summaryrefslogtreecommitdiffstats
path: root/sec-blueprint/03-security-concepts.md
diff options
context:
space:
mode:
Diffstat (limited to 'sec-blueprint/03-security-concepts.md')
-rw-r--r--sec-blueprint/03-security-concepts.md446
1 files changed, 0 insertions, 446 deletions
diff --git a/sec-blueprint/03-security-concepts.md b/sec-blueprint/03-security-concepts.md
deleted file mode 100644
index 114bc8b..0000000
--- a/sec-blueprint/03-security-concepts.md
+++ /dev/null
@@ -1,446 +0,0 @@
----
-
-title : Application Security Concepts
-date : 2016-06-30
-categories: architecture, automotive
-tags: architecture, automotive, linux
-layout: techdoc
-
----
-
-**Table of Content**
-
-1. TOC
-{:toc}
-
-## Security Principles
-When connecting a car to the internet, not only we create a mobile entry
-point to our private life, we also relocate our entry doors anywhere in
-the world. Neither all places on this planet are nice nor safe, nor are
-the people. The locks and alarms on cars, will give only a fake
-impression of security once that internet connection has entered the
-place.
-
-Internet enables the worse of human side to get access to private
-domains. If we are not careful, it will likely be invaded in a very
-short time following connection..
-
-**So, connected cars security must be designed as a military vehicle
-which would be deployed in a high risk zone even when designing cars for
-out towns and villages**:
-
-- Physical access to the car should not be a white card to hack
- the system. Most cars sleep in the streets and public car parks where physical
- accessibility is easy.
-- Known defect should be corrected by SW update in real time, without a return to
- home or garage.
-- A separation of functionalities in isolated domains should allow the
- car to remain safe and operational by limiting the contamination,
- would a malicious SW succeed to pass the protections.
-- Connectivity between the various domains should be restricted to the
- minimal set required for their operation.
-- Software loaded in cars and in the cloud should be vetted in
- accordance with its capability to access critical resources. The
- vetting authority must be controllable, enforceable and revocable.
-- Inside each domain, sub domains should be created to limit even
- more, the nuisances capabilities of a successful malicious code.
-- Software or devices not wetted should never be able to access any
- critical resources.
-
-**The strategy can be summarise as “anything, which is not explicitly
-authorise is strictly forbidden”,also known as ‘white listing’ policy.**
-
-We all understand those concepts, and nevertheless reports still show
-that very little people care about implementing protection against those
-risks yet. As a consequence most Connected Car projects are coming on
-the market with major security holes. It will take some time *(and
-likely some catastrophes)* for the Automotive Industry to clean up the
-pre-cyber security awareness designed products.
-
-The complexity induced by a security framework requires serious effort
-on the design side and complexifies the code execution. Fortunately our
-modern CPUs, which are very fast and ernergy efficient, can reduce this overhead
-to very acceptable extra work load on the computing and energy
-sub-systems.
-
-The challenge of Connected Cars is very similar to embedded devices
-in general. Within AGL we are defining solutions, which can enable this
-new market to emerge without requiring each product design to be
-chaperoned by security experts. *The world does not hold enough security
-experts to even overview even a few percent of the projects that are required
-to create all connected devices that will be launched in the next 10
-years.*
-
-If embedded developers must implement complex security models
-without, having neither the time nor the skills, to architecture them
-correctly, *they can only succeed by reusing ready made trusted
-solutions*. Fortunately Connected Cars are based on some flavour of
-Linux operating system which has, due to its long serving years in many
-critical domains, a large offering of security options.
-
-AGL only focus on the security facilities offered under
-Linux operating system for the connected car market.
-Non Linux Operating systems which can also be present in a connected car, are not covered by AGL platform security model.
-
-## Strategy
-There is no miracle solution. When deciding which security strategy, you
-will need, first to try to evaluate all the possible attack vectors,
-then to define your priorities and your limits.
-
-Even if today complexity is mostly in the software (SW), we still need
-some hardware (HW) to run it. Securing the HW is a very complex task
-which fortunately is likely yet not required for Connected Cars. I will
-not open more the topic here. Nevertheless applying a healthy design
-attitude by reducing obvious direct risk vectors (debug serial connector
-wired in production, tracks with clear communication channel easy
-accessible on PCB, …) should be done.
-
-Would your automotive project requires a more protected HW, you will
-find plenty of literature on that topic. I personally like this
-relatively old (2004) paper from J Grand as an introduction to the
-domain.
