Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33

Front Cover
Designing Secure IoT Devices with the Arm Platform Security Architecture and Cortex-M33
Copyright
Contents
Foreword
Chapter 1 Introduction
	Arm Platform Security Architecture
		PSA certification
		How much development effort is required?
	Assumptions
	Structure of the book
		Getting started
			Introduction to the platform security architecture
			Development tools
		Part 1: Cryptography and secure communications for IoT devices
			Cryptography and secure communications
			IoT protocols and data formats
			IoT cloud service
		Part 2: Device security
			Software attacks and threat modelling
			Security model
			TrustZone
			Microcontroller
			Trusted firmware
			Security services
			Secure bootloader
	Tutorial exercises
	Important
Chapter 2 Arm platform security architecture
	Introduction
	Analyze
		Communications
		Software attack
		Tampering
		Lifecycle attack
		Application-specific threat modeling
	Architect
		Security model
			Secure boot and root of trust
			Secure update with antirollback
			Isolation of secure code
			Security service
			Firmware update
	Implement
		Secure boot and assistive security features
		Second stage bootloader
		Partition
		Trusted firmware
		mbedTLS and mbedCrypto
		Software components
	PSA certification
		PSACertified level 1
		PSACertified Level 2
		PSACertified Level 3
	Conclusion
Chapter 3 Development tools and device platform
	Introduction
	Hardware
	Software
	Community license
	Tutorial exercises
	Exercise: Test project
	<  to do   > Install community license
		Device support
		Additional utilities
			How to get out of jail free
		CMSIS WiFi driver
			Exercise adding WiFi support
			SPI interface
			Using the WiFi module
			File system
	Conclusion
Chapter 4 Cryptography—The basics
	Introduction
	mbedTLS
		Exercise: Install and verify mbedTLS
	Information assurance
		Confidentiality
		Integrity
		Availability
		Nonrepudiation and authentication
	Security services
		Ciphers
		Hashes
		Message authentication code (MAC)
		Authenticated encryption
		Random number generator (RNG)
	Ciphers
		Symmetrical ciphers
		Streaming ciphers
		Exercise: ARC4
		Block cipher
		Data Encryption Standard (DES)
		Double encryption
		Triple DES
		Des-X
		Exercise: DES and triple DES
		Advanced Encryption Standard (AES)
			Finite fields
			AES algorithm
		Exercise: Advanced Encryption Standard
	Streaming block ciphers
		Chaining modes
			Cipher block chaining (CBC)
			Cipher feedback mode
			Counter mode (CTR)
		Exercise: Chaining modes
		Cipher abstraction layer
		Exercise: Cipher abstraction layer
	Hash functions
		Message digest 5 (MD5)
		Secure Hashing Algorithm (SHA)
		Salt
		Exercise: SHA-2 hash
		Message authentication code (MAC)
		Hash-based MAC
		Hash abstraction layer
		Exercise: HASH and MAC abstraction layer
	Authenticated encryption
		Authenticated Encryption with Associated Data (AEAD)
		Exercise: AEAD in mbedTLS
	Random numbers
		Entropy
		Random number generation
		True random number generator (TRNG)
		Entropy Pool
		Deterministic random bitstream generator (DRBG)
		Testing for randomness
		Exercise: Random generation
	Managing keys
		Creating keys
		Storing keys
		Using keys
		Key derivation functions (KDF)
		Exercise: KDF
	Conclusion
Chapter 5 Cryptography—Secure communications
	Introduction
	Asymmetric ciphers
		Rsa
		Exercise: RSA small numbers
		Malleability
		Exercise: RSA malleability
		RSA padding
			Pkcs 1_1.5
			Optimal Asymmetric Encryption Padding
		Exercise: mbedTLS RSA key generation and cipher
		RSA problems
		The Diffie Hellman (DH) Key agreement system
		Exercise: DH small numbers
		Exercise: Diffie Hellman Key agreement
	Elliptic curve cryptography
		Addition
		Point doubling
		Group element
		Exercise: Elliptic Curve Diffie Hellman
	Message signing
		RSA signing
		Exercise: RSA signature
		Elliptic Curve Digital Signature Algorithm
			Key generation
			ECDSA signing
			ECDSA verification
		Exercise: ECDSA
	Using asymmetrical ciphers
	Man in the Middle
	Public key infrastructure
	X.509 certificates
	Certificate validation
	Certificate lifetime
	Certificate revocation list
	Certificate encoding
	Certificate authority selection
	Certificate chain
	Exercise: Creating X.509 certificates
		Certificate authority
