安全远程更新扩展嵌入式系统功能和寿命

安全远程更新扩展嵌入式系统功能和寿命 　　嵌入式系统是许多工业应用的核心，要求产品寿命长，同时响应功能更新和bug修复。安全问题，特别是，可以驱动要求频繁的代码更新，以保持领先的黑客和恶意入侵者。包括一个远程更新设施，如果它可以得到担保，可以极大地延长任何嵌入式系统的可用寿命。 　　本文将探讨各种各样的远程系统更新中使用的现代嵌入式系统，通过显示几个不同的要求和方法。未来更敏感的嵌入式系统的要求也将讨论最近的创新在MCU的功能，可以确定未来的增强方向。 　　 　　Secure embedded system updates 　　Embedded systems are often connected to a network to transfer informaTIon from “edge” devices to central controllers. Central controllers are， in turn， connected to storage units， gateways， and traffic aggregaTIon units all using a network connecTIon. In order to simplify the installaTIon of code updates and bug fixes the interconnect network is also used to download updates to programmable devices. These updates can simply be new parameters to adapt to environmental changes or they can be complete code “replacements” providing new features and capabilities. 　　Updates need to be done in a secure manner or attackers could hijack the update process， replacing reliable code with their own programs. Often these attacks leave start-up code that executes prior to future updates so that the inserted code can persist even after an attempt to update the “infected” system. Several approaches are used to protect remote updates and they vary in complexity depending on the value of the system as a target to a hacker. Clearly， systems that handle financial data are obviously in need of protection， but even a system you might not think of as being vulnerable may require increased security. Often it’s the element on the periphery of a more complex system that provides attackers with an easy in-road. For example， an intelligent thermostat or building control system might allow attackers an easy way into a data aggregation sub-system and then into the central controller of a financial institution.