资 源 简 介
随着安全漏洞的抬头,基于硬件的MCU解决方案占据中心舞台
几乎所有基于MCU的嵌入式系统-汽车,无人机,USB棒,车库门开启器,数码相机,甚至耗材,如打印机墨盒-容易受到安全攻击。
越来越多的记录的安全漏洞,使用物联网(物联网)作为入口点,提高了安全意识,在设计界物联网连接设备。通常情况下,故事涉及违规影响消费者和最终用户。然而,其他类型的安全威胁至少同样重要的设计工程师-最涉及盗窃,篡改,或破坏知识产权。
互联网可能已经成为一个基于MCU的系统中最流行的切入点,但它远远不是唯一的一个。无担保或未充分担保的诊断端口一直是潜在的脆弱-作为汽车行业发现,主要是通过活动的“调谐器”社区。任何无线(或有线)通信链路也可以用作入口点。
Even the unattached MCU device (or its associated ROM) are subject to tampering and IP theft. Among other techniques, reverse-engineering specialists have developed techniques in which the chip’s mask layers are carefully ground down unTIl the ROM layer is exposed. By closely analyzing which switches have been blown, the firmware code contained in them can be deduced.
MCU vendors have responded with mulTIple approaches to enhancing security for the firmware that runs their devices. Although these measures make firmware more secure, implemenTIng them requires that the system design team understand how they work – and implement them correctly. This involves the extra effort, TIme, and cost for the system’s bill of materials (BOM)。 Computer-intensive security measures such as data encryption can require a more powerful MCU.