		Server certificate
		Device certificate
		Certificate and key storage
		Exercise: Parsing X.509 certificates and keys
	Putting it all together
		Establishing a TLS connection
			TLS server
			TLS client
	Exercise: TLS server authentication
		Server and client authentication
		Exercise: TLS server and client authentication
	Conclusion
Chapter 6 IoT networking and data formats
	Introduction
	Message queued telemetry transport (MQTT)
		MQTT architecture
		Message topics
		Topic subscription
		Quality of service
		Retained topics
		Heartbeat
		Last will and testament
		Methods
			Exercise: PC broker and client
				Installing the Mosquitto Broker
			Exercise: Embedded MQTT client
			Retained messages
			Connection object
			Keep alive interval
			Last will and testament
	Exercise: TLS encryption
	Data formats
		JavaScript Object Notation
		JSON object
		Exercise: JSON encoding
		JSON arrays
		Nested JSON objects
		Concise binary object representation
		Integer encoding
		Exercise: CBOR encoding
		Byte and text strings
		Array of data items
		Array of maps
		Indefinite arrays, strings, and maps
		Semantic tags
	Conclusion
Chapter 7 Using an IoT cloud service
	Introduction
	AWS account
	AWS IoT
	Connect a device
	Create a connection policy
	Adding the Dynamo DB database
	Action rules
		Setting the Time Series rule
		Testing the Time Series database
	IoT analytics
	Logs
	Lambda
	Device services
		Device defender
		Device shadow service
		Device shadow
	Conclusion
Chapter 8 Software attacks and threat modeling
	Introduction
		Security flaw
		Security vulnerability
		Security exploit
		Threats
	Common security exploits and vulnerabilities
		Buffer overflow
		Exercise: Buffer overflow
		Stack smashing
		Exercise: Stack smashing
		Return orientated programming (ROP)
			Pointer issues
		Integer vulnerabilities
			Wraparound
			Overflow
			Truncation
			Shift
			Conversion
			Switch statements
				Integer mitigations
		Accessing memory
	Mitigation
		Development process
			Security training
			Threat model
			Security requirements
			Security model
			Change management
			Peer review
			Expert validation
			Functional safety standards
		Implementation
			Software architecture
			Secure coding
			Fault injection hardening
			Defense in depth
			Hardware
			Tool chain
		Verification
			Metrics
			Static analysis
			Software testing
			Fuzzing
			Enhanced debug
		The IEEE top 10 secure coding practices
	Threat modeling
		Where to start
		Threat modeling process
			Identify assets
			Create a system model
			Brainstorm the threats
			Software bugs as threats
		Threat modeling techniques
			Identify the threats
			Stride
				Spoofing
				Tampering
				Repudiation
				Information disclosure
				Denial of service
				Elevation of privilege
			STRIDE-based Tools
				Elevation of privilege (E of P)
				Security cards
			Threat modeling utilities
				Threat modeling tool
				OWASP threat dragon
			Attack trees
				The attack defense tool (ADTool)
		Document the threats and bugs
		Rate the threats and bugs
			Attack tree rating
			Common vulnerability scoring system (CVSS)
				Temporal score
				Environmental score
				Example CVSS calculator
			Dread
				Example DREAD rating
			Mitigation
		Example threat models
	Conclusion
Chapter 9 Building a defense with the PSA security model
	Introduction
	Software architecture
	Temporal barrier
	Runtime isolation
		Secure element
		Trusted Platform Module (TPM)
		Dual core microcontroller
		Trusted Execution Environment
			Single core Armv6/7-M microcontroller
			Single core Armv8-M microcontroller
	PSA Execution environment
		Immutable Root of Trust (RoT)
		Execution environment validation
			Single signer
			Multisigner
		Boot seed
		Updatable Root of Trust (RoT)
	Runtime partitions
		Non-Secure Processing Environment
		Secure Processing Environment
			Secure partition structure
				Level 1 isolation
				Level 2 isolation
				Level 3 isolation
		Secure Partition Manager (SPM)
	Secure services
		PSA RoT services
			Secure storage service
			Cryptographic service
			Attestation service
			Audit
		Application RoT services
		Trusted subsystem
	Secure Boot
	PSA parameters
	Lifecycle
	Device requirements
		Isolation architectures
			Interrupt routing
			Secure Boot
			Unique ID
			Entropy
			System clocks
