, and technologies

Proven techniques for the efficient development of safe and secure embedded software

A study of the system architectures, operating systems and hypervisors, networking, storage, and cryptographic issues that must be considered when designing secure embedded systems

Nuggets of practical advice and numerous case studies throughout

Written by leading authorities in the field with 65 years of embedded security experience: one of the original developers of the world's only Common Criteria EAL 6+ security certified software product and a lead designer of NSA certified cryptographic systems.

This book is indispensable for embedded systems and security professionals, new and experienced.

An important contribution to the understanding of the security of embedded systems. The Kleidermachers are experts in their field. As the Internet of things becomes reality, this book helps business and technology management as well as engineers understand the importance of "security from scratch." This book, with its examples and key points, can help bring more secure, robust systems to the market.

Dr. Joerg Borchert, Vice President, Chip Card & Security, Infineon Technologies North America Corp.; President and Chairman, Trusted Computing Group

Embedded Systems Security provides real-world examples of risk and exploitation; most importantly the book offers clear insight into methods used to counter vulnerabilities to build true, native security into technology.

Adriel Desautels, President and CTO, Netragard, LLC.

Security of embedded systems is more important than ever. The growth in networking is just one reason. However, many embedded systems developers have insufficient knowledge of how to achieve security in their systems. David Kleidermacher, a world-renowned expert in this field, shares in this book his knowledge and long experience with other engineers. A very important book at the right time.

Prof. Dr.-Ing. Matthias Sturm, Leipzig University of Applied Sciences; Chairman, Embedded World Conference steering board

Gain an understanding of the operating systems, microprocessors, and network security critical issues that must be considered when designing secure embedded systems
Contains nuggets of practical and simple advice on critical issues highlighted throughout the text
Short and to -the- point real case studies included to demonstrate embedded systems security in practice

Industry Reviews

"The illustrations are a very strong part of this book. They are well conceived, always to the point, and in color. One interesting editorial feature is the so-called 'Key Points,' boxes that interrupt the text with a framed statement emphasizing a single important aspect. In addition, the book has very good bibliographical notes, which are extremely rare in this type of publication. Each chapter is followed by an extensive list of relevant citations, often with accompanying explanations.Overall, the book is very enlightening and engineers can learn a lot from it."--Computing Reviews.com, December 28, 2012 "Embedded Systems Security provides real-world examples of risk and exploitation; most importantly the book offers clear insight into methods used to counter vulnerabilities to build true, native security into technology."--Adriel Desautels, President and CTO, Netragard, LLC "Written by leading authorities on security in embedded systems (a lead designer of an NSA certified cryptographic system and a lead developer on the single highest rated software product in the Common Criteria security certification rating system), this book provides an overview of security principles, vulnerability concerns and applicable technologies. Real world examples of system weakness and exploitation illustrate the need for security in development and give practical advice for effective techniques to counteract threats. Areas addressed include data protection protocols, emerging embedded systems, networking, cryptography, system architecture, hypervisors, operating systems and storage."--Reference and Research Book News, August 2012, page 186

Shipping

	Standard Shipping	Express Shipping
Metro postcodes:	$9.99	$14.95
Regional postcodes:	$9.99	$14.95
Rural postcodes:	$9.99	$14.95

Orders over $79.00 qualify for free shipping.

How to return your order

At Booktopia, we offer hassle-free returns in accordance with our returns policy. If you wish to return an item, please get in touch with Booktopia Customer Care.

Additional postage charges may be applicable.

Defective items

If there is a problem with any of the items received for your order then the Booktopia Customer Care team is ready to assist you.

For more info please visit our Help Centre.