-http://www.grandideastudio.com/wp-content/uploads/secure\_embed\_paper.pdf
-
-On the SW side, the most efficient model is to work by layer :
-
-- **be sure that the desired SW is loaded**
- On non connected devices, a trusted boot is considered a valid
- enough solution, but Connected Cars requirement to enable
- applications be added after the initial equipment provisioning,
- requires more than a simple trusted boot.
- A strategy to control the integrity of the software and its
- configuration is required.
-- Be able to change (upgrade) the software to correct a newly
- discovered risk.
- Assuming that the system will never be broken is an utopia. The
- right strategy is to plan how to recover from the discovering of a
- new security issue to avoid its propagation.
- *This upgrade mechanism must be particularly solid has it has to be
- capable of being executed on a compromised system without the
- support of a skilled operator.*
-- **Only select trusted Linux drivers.**
- In Linux, drivers are executed with the same privilege level than
- the Kernel itself. I short a malicious or hacked driver is an
- uncontrolled open door to the hart of the system. Only vetted driver
- should be used and any complexity unique to the platform should be
- pushed in the user space domain. This remark is particularly
- important when introducing drivers that are connecting with the
- outside world.
- Ideally dynamic driver integration after boot should be banned even
- if that would limit the flexibility of hot plug for USB devices.
- Solutions to reinforce the Linux Kernel integrity during execution,
- can be activated but they are an order of magnitude more complex to
- activate than keeping bespoke logic in user space.
- https://www.isoc.org/isoc/conferences/ndss/11/pdf/3\_1.pdf
-- **Isolate the core of the system from the middleware.**
- By default the protection on Unix type systems (and so Linux) is
- done by allocating the user a set of access rights. The side effect
- is that any code running under a given name can access all the
- resources that is given to that user. Furthermore it is possible at
- any time to further expend this access to other users. *As most of
- code in traditional embedded software run with the Administrator
- privilege (root) we foresee the danger of this traditional
- embedded model. Fortunately Linux provides a Security model
- called LSM.* (
- https://en.wikipedia.org/wiki/Linux\_Security\_Modules)
- It allows to create an access strategy which is not controlled by
- the user but rather by the system configuration. Multiple front end
- are available to control LSM and that will be studied a bit later in
- this paper. This allows to create a Mandatory Access Control (MAC)
- which is a powerful tools to avoid compromised code to gain access
- to extra resources to propagate further.
- Other restriction based on the c-groups, the Posix capabilities and
- the Seccomp can used in addition to LSM to further mitigate
- the risks.
-- **Isolate Applications**
- IoS and Android phones have initiated the Apps model and nowadays
- launching a product which cannot be extended by Apps (from a closed
- or open Store) after the creation of the device is a risky
- marketing strategy. While the model of Apps loaded from an open
- store is reserved to a very small category of mass consumer devices,
- the capability to load Apps after the creation of the initial SW is
- a very attractive way to reduce the time to market as well as the
- reaction time to changing market demand.
- In particular it would allow car manufacturers, to customise the car
- SW, individually on the production line, to the buyer wish.
- *By design Apps are created with a quite loose coupling with the
- core SW. The default Linux DAC (Discretionary Access Model) is not
- the most reliable for limiting the access to the system capabilities
- to the minimum required.*
- Associating the validation of the origin of an App to the resource
- that such App can claim access, with the enforcement of restriction
- in accessing the system resources to those explicitly granted, is a
- far more reliable approach.
-- **Private data protection**
- *Cars know a lot about us, from where we go, to who we call, who get
- in our car (via the phone detection) and hold data that we are not
- willing to let go in the Open without our explicit consent.*
- This creates three main families of requirements :
-
- - Requires a safe provisioning of new devices and App in the
- system (know who is who and who does what. )
- - Enforce encryption to any traffic going out.
- - Enforce encryption on local storage for personal data to
- mitigate off line attack risk.
- - Enforce isolation of devices own by multiple users that connect
- to the car.
-
-## Secure Boot
-The trusted or secured boot is a facility offered by most Systems on Chip (SoC)
-which enforces :
-
-- booting the system in a known state
- (e.g. all the RAM set to "0", all internal peripherals set
- to silent)
-- providing a validation that the loaded initial code is signed by a
- valid authority
- (in short the SW is really coming from a known valid source).
-
-As the feature is very closed to the HW, almost as many solutions exist
-than SoC vendors and many of them requires to buy a large volume of SoC
-in order to get access to the facility and are by that requirement not available to generic platform developers.
-
-The Secured Boot option associated to a modern boot loader such as UEFI or uboot
-allows to restrict the execution of the system initialisation code to those which which carries a valid signature.