			Oscillator monitoring
			Reset and power
			Timers
			Monotonic counters
			Real time clock (RTC)
			Debug
			Shielded memory
			Cryptographic accelerators
			Assistive architecture
	Conclusion
Chapter 10 Device partitioning with TrustZone
	Introduction
		Processor operating modes
	TrustZone security extension
	Programmers model
	TrustZone operation
		SAU and IDAU
		SAU registers
	TrustZone configuration
		CMSIS startup files
		Secure veneer functions
		Exercise: TrustZone configuration
			TrustZone access violation
	TrustZone interrupt handling
		Exception vector table
		Locating the nonsecure vector table
		Secure/nonsecure peripheral interrupt routing
		Exercise: TrustZone interrupt routing
	TrustZone system control block
	SysTick
	Exercise: TrustZone SysTick support
	Using an RTOS with TrustZone
		Multi-threaded access to secure functions
		CMSIS core TrustZone functions
		Exercise: Using an RTOS with TrustZone
	Memory protection unit (MPU)
		MPU memory types
			Normal memory
				Shareability
					Nonshareable
					Inner shareable
					Outer shareable
			Device memory
		MPU configuration
		Region number register
		Base address register
		Memory attribute indirection registers
		Exercise: Memory protection unit
	CMSIS-zone
		CMSIS-zone utility
		Exercise: Using the CMSIS-zone utility
	Conclusion
Chapter 11 The NXP LPC55S69 a reference IoT microcontroller
	Introduction
	Trusted execution environment (TEE)
		Secure bus matrix
			Security sideband signals
		Trusted execution environment configuration
			Master security wrapper
			Memory protection checker
			Peripheral protection checker
		Example: Trusted execution environment
	Security architecture
		Overview
		Protected flash
			Customer manufacturing programmable area (CMPA)
			Customer field programmable area (CFPA)
			NXP programmed area
		Key storage
			Physically unclonable function
		Exercise: Key storage using the PUF
		Secure boot
		Monotonic counters
		Exercise: Secure boot
		Debug authentication
		Lifecycle
	Hardware accelerators
		Asymmetric encryption
		Exercise: Casper primitives
		Symmetric cryptography
		Exercise: HashCrypt
		Executable image encryption
		Exercise: Image encryption
		Security peripherals
			Entropy source
			Secure user peripherals
				Secure interrupt masking
				Secure DMA unit
				GPIO masking
				Secure GPIO
	Conclusion
Chapter 12 Trusted firmware
	Introduction
	Installation
		Important
	Exercise: TF-M setup and testing
	TF-M software design
		Client data
		SPE structure
			Interprocess communication (IPC) model
			Exercise: Inter Process Calling
			Secure function communications model
				Memory mapped IO
			Exercise: Secure function call
		Secure partition manager
		Exercise: Secure partition manifest
		SPE interrupt handling
			Interrupt handling FLIH
			Interrupt handling SLIH
			Exercise: Secure IRQ
		Selecting the communication model
		Secure partition runtime library
		TF-M profiles
		TF-M platform
		Entropy source
		Exercise: Entropy
		Secure partition startup
		Stack sealing
	Conclusion
Chapter 13 Trusted firmware secure services
	Introduction
	Nonsecure client
		Configuration
		TF-M client operation
	Security services
		Secure storage service
			Protected storage
			Exercise: Protected storage
			Internal trusted storage
			Exercise: Internal trusted storage
		Cryptography service
			Multipart operation
			Random
			Key management
			Key derivation
			Symmetrical ciphers
			Authenticated encryption with associated data
			Message digest
			Message authentication codes (MAC)
			Asymmetric signing and encryption
			Key agreement
			Exercise: Cryptography service
		Attestation
			Attestation token
			Attestation infrastructure
			Exercise: Attestation token
		Auditing
			Secure partition
			Non-secure partition
			Exercise: Audit
		Lifecycle
		Provisioning
	Conclusion
Chapter 14 The PSA Secure Bootloader
	Introduction
	Updatable bootloader
	Upgrade strategies
		Overwrite
		Swap
		Execute in place
		Ram
	Firmware update service
	Image encapsulation
	Image signing
		Security counter
		Bootloader signing keys
		Exercise: BL2 first project
	BL2 configuration
	Updating the bootloader keys
	Exercise: Bootloader keys
	Bootloading by hardware key
	Image encryption
	Measured boot
	Conclusion
Bibliography
Index
Back Cover