Foreword	p. xi
Preface	p. xiii
Acknowledgements	p. xix
Introduction to Embedded Systems Security	p. 1
What is Security?	p. 1
What is an Embedded System?	p. 2
Embedded Security Trends	p. 4
Embedded Systems Complexity	p. 4
Network Connectivity	p. 12
Reliance on Embedded Systems for Critical Infrastructure	p. 14
Sophisticated Attackers	p. 15
Processor Consolidation	p. 16
Security Policies	p. 18
Perfect Security	p. 18
Confidentiality, Integrity, and Availability	p. 18
Isolation	p. 19
Information Flow Control	p. 20
Physical Security Policies	p. 21
Apphcation-Specific Policies	p. 21
Security Threats	p. 22
Case Study: VxWorks Debug Port Vulnerability	p. 22
Wrap-up	p. 23
Key Points	p. 23
Bibliography and Notes	p. 24
Systems Software Considerations	p. 25
The Role of the Operating System	p. 26
Multiple Independent Levels of Security	p. 27
Information Flow	p. 27
Data Isolation	p. 27
Damage Limitation	p. 28
Periods Processing	p. 28
Always Invoked	p. 29
Tamper Proof	p. 29
Evaluable	p. 29
Microkernel versus Monolith	p. 31
Case Study: The Duqu Virus	p. 34
Core Embedded Operating System Security Requirements	p. 34
Memory Protection	p. 34
Virtual Memory	p. 35
Fault Recovery	p. 37
Guaranteed Resources	p. 38
Virtual Device Drivers	p. 41
Impact of Determinism	p. 42
Secure Scheduling	p. 45
Access Control and Capabilities	p. 46
Case Study: Secure Web Browser	p. 47
Granularity versus Simplicity of Access Controls	p. 49
Whitelists versus Blacklists	p. 51
Confused Deputy Problem	p. 53
Capabilities versus Access Control Lists	p. 53
Capability Confinement and Revocation	p. 58
Secure Design Using Capabilities	p. 60
Hypervisors and System Virtualization	p. 61
Introduction to System Virtualization	p. 64
Applications of System Virtualization	p. 65
Environment Sandboxing	p. 65
Virtual Security Appliances	p. 65
Hypervisor Architectures	p. 66
Paravirtualization	p. 69
Leveraging Hardware Assists for Virtualization	p. 70
Hypervisor Security	p. 73
I/O Virtualization	p. 74
The Need for Shared I/O	p. 75
Emulation	p. 75
Pass-through	p. 76
Shared IOMMU	p. 78
IOMMUs and Virtual Device Drivers	p. 78
Secure I/O Virtualization within Microkernels	p. 79
Remote Management	p. 80
Security Implications	p. 81
Assuring Integrity of the TCB	p. 83
Trusted Hardware and Supply Chain	p. 83
Secure Boot	p. 84
Static versus Dynamic Root of Trust	p. 84
Remote Attestation	p. 87
Key Points	p. 88
Bibliography and Notes	p. 90
Secure Embedded Software Development	p. 93
Introduction to PHASE-Principles of High-Assurance Software Engineering	p. 94
Minimal Implementation	p. 95
Component Architecture	p. 96
Runtime Componentization	p. 98
A Note on Processes versus Threads	p. 99
Least Privilege	p. 100
Secure Development Process	p. 100
Change Management	p. 101
Peer Reviews	p. 101
Development Tool Security	p. 104
Secure Coding	p. 107
Software Testing and Verification	p. 146
Development Process Efficiency	p. 154
Independent Expert Validation	p. 156
Common Criteria	p. 157
Case Study: Operating System Protection Profiles	p. 160
Case Study: HAWS-High-Assurance Web Server	p. 165
Minimal Implementation	p. 166
Component Architecture	p. 168
Least Privilege	p. 168
Secure Development Process	p. 169
Independent Expert Validation	p. 169
Model-Driven Design	p. 169
Introduction to MDD	p. 170
Executable Models	p. 174
Modeling Languages	p. 177
Types of MDD Platforms	p. 182
Case Study: A Digital Pathology Scanner	p. 183
Selecting an MDD Platform	p. 191
Using MDD in Safety-and Security-Critical Systems	p. 201
Key Points	p. 202
Bibliography and Notes	p. 206
Embedded Cryptography	p. 209
Introduction	p. 210
U.S. Government Cryptographic Guidance	p. 211
NSA Suite B	p. 212
The One-Time Pad	p. 213
Cryptographic Synchronization	p. 222
Cryptographic Modes	p. 224
Output Feedback	p. 224
Cipher Feedback	p. 225
OFB with CFB Protection	p. 226
Traffic Flow Security	p. 227
Counter Mode	p. 227
Block Ciphers	p. 228
Additional Cryptographic Block Cipher Modes	p. 231
Authenticated Encryption	p. 232
CCM	p. 233
Galois Counter Mode	p. 233
Public Key Cryptography	p. 233
RSA	p. 236
Equivalent Key Strength	p. 236
Trapdoor Construction	p. 238
Key Agreement	p. 239
Man-in-the-Middle Attack on Diffie-Hellman	p. 241
Public Key Authentication	p. 241
Certificate Types	p. 242
Elliptic Curve Cryptography	p. 244
Elliptic Curve Digital Signatures	p. 245
Elliptic Curve Anonymous Key Agreement	p. 245
Cryptographic Hashes	p. 245
Secure Hash Algorithm	p. 246
MMO	p. 247
Message Authentication Codes	p. 248
Random Number Generation	p. 248
True Random Number Generation	p. 249
Pseudo-Random Number Generation	p. 254
Key Management for Embedded Systems	p. 256
Case Study: The Walker Spy Case	p. 257
Key Management-Generalized Model	p. 258
Key Management Case Studies	p. 264
Cryptographic Certifications	p. 277
FIPS 140-2 Certification	p. 277
NSA Certification	p. 280
Key Points	p. 285
Bibliography and Notes	p. 287
Data Protection Protocols for Embedded Systems	p. 289
Introduction	p. 290
Data-in-Motion Protocols	p. 291
Generalized Model	p. 291
Choosing the Network Layer for Security	p. 296
Ethernet Security Protocols	p. 301
BPsec versus SSL	p. 303
IPsec	p. 310
SSL/TLS	p. 313
Embedded VPN Clients	p. 315
DTLS	p. 315
SSH	p. 316
Custom Network Security Protocols	p. 319
Application of Cryptography within Network Security Protocols	p. 319
Secure Multimedia Protocols	p. 320
Broadcast Security	p. 324
Data-at-Rest Protocols	p. 330
Choosing the Storage Layer for Security	p. 332
Symmetric Encryption Algorithm Selection	p. 334
Managing the Storage Encryption Key	p. 348
Advanced Threats to Data Encryption Solutions	p. 340
Key Points	p. 342
Bibliography and Notes	p. 345
Emerging Applications	p. 349
Embedded Network Transactions	p. 350
Anatomy of a Network Transaction	p. 351
State of Insecurity	p. 351
Network-based Transaction Threats	p. 352
Modern Attempts to Improve Network Transaction Security	p. 355
Trustworthy Embedded Transaction Architecture	p. 362
Automotive Security	p. 366
Vehicular Security Threats and Mitigations	p. 366
Secure Android	p. 369
Android Security Retrospective	p. 371
Android Device Rooting	p. 371
Mobile Phone Data Protection: A Case Study of Defense-in-Depth	p. 372
Android Sandboxing Approaches	p. 373
Next-Generation Software-Defined Radio	p. 380
Red-Black Separation	p. 380
Software-Defined Radio Architecture	p. 381
Enter Linux	p. 382
Multi-Domain Radio	p. 383
Key Points	p. 385
Bibliography and Notes	p. 386
Index	p. 389
Table of Contents provided by Ingram. All Rights Reserved.

