Background
Currently, most security measures are implemented at the software layer; however, software is regularly exploited, requiring an endless cycle of patching to address missed vulnerabilities. Current solutions look to address this issue by developing a secure processor and integrating security measures at the hardware level. This would potentially solve many security issues, as it would prevent the need for widespread patching, which can be difficult in various environments. However, given the recency of these solutions, there is a need for further review of the security of the proposed processors.
Approach
This effort is split across two phases:
Determine the baseline security posture of a secure processor Field-Programmable Gate Array implementation
Determine the feasibility of integrating the secure processor hardware into existing automotive platforms
The approach to the baseline security posture evaluation of the processor designs occurred in stages. First, the system needed to be set up and tested for basic functionality. Following this verification, the team began software testing by following an established testing methodology (following MITRE’s Top 25) and writing custom software to test the security of the processor designs.
Once the security was verified, the feasibility of integrating the secure processor hardware into existing automotive platforms was tested by replacing the cruise control functionality of a Division-owned vehicle. This was composed of multiple stages, including the reverse engineering of cruise control signals on the vehicle network, creating an interface to “control” the cruise control, and developing a system to remain on vehicle that is suitable for demonstration. The security of this automotive implementation was then verified by testing against the same vulnerabilities identified in phase one of this project.
Accomplishments
Using our test methodology, we determined that secure processors (in our given implementation) are vulnerable to certain vulnerabilities such as unbounded resource usage and buffer overflows. Recommendations on how to address each of the identified vulnerabilities were also identified. Additionally, we were able to prove that these secure processor technologies could effectively replace existing systems in an automotive platform.