US-12625946-B2 - Forensics module and embedded system

Abstract

According to various embodiments, a forensics module ( 250 ) for an embedded system may comprise: a secured memory area ( 202 s ) comprising first data implementing a key ( 305 s ); an interface ( 208 ) for reading ( 301 ) second data ( 302 ) representing a system state of the embedded system ( 150 ); and one or more than one processor ( 204 ) configured to: read ( 301 ) the second data ( 302 ) by means of the interface ( 208 ), wherein the second data ( 302 ) comprises a plurality of data sets; determine ( 303 ) a commitment ( 310 ) to a plurality of aperture values, each aperture value being associated with exactly one of the plurality of data sets, based on the second data ( 302 ) and using a cryptographic commitment process configured such that each data set may be individually verified using the commitment ( 310 ) and the respective associated aperture value; encrypt ( 305 ) the second data ( 302 ) and the plurality of aperture values using the key ( 305 s ).

Inventors

• Volker Krummel
• Peter Guenther
• Gennadij LISKE

Assignees

• Diebold Nixdorf Systems, GmbH

Dates

Publication Date

20260512

Application Date

20220425

Priority Date

20210427

Claims (18)

1. 1 . A forensics module for an embedded system, the forensics module comprising: a secured memory area comprising first data implementing a key; an interface for reading second data representing a system state of the embedded system; and one or more than one processor configured to: read the second data with the interface, wherein the second data comprises a plurality of data records; determine a commitment to a plurality of opening values, wherein each opening value is assigned to exactly one of the plurality of data records based on the second data and using a cryptographic commitment process configured such that each data record may be verified individually using the commitment and the respectively assigned opening value; and encrypt the second data and the plurality of opening values using the key.
2. 2 . The forensics module according to claim 1 , wherein the commitment process implements a cryptographic, collision-resistant, hash function by which the commitment is determined.
3. 3 . The forensics module according to claim 1 wherein the commitment process is a vector commitment process.
4. 4 . The forensics module according to claim 1 , wherein the commitment is bound to the plurality of opening values and the second data.
5. 5 . The forensics module according to claim 1 , further comprising: an additional interface; wherein the one or more than one processor is further configured to output the encrypted second data and the commitment with the additional interface.
6. 6 . The forensics module according to claim 1 wherein the encrypting is performed using the key by a symmetric encryption process.
7. 7 . The forensics module according to claim 1 wherein the encrypting is performed using the key by an authenticated encryption process.
8. 8 . The forensics module according to claim 1 wherein the encrypting comprises using the key to iteratively encrypt the plurality of data records.
9. 9 . The forensics module according to claim 1 wherein the memory area is secured by one or more of the following: a firewall; a memory protection unit; write protection; and a read protection.
10. 10 . The forensics module according to claim 1 wherein the determining of the commitment comprises determining the plurality of opening values.
11. 11 . The forensics module according to claim 1 wherein the interface is configured to read out a processor register of the embedded system.
12. 12 . The forensics module according to claim 11 , wherein the second data comprises an image of the processor register of the embedded system.
13. 13 . The forensics module according to claim 1 wherein determining the commitment and encrypting the second data are performed simultaneously.
14. 14 . The forensics module according to claim 1 wherein the interface is further configured to halt the embedded system, and the second data is read out from the halted embedded system.
15. 15 . An embedded system comprising: a forensics module comprising: a secured memory area comprising first data implementing a key; an interface for reading second data representing a system state of the embedded system; and one or more than one processor configured to: read the second data with the interface, wherein the second data comprises a plurality of data records; determine a commitment to a plurality of opening values, wherein each opening value is assigned to exactly one of the plurality of data records based on the second data and using a cryptographic commitment process configured such that each data record may be verified individually using the commitment and the respectively assigned opening value; and encrypt the second data and the plurality of opening values using the key; and one or more than one additional memory area, wherein the interface is configured to read the second data from the one or more than one additional memory area; wherein the one or more than one additional memory area comprises a processor register.
16. 16 . The embedded system according to claim 15 , further comprising: an actuator; and a sensor; and firmware for controlling the sensor and the actuator, wherein the firmware is stored on the one or more than one additional memory area.
17. 17 . A method for an embedded system, the method comprising: reading out data representing a system state of the embedded system by an interface configured to read out the data, wherein the data comprises a plurality of data records; determining a commitment to a plurality of opening values, wherein each opening value is assigned to exactly one of the plurality of data records based on the data and using a cryptographic commitment process configured such that each data record may be verified individually using the commitment and the respectively assigned opening value; and encrypting the data and the plurality of opening values using a key implemented by additional data stored on a secured storage area.
18. 18 . Non-transitory storage medium comprising code segments configured to, when executed by a processor, cause the processor to perform a method for an embedded system the method comprising: reading out data representing a system state of the embedded system by an interface configured to read out the data, wherein the data comprises a plurality of data records; determining a commitment to a plurality of opening values, wherein each opening value is assigned to exactly one of the plurality of data records based on the data and using a cryptographic commitment process configured such that each data record may be verified individually using the commitment and the respectively assigned opening value; and encrypting the data and the plurality of opening values using a key implemented by additional data stored on a secured storage area.

