In an assessment of embedded systems, the hardware as well as the software of the embedded system is analyzed and examined with respect to existing vulnerabilities. Here, the auditor is in the position of an external attacker or a privileged user. Examples for attack vectors range from the reading of storage chips and man-in-the-middle attacks, up to the infiltration of systems by exploiting vulnerabilities in exposed interfaces.
In general, the assessment is based on the approach of an examination that is as comprehensive as possible. However, depending on the type of application or system and the relevant threats, a risk-based approach is also possible (comparable to a penetration test ). In this case, the focus is on particularly security-critical or endangered areas, whereby the scope of the test is determined by the time budget agreed upon in advance.
The embedded security assessment usually consists of the following parts:
- Analysis of hardware (e.g., data extraction from chips, access to debug and diagnostic interfaces)
- Analysis of firmware and operating systems together with existing update processes
- Analysis of specific security features (e.g., secure boot or HSM integration)
- Analysis of cryptographic methods (e.g., for encryption, signature verification, challenge-response procedures, or entropy of RNGs)
- Analysis of SoC-specific features (e.g., boot chain security, memory isolation, TEE isolation)
- Analysis of communication within the embedded system (e.g., data transfer between chips or processors)
- Analysis of communication with external components or backend services (e.g., via field buses, Bluetooth, NFC, Wi-Fi, or mobile connections)
- Analysis of passive and active side channel attacks (e.g., power analysis or fault injection via power glitching)
- Analysis of application layer (e.g., user inputs or backup functionality)
- Documentation, including a risk evaluation and proposed measures
{{else if Image}}
{{else if Image}}
{{/if}}
{{/if}}
