MAXIM’s DeepCover MAXQ1050 Secure Microcontroller to protect your embedded systems from Malware
|
Malware injection has become a critical threat to embedded systems. Implementing an asymmetric cryptography-based secure boot is the best protection against this class of attacks. This application note from MAXIM describes the key principles of such a secure boot and explains how to implement it with the DeepCover® MAXQ1050 secure microcontroller.
Embedded systems security is a growing concern. There are new attacks on embedded systems every day, including on systems involved with health or safety. One type of attack is malware injection, the insertion of malicious code into a webpage. Once an attacker has succeeded in making a device run a fraudulent piece of software, this unauthorized software can:
- Send confidential data externally. If used in the medical industry, malware injection could cause devices (such as a portable ECG) to inadvertently transmit personal health information. In perhaps a more wide-reaching effort, malicious software could make an encryption key to accessible to the public.
- Force the device to operate incorrectly. A famous example of this is the Stuxnet virus, which after infecting programmable logic controllers (PLCs), forced centrifuges to run at different speeds than expected.
- Induce an unpredictable device behavior. This includes behaviors that could threaten human life.
A properly secured boot process allows only authorized software to run on a given device. It thus prevents malware injection, even during update phases. To bring a high level of trust, a secure boot must rely on proven cryptographic algorithms. This, however, creates several challenges:
- The most appropriate algorithms are asymmetric ones, which require intensive computing power.
- The keys associated with these algorithms must be protected.
- The implementation must be flawless.
In many systems, these requirements can be challenging to implement. However, adding a secure microcontroller as a coprocessor like the MAXQ1050 can efficiently support a secure boot implementation while guaranteeing a very high level of security.
|