SoC design teams fill a mission-critical role in ensuring cyber-physical safety and security for electrical and electronic systems that are connected to the internet. The requirements and tools available to achieve this goal are ever shifting, but we can be fairly sure that traditional software-only security measures are unlikely to be sufficient; a new class of hardware-level monitoring is also needed.
We lay out this case in detail in our new technical paper Cybersecurity: the case for hardware-based threat detection and mitigation, and highlight some of the concepts here.
Emerging standards and legislation
The focus on cybersecurity is leading to changes in working practices for several reasons:
- Concern over legal liability if systems are compromised in a way that leads to loss, death, or injury. New standards like ISO/SAE 21434 and ISA/IEC 62443 attempt to outline the correct approach.
- Changes in legislation. The United Nations Economic Commission for Europe (UNECE) has proposed regulations for connected and autonomous vehicles, WP.29/GRVA, that will be adopted by more than 60 countries around the world, including all EU states. The legislation promotes a shift in approach to cybersecurity for automotive systems from reacting to known attacks with bug fixes and updates, to one based on preventive measures.
- Financial. The cost of product recalls for situations where in-the-field updates cannot be achieved saps profitability and reduces the value of a brand in the marketplace. The best way of avoiding these burdens is to deal with cybersecurity issues at design time.
Taking a product lifecycle view of cybersecurity
Securing products containing cyber-physical systems calls for lifecycle management most obviously because in-the-field updates will be vital to ensure that bugs and weaknesses can be patched.
We need a coherent infrastructure that can support the monitoring and control of cybersecurity in deployed systems throughout the operational lifetime of the product. Such an infrastructure should be able to monitor in detail what is happening in the electronics system and automatically check to ensure that operations comply with specifications and rules that support a secure system. At a minimum, operations that contravene those rules are reported and logged. In many cases, it will be important that the attempted accesses are blocked in a way that does not alert attackers to the nature of the defenses being used. While software is an important part of this infrastructure, stopping attacks to the software itself requires monitoring at the hardware level.
Embedded Analytics: a platform for hardware-based system security
Monitoring infrastructure must be able to observe the behavior of the system’s interconnects and buses, as well as the processor cores themselves, while also being secured from unauthorized access. The Embedded Analytics platform from Siemens Digital Industries Software provides a unique combination of system- and hardware-level visibility as well as both active and passive security features and total independence from system functions and resources.
With a unique range of hardware-based security functionality, the Embedded Analytics platform can enable manufacturers of cyberphysical systems to meet security requirements, today and into the future.
We go into more details about the Embedded Analytics platform in our technical paper Cybersecurity: the case for hardware-based threat detection and mitigation.
Embedded Analytics, though, with its IP-based monitors that inspect and report on-chip activity, also need extension to provide hardware-based security responses to transactions at hardware speeds. For that, we developed the Bus Sentry. By implementing a set of security rules at the interconnect transaction level, the Bus Sentry can stop malicious activity in its tracks.
With Bus Sentry implemented in critical systems, other mechanisms for ensuring security become practical, going way beyond what is possible with purely design- or specification-based security countermeasures. An approach based on Embedded Analytics and a security island enables adaptive defense: rules and countermeasures can evolve during the lifetime of the system, based on learning gathered from a whole fleet of systems.
Advanced on-chip cyber threat mitigation
There are many forms of attack that do not have clear- cut rules associated with them, but which can be learned, detected, and mitigated using an Embedded Analytics security platform. These include:
- Side-channel and denial-of-service attacks
- Using digital signatures
- Statistical anomalies
- Forensic analysis
We expand on these topics in the technical paper. Cybersecurity: the case for hardware-based threat detection and mitigation.
By implementing the hardware-based security features of the Embedded Analytics platform – responsive security IP, a unique range of on-chip monitors, a secure message infrastructure, and advanced threat mitigation enabled by combining the Embedded SDK with on- and off-chip analytics – mission-critical systems can be secured, by design, through their full lifecycle.