next generation embedded systems security for iot: powered by kaspersky

NEXT-GENERATION EMBEDDED SYSTEMS SECURITY FOR IOT:

Powered by KASPERSKY SECURE OS

2

EVERYTHING WILL BE CONNECTED – WHETHER WE LIKE IT OR NOT

THE INTERNET OF THINGS – BUT WHY NOW?

AN EXPLOSION OF NETWORK POSSIBILITIES

Kaspersky Lab | Future of embedded and IoT security: Kaspersky Operating System2

BIL

LIO

NS

OF

DE

VIC

ES

50

40

30

20

10

0

90 92 94 96 98 00 02 04 06 08 10 12 14 16 1820

YEAR

1992

1,000,0002003

0.5 BILLION

2009

IoT INCEPTION

2012

8.7 BILLION

2014

14.4 BILLION

2015

18.2 BILLION

2017

28.4 BILLION2016

22.9 BILLION

2018

34.8 BILLION

2019

42.1 BILLION

2020

50.1 BILLION

2013

11.2 BILLION

1998 2001 2003 2005 2007 2009 2011

Initial WDM Deployments 8 x 2.5GB

Increased # of λ 8-40 x 2.5G

Introduction of 10GB λ

Additional λ increases

Introduction of 40GB λ

Premiere of OTN

Automatic Optical Switching

ROADM – Bandwidth Flexibility

100GB λ

FMC400GBλ

Network Evolution

1TBλ

RICH IoT DEVICES ARE THE MOST VULNERABLE

“Things”

Sensor & Actuator Processing Communication

Local Network

Gateway(s)

Wired/wireless

Power line

BAN, PAN, LAN

The Internet Back-End Services

Remote Server

User access and

control

Business Data Analysis


IoT ATTACKS

MIRAI

Mirai’s name comes from the discovered binaries having the

name “mirai.()” and was initially discovered in August 2016. It arrives

as an ELF Linux executable and focuses mainly on DVRs,

routers, web IP cameras, Linux servers, and other devices that

are running Busybox, a common tool for IoT embedded devices.

BASHLITE

Infects Linux systems in order to launch distributed denial-of-

service attacks (DDoS). In 2014 BASHLITE exploited the

Shellshock software bug to exploit devices running BusyBox.

In 2016 it was reported that one million devices have been

infected with BASHLITE.



MAIN CONSIDERATIONS FROM A CYBER SECURITY PERSPECTIVE

Human mistakes

Usage of 3rd party software

and libraries

Software Complexity

(Number of Lines of Code

increasing dramatically)

INSECURE DESIGN

VULNERABILITIES

Time to market pressure

Rapidly changing technology landscape

INSECURITY OF CONVENTIONAL OPERATING SYSTEMS


WHY CONVENTIONAL OPERATING SYSTEMS ARE DANGEROUS…

Monolithic system where any module

can call any other one

With help of exploitation of arbitrary

code execution vulnerability it is

possible to call any other module

regardless of security settings

Uncontrolled usage of 3rd party

libraries

Adversaries can get control over

whole system with help of only one

vulnerability

Poor security settings due to various

reasons (lack of expertise, other

priorities, lack of time…)

Wide attack surface

Interactive user

Device Driver

Libraries Commands Application

Programs

OS System Call Interface

…

Device Driver

Device Driver

…

Drive

r In

terf

ace

Trap Table

Monolithic Kernel Module

Process Management

Memory Management

File Management

Device Mgmt Infrastructure


THE ONLY REAL SOLUTION TO THE PROBLEM…

Create an environment that simply won't allow

the program to perform undeclared functions

and prevent exploiting of vulnerabilities.

MAIN PRINCIPLES OF SECUREOS

Secure by design system

MILS with reference monitor approach

Microkernel based

Meets specific requirements for embedded systems

SPECIFIC REQUIREMENTS FOR AN EMBEDDED OPERATING SYSTEM

SMALL SIZE AND MINIMUM RESOURCE USAGE

Most of the embedded

systems use limited

hardware resources (RAM,

ROM, CPU)

OUT OF THE BOX SECURITY –OR AS CLOSE AS POSSIBLE

Most embedded systems have

somewhat unique security

requirements. Simplicity in

security settings reduces time

to market and effort required to

roll out


STABLE FUNCTIONALITY EVEN WHEN UNDER ATTACK

One has to think about

possible threats and threat

vectors in advance – and

maintain stability throughout

COMPLIANCE WITH INDUSTRY STANDARDS

A system has to be designed

and programmed in accordance

With industrial safety and

security standards

10

KASPERSKYOS // OVERVIEW

Designed for embedded connected systems with

specific requirements for cyber security

Based on the separation kernel which guarantees the

control of all internal system communications

Behavior of every module is pre described via

security policies

Separate business applications from security (easier

to develop and support, decrease time to market,

increase security and safety)

MILS architecture

Domain separation/isolation

Flexible internal

communications control via

Kaspersky Security System

(KSS)

Kaspersky Secure OS

BENEFITS OF KASPERSKYOS

INHERENT SECURITY

KasperskyOS is an operating

system that is secure by design

and we intend to keep it that way

by using the best practices of

software development

FLEXIBLE SECURITY CONFIGURATION

Well-designed configuration tools

make it easy to create declarative rule

definitions and combinations of rules

to control interactions in the system.


