November 2016
50
I
ndustrIal
C
ontrol
& C
omputIng
Focus on security in
embedded computing systems
By Harald Maier,
TQ Group
In the future, everything will be
networked to everything else.
The Internet of Things and Industry 4.0
are the key terms in this case.
This creates new vulnerabilities
for spying and tampering.
To counter this, system designers and
developers view security as
the focus of new developments.
n
The success story of embedded PC sys-
tems began many years ago. Standardization
together with the compatibility and replace-
ability of hardware and software all played
and still play a decisive role in this success.
Existing printed circuit board assemblies
and circuit elements are reused as are soft-
ware functions and applications. This reduces
development costs and schedules. However, it
is precisely these advantages that present the
greatest vulnerabilities for malicious attacks,
abuse, manipulation, the theft of intellectual
property (IP) and plagiarism. The topic of the
Internet of Things (IoT) and the networked
future are exacerbating the situation more
and more.
Everyone is talking about IoT. This provides
the motive to consider topics such as secu-
rity with more deliberation. In the networked
future, there will be various communication
paths together with a large number of inter-
faces and standards. Being linked to the inter-
net presents a new type of accessibility, too.
Going hand in hand with this, several new
vulnerabilities for unauthorized access, piracy
and abuse are looming. And this is just what
is stopping many companies from launching
into the new era. The fear of spying and tam-
pering is enormous. Sensitive data, but mainly
the systems themselves, need adequate pro-
tection and security. Hardware and software
packages coordinated with one another to the
maximum extent are the best solution to min-
imize the risks.
Systems and infrastructures used until now
were cut off from the outside world and had
security measures that were weak or non-ex-
istent for this reason. Sensitive data, both user
data and special application programs, algo-
rithms and licenses, were stored and managed
in the system or in local networks. Even the
systems themselves presented little vulnera-
bilities for tampering or piracy. Direct, on-site
access was needed to maliciously cripple a
system. Specialized knowledge on the system
level was often implemented using a combi-
nation of proprietary hardware components
and special purpose applications. It was very
difficult to copy this.
The possible access modes to systems and
data have changed. In addition, IP that should
be protected is found more and more in
the upper application layers, in the area of
software. The desire for update and service
demands new concepts and potential access
modes. The demand for flexible use and
licensing models requires new mechanisms
to manage these models. All in all, system
designers and developers are facing new chal-
lenges and security is playing a major role in
all of this. It is necessary to put the focus on
the topic of security for new developments
and this is not just being driven by buzzwords
like IoT and Industry 4.0.
Embedded PC technology can be used in a lot
of areas and handles broad application areas
due to the flexibility coming from expansions,
software compatibility and the availability
of the most varied performance classes. The
spectrum extends from an intelligent IoT
gateway to high-performance computers for
demanding automation tasks. Embedded PC
applications can also often be found in the
medical area. This is precisely where demands
for security on extremely different levels come
together. These demands include the pro-
tection of sensitive data, protection against
tampering, protection of application intellec-
tual property, flexible licensing of additional
options, usually implemented as software
features, and secure communication with the
environment.
The system can only satisfy requirements
nowadays when the security aspect has been
incorporated during the development phase
or when embedded PC components are used
that already contain the necessary security
components and mechanisms. If data and pro-
grams are to be stored on a local drive in an
encrypted form, functions such as BitLocker
from Microsoft – available since Windows 7
Figure 1. Security plays a central
role as early as the product
definition and development
phases and can sometimes be
crucial for the success of the
product.
