Achieving 3D Visualization with Low-Latency, High-Bandwidth Data Acquisition, Transfer, and Storage
High-bandwidth, low-latency solutions come with tradeoffs. To find the right solution for 3D visualization, consider the following requirements:
Back to top
As embedded systems expand across industries such as automotive, healthcare, and industrial controls, securing them becomes increasingly important. A key element of this security is ensuring that only trusted software runs during the boot process. In part 1 of our Embedded Systems webinar series, “Secure Boot in Embedded Systems: The Foundation of Device Security,“ we explored Secure Boot fundamentals, its role in establishing the Root of Trust, and its importance in preventing unauthorized software from running on embedded devices.
Now, in our latest webinar, “Implementing Secure Software Upgrades in Embedded Systems: Best Practices and TPM Integration“ (part 2 of this series), we take the next step by focusing on secure software upgrades. Without robust security measures in place, these upgrades can become weak points, leaving systems open to exploitation, unauthorized access, and operational failures.
Fidus’ embedded software expert, Dawson Theroux, guides us through the essential practices for securing embedded systems during software upgrades, covering everything from Trusted Platform Module (TPM) technology to real-world demonstrations on how to design resilient systems that withstand vulnerabilities in the upgrade process. Below is a comprehensive breakdown of the webinar’s key topics and discussions, with additional resources to help you take your embedded system security to the next level.
Software upgrades play a vital role in keeping embedded systems up-to-date, ensuring continued performance, and patching vulnerabilities. However, the software upgrade process itself can introduce new security risks, as attackers may exploit vulnerabilities during an upgrade to inject malicious software or manipulate the system.
In the webinar, Dawson Theroux highlights the importance of secure software upgrades, particularly in mission-critical systems like automotive control units or medical devices, where downtime or breaches are not an option. A secure upgrade process ensures that the system remains protected and operational, even as updates are applied.
One of the most powerful tools for securing software upgrades is the Trusted Platform Module (TPM). The TPM is a hardware-based component that provides additional security by protecting sensitive information, such as encryption keys, in a secure environment. During the webinar, he explains how TPMs ensure that these secrets are only released when the system is verified to be in a trusted state.
This session demonstrates how Platform Configuration Registers (PCRs) play a pivotal role in this process. PCRs store measurements taken during the system boot process, and if any unauthorized changes are detected (such as tampering with the bootloader), the TPM will refuse to release encryption keys, protecting the system from exploitation.
Key Benefits of TPM Technology:
Learn more about our expertise in embedded software development and how Fidus can support your project from design through implementation, ensuring robust security at every step.
Secure Boot is a critical security feature that ensures only trusted software is executed during the boot process, laying the foundation for system security. This webinar explains how Secure Boot establishes a Root of Trust, which underpins all subsequent security measures within the system.
In his demonstration, he discusses how PCRs are used during Secure Boot to track and verify boot components. The TPM records the boot process’s measurements in the PCRs, and if these measurements don’t match the expected values, the TPM will refuse to release secrets, thus preventing unauthorized or tampered software from running. This ensures that the firmware remains secure and free from malicious modifications.
In embedded systems, failed software upgrades can have disastrous consequences, particularly in sectors like aerospace or healthcare. Webinar focuses on the importance of creating resilient systems that can recover from potential failures by using the A/B upgrade mechanism.
In an A/B system, two software versions are maintained on the device (Version A and Version B). When an upgrade is initiated, the new software is written to the inactive partition (Version B). After verification, the system switches to the new version. If the upgrade fails or the system does not boot correctly, the device automatically reverts to the previous working version (Version A), ensuring uninterrupted functionality. This approach is particularly beneficial for over-the-air (OTA) updates, where physical access to devices may not be possible. The A/B upgrade mechanism ensures that systems remain operational and recoverable in the event of a failed update.
Software upgrade failures are always a possibility, so it is essential to have recovery mechanisms in place. Webinar introduces several methods for handling failures, including minimal firmware recovery images and hardware watchdogs.
These strategies ensure that the system can always recover from a failed upgrade without requiring physical access to the device.
One of the most engaging parts of the webinar is live demonstration of how to use TPM to seal secrets. Sealing secrets in the TPM ensures that sensitive information, such as encryption keys and firmware signing keys, is only accessible when the system is in a trusted state.
During the demonstration, Dawson Theroux walks viewers through:
This demonstration underscores how TPM can be used to protect the most critical parts of your system, ensuring that secrets remain secure even in the face of system changes or malicious attacks.
Fidus offers a range of services and resources to help you secure your embedded systems and optimize software development. Whether you’re working to enhance security, manage multi-core environments, or implement AI-driven features, we have the expertise to support you.
For a deep dive into the best practices for integrating TPM technology into your embedded systems, watch the full webinar now. You’ll gain valuable insights into:
Q: Can the TPM be used in conjunction with a software-only Root of Trust, or is it hardware-specific?
A: The TPM is typically hardware-specific, as it is a hardware module that provides cryptographic capabilities and secure storage. However, you can implement a software-based Root of Trust, but it’s generally considered less secure because software is more prone to tampering than hardware-based solutions. The benefit of using a TPM is that it provides a hardware Root of Trust that is much more difficult to compromise. So while software-only Roots of Trust are possible, they aren’t as robust as hardware-backed options like TPMs.
Q: How do you handle recovery if both the A and B software versions fail in an A/B upgrade mechanism?
A: If both A and B software versions fail, you typically need some sort of minimal recovery image that can be used to restore the system to a functional state. This minimal recovery image should have enough capability to receive a new upgrade package and initiate the upgrade mechanism. The minimal image is usually stored in the boot firmware or as part of the device’s ROM so that it’s always available, even if the A/B software versions both fail. This ensures that there is always a fallback option to recover the system.
A: Rollback protection is one of the main benefits of using TPM during software upgrades. The TPM measures key components of the system, such as the bootloader and firmware, and stores these measurements in PCRs. If someone tries to load an older version of the software, the PCR values won’t match, and the TPM will refuse to release any secrets or keys required to boot the system. This effectively prevents the system from booting older, vulnerable versions of the software, providing strong rollback protection.
A: Yes, absolutely. OTA updates can be secured using a TPM. The TPM can be used to verify the integrity and authenticity of the update package before it’s applied to the system. It can also ensure that the upgrade process follows the proper chain of trust. By using TPM, you can protect the update process and ensure that only verified updates are installed on the system. Many frameworks, like Mender and RAUC, support TPM integration for securing OTA updates.
High-bandwidth, low-latency solutions come with tradeoffs. To find the right solution for 3D visualization, consider the following requirements:
Today’s analysis and emulation of genetic sequences demands a low-latency, high-bandwidth solution to transfer massive amounts of data between processors.
Creating a differentiated product takes a thoughtful approach to heterogeneous computing.
Trust us to deliver on time. That’s why 95% of our customers come back.