VERSATILE MODULAR ARCHITECTURE

Building the system based on

loosely coupled modules helps to

minimize the amount of trusted

code and tailor each solution to

the customer’s specific needs

SEPARATION OF APPLICATION FEATURES FROM SECURITY FUNCTIONSThe security architecture is designed

to separate security functions from

application business logic, making

both configuring security policies and

developing applications easier

12

BEYOND THE OS: EMBEDDED SECURITY FOR ALL…

• Default Deny only installation mode• Low system requirements (256MB system memory)• Low traffic consumption (no regular AV updates)• No internet connection required• Executable files, DLLs, Drivers• Hash sum check, signatures check, destination check• Optional 2-layer check for whitelisted applications with Kaspersky Private

Security Network

…EVEN THOSE RUNNING LESS SECURE OPERATING SYSTEMS:

• Windows XP Embedded • Windows 2009 Embedded• Windows XP Pro• Windows 7 Embedded POSReady• Windows 7 Embedded Standard• Windows Embedded 8.0 Standard• Windows 10 IoT

Kaspersky Embedded

Systems Security

USE CASES


Telecoms and

Network

Equipment

IoT and

Industrial IoTConnected

Cars

Endpoints POS

Terminals

Linux

Systems

security

enhancement

USE CASES – General Usage IoT


Isolation of every single module

Minimization impact of vulnerabilities

Protection of sensitive data (i.e. encryption keys,

user’s data, secure storage)

Secure boot

System Security by design - the only way to secure IoT devices!

1. Smart CCTV camera (does image processing on a

device and send processed data to a server)

2. Smart hub (all sensors and end devices connected to it)

EXAMPLE

Connected to the Internet and Powerful enough

(not MCU based) devices like:

KASPERSKYOS

USE CASES – IOT FOR CONNECTED CARS


Isolation of infotainment from safety critical system

(advanced driver assistance systems, AUTOSAR)

Minimise impact of vulnerabilities in every domain

Protection of sensitive data (i.e. encryption keys, logs,

telematics data) from unauthorised access

Secure boot and protection against unauthorised

modification of firmware and software (i.e. malware

infection, unauthorised modifications)

System Security by Design

Can be used in Central gateway, Head unit or specific ECU/TCU

KASPERSKY SECURE HYPERVISOR

CONNECTED CAR MAIN INTERNAL VULNERABILITY POINTS

Head UnitECUs

Vehicle Buses

POTENTIAL THREAT VECTORS

Private Data

Key StoreH

ead

Unit

Browser

Keypad

ECU

Man-in-the-Middle

Attack

Attack from

Mobile Device

Attack on Key /

Certificate

Stores

Sniffing of

User Data

Attack from

Downloaded AppsMalware Delivery Thru

Data Storage Device

Malicious

Firmware

Update

Remote

Attack on

Vehicle Bus

Compromised

Actuator

Exploiting

Software

Vulnerabilities Operating

System

Attack on

OBD2

CONNECTED CAR SECURITY LAYERS & KL SECURITY

Car Gateway

Threat vectors KL Technologies

•Man in-The-Middle-Attack

•Attack From Downloaded Apps

Server Security,

Solutions for Data Centers,

DDoS Protection,

Security Intelligence Services (SIS)

•Sniffing of User Data

•Attack From Downloaded Apps

•Exploiting Software Vulnerabilities

Security and Vulnerability Mgmt (SVM),

IDS & IPS,

Security Intelligence Services (SIS),

Mobile SDK

•Attack from Apps in Mobile Device

•Exploiting SW Vulnerabilities

•Malicious Firmware Update

•Malware Delivery Thru Data Storage

Devices

IDS & IPS,

Security and Vulnerability Mgmt, Anti-Malware,

Security Intelligence Services (SIS), Kaspersky Secure

Hypervisor,

Kaspersky Security System (KSS), KasperskyOS

•Compromised Engine Actuator

•Attack on Vehicle Bus

Security Intelligence Services, Kaspersky Embedded

Systems Security

•Attack on Key

•Malicious Firmware Update

•Attack on Vehicle Bus

Flexible Security Policy Control Framework (KSS),

Encryption, Security Hypervisor, Security Intelligence

Services, KasperskyOS

Car Network

ECU

Car Cloud

Services

Network

Access


END-TO-END IOT SECURITY – POWERED BY KASPERSKY

IoT and Industrial IoT –

Powered By Kaspersky

Kaspersky Embedded

Systems SecurityKaspersky Secure

Operating System

Kaspersky Industrial CyberSecurity

DDoS

ProtectionSecurity Intelligence Services

20

Questions?

L. Duke Golden

Strategic Accounts Manager, DACH

[email protected]

+49 (0)151 544 39 309

www.kaspersky.com

mailto:[email protected]

next generation embedded systems security for iot: powered by kaspersky

Technology