KEYnote 26 English - Fall 2013 | Page 7

have shown that the security promised by such systems must not be seen as the ultimate ratio. The downside of the media revelations is that potential attackers now know about new weak points to exploit. Physical separation is no protection. In any business, many different people can access control systems. Service technicians access devices right on site with their laptops. Backups of the control software and its process parameters are stored elsewhere again. Protection therefore needs to start on the target system, that is, the controls themselves. The control system must only run code and use only such configurations and parameters that have been cleared by an authorized party. Most control systems are field-upgradeable. New features can be added and errors remedied. Such updating capabilities are, however, a chink in the system’s armor, which a malevolent attacker can use to inject his own manipulated code remotely or even right on the device. To prevent this, the system needs to boot and run in a secure environment. All of its components from the bootloader up need to be cryptographically authenticated as trustworthy. This is called a secure boot. How does Secure Boot work? The individual components of the control system are signed digitally by the producer or plant engineer. But who would check which components? When and where would these checks happen? A first approach is to have each layer verify whether the next layer can be started: The bootloader checks the operating system, the operating system the run-time environment, the run-time environment the application and so on. For this chain to function, the public key must never be changed at the Why so complicated? Why not simply use a hash? Any asymmetric cryptography like ECC relies on the use of a private and a public key. This makes reversing the encryption mathematically impossible – the private key cannot be recovered from the public key. The private key is kept safe – for ideal safety, on a CodeMeter Dongle. As the name implies, the public key is available to everyone. So why use two keys? The private key is used to create a signature, which only the key holder can do. The public key then verifies the validity of the signature, but it cannot be used to create a valid signature by itself. A hash function with or without random salt , by contrast, uses the same key for creating and for verifying the hash value. This means that anybody who can test the hash can also create a valid hash. Signatures should never be substituted by hashes. The end result is only a deceptive sense of security. first layer (i.e. it needs to remain authentic). That means that the first layer must be permanent and unchangeable. It is the secure anchor of the chain. The optimum in security would be a pre-bootloader, physically built in as a systemon-chip (SOC). A cheaper alternative is to use a dual bootloader whose first part cannot be updated to offer at least adequate protection against remote threats. Is my environment safe? Additional security requirements have each layer check whether the previous layer has been processed correctly. CodeMeter offers both means – forward and backward checks. The backward check is handled by a state engine on the CmDongle and an encrypted solution coupled with that state engine. The next layer can only be decrypted once the previous layer has been processed correctly and the right state is recorded on the CmDongle. This prevents individual parts of the software from being simulated in the attacker’s lab, and it precludes any analysis of the software in the environment. Espionage becomes impossible, as does the search for possible exploits or implementation errors. The device benefits from the additional shield. Conclusions Secure boot and integrity protection that use signatures and encryption are a mainstay of all secure controls. They make physical attacks substantially more difficult and prevent virtually all cyber-physical attacks. CodeMeter offers a solution that is engineered to burrow deep into the device and requires all components to verify each other. Permissions can be defined in fine detail to match the relevant use case. CodeMeter protects – against espionage, manipulation, and sabotage. 7