Embedded Security (EE Tip #139)

Embedded security is one of the most important topics in our industry. You could build an amazing microcontroller-based design, but if it is vulnerable to attack, it could become useless or even a liability.  EmbeddSecurity

Virginia Tech professor Patrick Schaumont explains, “perfect embedded security cannot exist. Attackers have a wide variety of techniques at their disposal, ranging from analysis to reverse engineering. When attackers get their hands on your embedded system, it is only a matter of time and sufficient eyeballs before someone finds a flaw and exploits it.”

So, what can you do? In CC25, Patrick Schaumont provided some tips:

As design engineers, we should understand what can and what cannot be done. If we understand the risks, we can create designs that give the best possible protection at a given level of complexity. Think about the following four observations before you start designing an embedded security implementation.

First, you have to understand the threats that you are facing. If you don’t have a threat model, it makes no sense to design a protection—there’s no threat! A threat model for an embedded system will specify what can attacker can and cannot do. Can she probe components? Control the power supply? Control the inputs of the design? The more precisely you specify the threats, the more robust your defenses will be. Realize that perfect security does not exist, so it doesn’t make sense to try to achieve it. Instead, focus on the threats you are willing to deal with.

Second, make a distinction between what you trust and what you cannot trust. In terms of building protections, you only need to worry about what you don’t trust. The boundary between what you trust and what you don’t trust is suitably called the trust boundary. While trust boundaries were originally logical boundaries in software systems, they also have a physical meaning in embedded context. For example, let’s say that you define the trust boundary to be at the chip package level of a microcontroller.

This implies that you’re assuming an attacker will get as close to the chip as the package pins, but not closer. With such a trust boundary, your defenses should focus on off-chip communication. If there’s nothing or no one to trust, then you’re in trouble. It’s not possible to build a secure solution without trust.

Third, security has a cost. You cannot get it for free. Security has a cost in resources and energy. In a resource-limited embedded system, this means that security will always be in competition with other system features in terms of resources. And because security is typically designed to prevent bad things from happening rather than to enable good things, it may be a difficult trade-off. In feature-rich consumer devices, security may not be a feature for which a customer is willing to pay extra. The fourth observation, and maybe the most important one, is to realize is that you’re not alone. There are many things to learn from conferences, books, and magazines. Don’t invent your own security. Adapt standards and proven techniques. Learn about the experiences of other designers. The following examples are good starting points for learning about current concerns and issues in embedded security.

Security is a complex field with many different dimensions. I find it very helpful to have several reference works close by to help me navigate the steps of building any type of security service.

Schaumont suggested the following useful resources:

Prototyping for Engineers (EE Tip #111)

Prototyping is an essential part of engineering. Whether you’re working on a complicated embedded system or a simple blinking LED project, building a prototype can save you a lot of time, money, and hassle in the long run. You can choose one of three basic styles of prototyping: solderless breadboard, perfboard, and manufactured PCB. Your project goals, your schedule, and your circuit’s complexity are variables that will influence your choice. (I am not including styles like flying leads and wire-wrapping.)PrototypeTable

Table 1 details the pros and cons associated with each of the three prototyping options. Imagine a nifty circuit caught your eye and you want to explore it. If it’s a simple circuit, you can use the solderless breadboard (“white blob”) approach. White blobs come in a variety of sizes and patterns. By “pattern” I mean the number of the solderless connectors and their layout. Each connector is a group (usually five) of tie points placed on 0.1″ centers. Photo 1 shows how these small strips are typically arranged beneath the surface.Prototype p1-4

Following the schematic, you use the tie points to connect up to five components’ leads together. Each tie point is a tiny metal pincer that grips (almost) any lead plugged into it. You can use small wires to connect multiple tie points together or to connect larger external parts (see Photo 2).

If you want something a bit more permanent, you might choose to use the perfboard (“Swiss cheese”) approach. Like the solderless breadboards, perfboards are available in many sizes and patterns; however, I prefer the one-hole/ pad variety (see Photo 3). You can often find perfboards from enclosure manufacturers that are sized to fit the enclosures (see Photo 4).

There is nothing worse than wiring a prototype PCB and finding there isn’t enough room for all your parts. So, it pays to draw a part layout before you get started just to make sure everything fits. While I’m at it, I’ll add my 2¢ about schematic and layout programs.

The staff at Circuit Cellar uses CadSoft EAGLE design software for drawing schematics. (A free version is available for limited size boards.) I use the software for creating PCB layouts, drawing schematics, and popping parts onto PCB layouts using the proper board dimensions. Then I can use the drawing for a prototype using perfboard.