-Even if the system presents some weaknesses and constrains, it is likely
-*a valid and accessible solution for most device manufacturers even for
-medium volume.*
-
-Once the trusted boot activated, you will have a good confidence
-*(history shows that security loop holes are always available
-somewhere)* that the code which will start to run when powering the
-device, is the expected one.
-
-## Read Only root file system.
-
-In most embedded system the core OS is under control of the device
-manufacturer. *A very simple and efficient way to limit opportunities to
-get the core OS and middle-ware to be modified by a malicious code, is
-to store it on a read only partition*. Even if that is not 100%
-bulletproof it seriously complexifies the level of required knowledge to
-break into the OS and greatly eases, the implementation of a recovery
-strategy.
-
-In order to enable some local persistent changes such as those required
-to register some network or locale configurations, an overlay can be
-created for some directories. Since Linux 4.0, the kernel supports by
-default OverlayFS which provides that facility and support the extended
-file attributes required by file base MAC such as SELinux and Smack.
-https://github.com/torvalds/linux/commit/e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c
-
-## Code Integrity during execution
-
-In the embedded world it is quite acceptable to restrict the end user to
-operate the system as designed. We can take profit of this favorable
-position, to limit the capabilities of a malicious applications to
-change our Operating System (OS) after the protected initialisation
-(trusted boot). This can be done *by activating an integrity enforcement
-such as IMA/EVM on all the core OS.*
-http://sourceforge.net/p/linux-ima/wiki/Home/
-
-In short IMA allows the kernel to check that a file has not been changed
-by validating it against a stored/calculate hash (called label) while
-EVM checks the file attributes (including the extended ones).
-
-Two types of labels are available :
-
-- immutable and signed
-- simple
-
-The signed labels are reserved for code or data which are static and
-provide the best level of protection. The signing tool remains external
-of the device. The simple hashes are reserved for code which can be
-install dynamically and the hash can be recalculated on the fly by the
-OS providing a lesser level of protection.
-
-Obviously some restriction will be imposed on which SW modules are
-allowed to update an IMA/EVM label and all public keys used for
-signature checking must be protected with an unmutable label or stored
-in the HW security sub-system.
-
-## Update and Ugrade
-
-The integrity enforcement does not allow immutable files to be updated
-on line. The Integrity system would detect the violation and block any
-further reading of such file.
-
-*The update solution must cater with this constrain and must be
-implemented via an atomic model where all changes are done in one step,
-on the entire core OS, generally just before a reboot..*
-
-## Mandatory Access Control (MAC)
-
-Connected Cars are comparable to middle volume consumer managed products
-(very similar to connected TV), by this, I mean, product where the
-software is entirely provided by the device manufacturer. The main side
-effects are well known :
-
-- low cost and small CPU
-- high control of the OS and Middleware loaded on the box
-- user, at best, very slow to activate update
-- no visibility by the manufacturer of the external environment where
- the device is connected.
-- No skilled administrator
-- No recovery console.
-
-For those reasons, a solution like Smack has been selected by AGL as the
-best suited LSM front end. Furthermore, its adoption on Tizen by Samsung
-for delivering millions of Smart TVs enable an active community focussed
-on keeping good performance on smaller CPUs.
-<https://wiki.tizen.org/wiki/Category:Security>
-
-## Applications
-*Apps are the weak security vector in many modern system.* Car
-manufacturers need to add bespoke/localised App developers in order to
-make their product commercially attractive. It is a fast moving world
-very different to the use and habits of the Automotive industry.
-
-Defining the right level of App vetting is a real challenge. A quick
-reality check on markets where Apps exist, such as Mobile, Smart TV or
-Smart Watches, show that the detection of roke Apps is very complex
-already on platforms that impose the execution via a Virtual Machine, so
-we can imagine what is the complexity, when native code support is
-required in order to run on very small CPU.
-
-**As we cannot fully trust Apps, we have to contain them**. This can be
-done by :
-
-- Limiting Apps download origin to trusted ones.
-- Restrict Apps privileges, resources and APIs access to what is
- explicitly authorised
-- Isolate Apps runtime
-
-Restricting Apps origin to trusted source is quite simple. The simple
-use of a certificate to validate the App signature is a powerful model
-when associated with an installer code which cannot be called via a back
-door. A simple model consists in separating the download process and
-exposed (UX, connected) from the installer code which can validate the
-App origin and installation in a isolated process with a lower surface
-of attack.