Embedded Systems Security

Practical Methods for Safe and Secure Software and Systems Development

At a Glance

Paperback

Industry Reviews

Shipping

How to return your order

Defective items

You Can Find This Book In

More in Design, Industrial & Commercial Arts, Illustration

The Curious Collections Sticker Book

Ransom Note Sticker Book

New Again

100+ projects and ideas to reimagine your furniture and decor

A Guide to Regency Dress

from Corsets and Breeches to Bonnets and Muslins

Mortal Kombat: Flawless Victory

A Visual History of the Iconic Series

Asterix

Asterix Gift Edition: Albums 6-10: Asterix and Cleopatra, Asterix and the Big Fight, Asterix in Britain, Asterix and the Normans, Asterix the Legionary

Foundations

Timeless Design That Feels Personal

Cozy Bookshops

Colouring Book

The Art of Witch Hat Atelier

Big Panda and Tiny Dragon

The beautifully illustrated novel about friendship and hope

The Animator's Survival Kit

A Manual of Methods, Principles and Formulas for Classical, Computer, Games, Stop Motion and Internet Animators

The Fashion of Clueless

Fashion Critical

Red carpet lewks and LOLs from an undercover fashion critic

A Beautiful World

The Rolex Legacy

The history of Rolex through 120 seminal and rare watches

Mid-Century Modern Designers

Dopamine Home

A bold guide to mood-boosting interiors

Sneaker Freaker. The Ultimate Sneaker Book. 45th Ed.

Sneaker Freaker

How To Build A Car

The Autobiography of the World's Greatest Formula 1 Designer

Claris: Fashion Show Fiasco

Claris: The Chicest Mouse in Paris

The Book of Kells

Unlocking the Enigma

Lost Ocean

An Inky Adventure & Colouring Book

The Design of Everyday Things

Revised and Expanded Edition

The Art of Princess Mononoke

A Film by Hayao Miyazaki

The Cat Who Taught Zen

The beautifully illustrated new tale from the bestselling author of Big Panda and Tiny Dragon

This product is categorised by