Published in Military & Aerospace Electronics
Ashburn, Va. – Network security in embedded computing is getting more scrutiny these days. In a constantly evolving threat environment, where new attacks arrive virtually every day, system architects must design networks to be as secure as possible. That requires a constant review process to enable the necessary adaptation, modification, and updates to keep systems safe.
Network security involves providing protections against all devices that are connected or could have access to the network. In this area, embedded architectures are catching up to enterprise networks. In the enterprise environment, where there has always been the risk of an unauthorized person connecting on a port in an office or conference room, the need to lock down the network is well understood.
In comparison, airborne networks typically have been very controlled, with no network ports exposed. Physical access to ports in the past was easy to control. Today, however, we are seeing embedded networks connecting more devices and making more connection ports available, which makes trusted computing approaches imperative. Aboard commercial jetliners, for example, Ethernet might be available at every seat, and Wi-Fi might be provided for entertainment.
As more devices connect to the embedded network, the more of the network needs protecting. Adding to the security challenge is the growing use of converged networks. Instead of a one-purpose network, today's fast links can transport data from disparate systems over the same network. More systems sharing the network increases not only the potential for contention but also the security challenge; more endpoints mean more potential threats. We are seeing increased use of converged networking in military embedded systems.
The good news is there’s growing awareness of what’s necessary for effective network security; many of the important tools are familiar and readily available. One tool for securing the network is white-listing or limiting access to trusted devices. This could be as simple as enabling each port only to allow traffic from a known MAC address. While simple to implement, MAC addresses can be changed and spoofed. Trusting a device just because it has the right address turns out not to be a very robust security solution.
A more advanced technique to keep out unknown users involves IEEE 802.1x for port-based network access control (PNAC). 802.1x enables the network to authenticate a network endpoint using a cryptographic exchange. Instead of trusting a MAC address, trust is based on a certificate or other credentials. It implements port security via a feature on the network switch. 802.1x is a hybrid feature that needs support on the switch; that’s what controls turning the ports on and off). Still, it also requires clients, called “supplicants,” on the endpoints. That means that implementing protection like 802.1x requires a whole system solution in which both the switches and the connected computers provide support.
Another challenge for providing network security on embedded systems involves upgrade cycles. Adding a security layer on which only one device is secured can introduce a weak link -- unless all other devices on the network also have that layer of security.
While hard-coding and 802.1x enable control over what devices can access the network, MACsec and IPsec tools use encryption to protect data on the move and prevent someone from snooping into that data. IPsec is an end-to-end protocol used originally for VPNs that connect from one office to another office over an untrusted network. In comparison, MACsec secures only a point-to-point connection.
IPsec and MACsec help encrypt network data, and validate keys when establishing connections, but differ in how much data they encrypt. IPsec, for example, supports tunneling and transport modes that offer tradeoffs between overhead and the amount of encrypted data.
Apart from IPsec and MACsec, there are encryption standards like transport layer security that work at the application level. These require less support from the network infrastructure, but consume more processor overhead and encrypt even less, because they exist at the highest layers of the network stack.
Today, we typically see IPsec in local networks like airborne networks that are contained entirely within an aircraft. This protects against data being intercepted by other devices on the network. It also provides protection if the network switches are compromised.
Read the full article here