-
-Restricting Apps privileges requires first to know what are the
-requested and authorised privileges. The granularity of these
-privileges, must offer a good flexibility while remains simple, to be
-understood by the developers and the user. The compromise will depend of
-the target audience. The current return of experience from Android and
-Tizen, tend to reduce the list of privileges to a shorter list rather
-than in opposite. The creation of goup or App class is an other valid
-model.
-
-The list of requested privileges will be associated to the App in a
-Manifest. A practical extra validation of the requested privileges can
-be done depending of the App origin and signature level (e.g.
-Manufacturer, Partner and Community stores).
-
-The association between the App and its privileges list must be kept
-safe and available for enforcement in the system. The Samsung originated
-Open Source project Cynera (https://github.com/Samsung/cynara) provides
-such service and is optimised for execution on small SoC.
-
-Isolating the App when running is the most challenging task, it requires
-to let the App access enough of the system to execute its task but no
-more, to mitigate any malicious activity. One model to address this
-challenge consist in slicing the access to the system :
-
-- CPU, RAM
-- devices
-- network
-- middleware
-- files
-- libraries and system calls.
-
-CPU and RAM over use can be restricted with a correct C-Group
-configuration.
-
-Devices and files can be isolated by MAC and DAC.
-
-Network access can be controlled via MAC in association with the
-nftables.
-
-Middleware in AGL is access via binders which provides not only an
-isolation via creation of different security context but adds the
-concept of authentication which limit attack through man-in-the-middle
-*https://en.wikipedia.org/wiki/Man-in-the-middle\_attack*.
-
-The control of Libraries and system API usage is far more complex. MAC
-advanced usages can help in this domain but Seccomp-BPF can go further.
-Seccomp which is an upstream feature of the Linux kernel is used by
-Mozilla and Chrome in their browsers and enable a low level protection
-solution. Seccomp can quickly induce a performance hit and access rules
-must remain simple.
-The following page provides interserting reports on performance cost of
-that feature. (https://wiki.tizen.org/wiki/Security:Seccomp) for one
-system.
-
-###Name spaces
-
-Containers have made Linux name spaces visible to the mass. They are
-very popular and unfortunately often confused with security enforcement
-due to their common use as light virtualisation solution in the cloud.
-
-Whichever model of container is referenced, they all use the Linux
-various name spaces
-(http://man7.org/linux/man-pages/man7/namespaces.7.html). The general
-idea is to share a common kernel and to let each containers run its own
-virtual Linux user space and middleware. With the increased CPU
-performance and the facility provided by novel filesystem architectures
-such as overlayfs, the files and code which happen to be unchanged
-between different containers can even remain shared transparently on
-disk and in RAM, enabling the use of containers for single App in the
-cloud or on small embedded system.
-
-From a security point of view, while containers provides an isolation
-between themselves, it must remain present to the designer that :
-
-- kernel is shared and security weaknesses and zero day defects can be
- used to cross domains.
-- As each container can provides its own version of the middleware,
- upgrading the system is not enough to correct known security issues.
- Each container must individually be updated.
-- Due to the transparent overlay model sharing files between
- containers, predicting the actually used disk space is challenging.
-- UX needs to share the same Display and Input what can open back
- doors in the system.
-
-At least two lines of interest seem to provide a serious value for the
-Automotive domain :
-
-- Isolating subsystem
-- Easing development
-
-The isolation model is very interesting when multiple service providers
-needs to share the same embedded device. A commonly listed use case, is
-the sharing of an IVI system with games or cloud multimedia services.
-
-The ease of development, is potentially even more valuable. One of the
-challenge faced by the embedded SW industry is the lack of skilled
-embedded software developers. *Enabling web and traditional IT
-programmers to work in a known environment and to run their App on an
-IoT device without requiring to become an embedded SW expert would be of
-a high value*.
-
-The Smack provides a solution to create MAC name spaces, so in theory
-nothing would stop to launch containers for each Apps in an isolated
-environment.
-
-As further reading on similar topic, you can have a look at the Open
-Source Vasum project.
-https://github.com/Samsung/vasum
-https://wiki.tizen.org/wiki/Security:Vasum
-
-## Process Management
-While developers will always have a good reason for delaying the
-activation of the security layers, to succeed, you will need to keep a
-few base concepts enforced:
-
-- Security is invasive. It goes everywhere.
-- Security cannot be apply as a patch at the end of the project.
-- System must be developed with the security 'on' or it will
- never work.
-- SW must be written secured first time, as late adaptation is
- too difficult.
-
-*Underestimating the resistance of the developer team is a common
-mistake which can lead to massive over costs and delays. *Implication of
-the right expert and management drive from the beginning is a
-requirement that cannot be negotiated.