ABSTRACT

Contents 11.1 Introduction ................................................................................................................... 280 11.2 Embedded Communication System ............................................................................... 283

11.2.1 Network Model .................................................................................................. 283 11.2.2 Threat Model ...................................................................................................... 285 11.2.3 Contextual Confidentiality ................................................................................. 286

11.3 Security Challenges in Embedded Systems .................................................................... 287 11.4 Attacks against Embedded Systems ................................................................................ 288 11.5 Cryptographic Countermeasures for Embedded Systems ............................................... 289

11.5.1 Symmetric Ciphers ............................................................................................. 290 11.5.2 Asymmetric Ciphers ............................................................................................291 11.5.3 Hash Functions .................................................................................................. 292

11.5.3.1 Message Authentication Code (MAC) ...................................................293 11.5.3.2 Digital Signatures ................................................................................. 294

Abstract: Embedded systems are continuously adopted in a wide range of application areas. These systems are based on the use of low-energy-consumption microprocessors or microcontrollers. The main characteristic of embedded systems is that they perform specific tasks, and they are often integrated into devices such as cellular phones, personal digital assistants (PDAs), and smart cards, which they control. According to these characteristics, security threats target embedded systems because they are physically accessible. Following a brief discussion about major challenges in embedded system development, we introduce an example of an embedded communication system, called vehicular peer-to-peer social network (VP2PSN). Based on the internal architecture and external interfaces of embedded systems, we define a taxonomy of basic cyberattacks: physical side-channel attacks and software attacks. We then focus on reviewing and discussing security requirements, cryptographic countermeasures, security protocols, and biometric systems in embedded systems. We conclude with future research directions for embedded systems security.