The final option is to have real prototypes manufactured. This is where the CAD software becomes a necessity. If you’ve already done a layout for your hand-wired prototype, most of the work is already done (sans routing). Some engineers will hand-wire a project first to test its performance. Others will go straight to manufactured prototypes. Many prototype PCB manufacturers offer a bare-bones special—without any solder masking or silkscreen—that can save you a few dollars. However, prices have become pretty competitive. (You can get a few copies of your design manufactured for around $100.)

There are two alternatives to having a PCB house manufacture your PCBs: do-it-yourself (DIY) and routing. If you choose DIY approach, you’ll have to work with ferric chloride (or another acid) to remove unwanted copper (see Photo 5). You’ll be able to produce some PCBs quickly, but it will likely be messy (and dangerous).Prototype p5-6

Routing involves using an x-y-z table to route between copper traces to isolate them from one another (see Photo 6). You’ll need access to an x-y-z table, which can be expensive.—CC25, Jeff Bachiochi, “Electrical Engineering: Tricks and Tools for Project Success,” 2013.

This piece originally appeared in CC25 2013

Engineer Survey: Skills, Topics, & Preferences

The electrical engineers, academics, and students who read Circuit Cellar hail from a wide range locations across the globe, such as the US, Brazil, India, The Netherlands, Germany, the UK, and Japan. Despite having different languages and cultures, the readers share a common dedication to and passion for electrical engineering.

This is a portion of our survey results. Link to the full set of results below.

In late 2012, we surveyed a random sample of more than 1,000 members of our community on their technical interests and preferences. We asked questions such as the following: How often do you solder? How many milliamps have you felt? Do you know more than three programming languages? Do you use FPGAs? Which companies make the best embedded products? And more!

Check out the results.

Read CC25 for more survey information, as well as interesting essays on the past, present, and future electrical engineering by engineers, business leaders, professors, and students.

Design a Low-Power System in 2013

A few months ago, we listed the top design projects from the Renesas RL78 Green Energy Challenge. Today, we’re excited to announce that Circuit Cellar‘s upcoming 25th anniversary issue will include a mini-challenge featuring the RL78. In the issue, you’ll learn about a new opportunity to register for an RL78/G14 demonstration kit that you can use to build a low-power design.

Renesas RL78

The RL78/G14 demonstration kit (RDK) is a handy evaluation tool for the RL78/G14 microcontrollers. Several powerful compilers and sample projects will be offered either free-of-charge (e.g., the GNU compiler) or with a code-size-limited compiler evaluation license (e.g., IAR Systems).  Also featured will be user-friendly GUIs, including the Eclipse-based e2studio.

RL78G14 RDK KIT

  • 32-MHz RL78/G14 MCU board with integrated debugger and huge peripheral, including Wi-Fi, E Ink display, matrix LCD, audio ports, IR ports, motor control port, FET and isolated triac interfaces
  •  256-KB On-chip flash
  • USB Debugger cable
  • Four factory demos showcasing local and cloud connectivity through Wi-Fi

The CC25 anniversary issue is now available.

CC25 Is Now Available

Ready to take a look at the past, present, and future of embedded technology, microcomputer programming, and electrical engineering? CC25 is now available.

Check out the issue preview.

We achieved three main goals by putting together this issue. One, we properly documented the history of Circuit Cellar from its launch in 1988 as a bi-monthly magazine
about microcomputer applications to the present day. Two, we gathered immediately applicable tips and tricks from professional engineers about designing, programming, and completing electronics projects. Three, we recorded the thoughts of innovative engineers, academics, and industry leaders on the future of embedded technologies ranging from
rapid prototyping platforms to 8-bit chips to FPGAs.

The issue’s content is gathered in three main sections. Each section comprises essays, project information, and interviews. In the Past section, we feature essays on the early days of Circuit Cellar, the thoughts of long-time readers about their first MCU-based projects, and more. For instance, Circuit Cellar‘s founder Steve Ciarcia writes about his early projects and the magazine’s launch in 1988. Long-time editor/contributor Dave Tweed documents some of his favorite projects from the past 25 years.

The Present section features advice from working hardware and software engineers. Examples include a review of embedded security risks and design tips for ensuring system reliability. We also include short interviews with professionals about their preferred microcontrollers, current projects, and engineering-related interests.

The Future section features essays by innovators such as Adafruit Industries founder Limor Fried, ARM engineer Simon Ford, and University of Utah professor John Regehr on topics such as the future of DIY engineering, rapid prototyping, and small-RAM devices. The section also features two different sets of interviews. In one, corporate leaders such as Microchip Technology CEO Steve Sanghi and IAR Systems CEO Stefan Skarin speculate on the future of embedded technology. In the other, engineers such as Stephen Edwards (Columbia University) offer their thoughts about the technologies that will shape our future.

As you read the issue, ask yourself the same questions we asked our contributors: What’s your take on the history of embedded technology? What can you design and program today? What do you think about the future of embedded technology? Let us know.