Description

Various embodiments relate to a forensics module, an embedded system and an automatic teller machine (ATM). Critical infrastructures (CRITIS), such as communication, energy, transport or finance, are based on information technology systems (so-called IT systems). Components of these IT systems are, for example, routers, industrial control systems, medical devices or ATMs. U.S. Pat. No. 10,079,842 B1 describes a forensic service at block level to detect malicious activities on protocols. EP 3 798 883 A1 describes a digital forensics module that identifies forensics-specific metadata of the computing device from a plurality of system metadata of the computing device based on predetermined rules, wherein the forensics-specific metadata is used to detect suspicious digital activities. With increasing digitalization, more and more control intelligence is being embedded in physical sensors and actuators, e.g. in a so-called cyber-physical system (CPS), which implements the networking of embedded systems through wired or wireless communication networks. Such a CPS (illustratively a network of IT and software components with mechanical and electronic parts that communicate via a data infrastructure, such as the Internet) consists of specialized hardware and embedded software. This embedded software is also referred to as firmware. According to various embodiments, it has been illustratively recognized that the traditional view; wherein the firmware of an embedded system is granted an inherently higher level of security due to its low complexity compared to classic application software (e.g. PC software), reflects reality less and less. Due to this view; however, there are currently no protection concepts for firmware that include attack prevention, detection and investigation. This makes it easier for third parties, e.g. as part of professionally organized data crime, to carry out dedicated manipulation of the firmware. Coordinated manipulation of hardware, sensors and firmware is typical of such attacks. Such targeted attacks (so-called “Advanced Persistent Threats”) pose a high risk potential and, with it, the associated economic losses. While an attack on the firmware of a CAN bus controller in a vehicle may still be handled by a recall, such an attack in the regions of telecommunications, energy and health may have far more devastating consequences, e.g. on the security of supply for the population. In this context, it was recognized that the prompt handling of such an attack to mitigate the consequences would be beneficial but difficult to manage conventionally, whether on the part of the manufacturer or the authorities. Such reconnaissance is particularly important for the prevention of future attacks. Conventional investigation techniques are difficult to apply directly due to the embedding of the firmware in the hardware. Furthermore, such an investigation also affects the conflicting interests of the parties involved, such as the operator, manufacturer and investigating authority, so that these parties have requirements that often conflict with each other. For example, the manufacturer has a great interest in protecting its company secrets, whereas the investigating authority wants to be informed as comprehensively as possible. According to various embodiments, these circumstances and requirements are better taken into account. Among other things, it is provided that a forensic image of the suspected tampered firmware (also referred to as a firmware image) may be extracted and this firmware image may be emulated and examined in a suitable environment. The tampered firmware illustratively comprises the original firmware and additional malicious code. Illustratively, according to various embodiments, a forensics module is provided by which an embedded system may be extended, for example, and which extracts the forensic image and provides it in such a way that the requirements of the parties involved are met as far as possible. In accordance with various embodiments, an emulation system for emulating an embedded system is provided, by means of which the forensic image may be examined as efficiently and authentically as possible. According to various embodiments, the timely handling of an attack on an embedded system (EGS) is simplified, e.g. with greater efficiency and/or greater effectiveness. This improves the detection rate of such attacks and thus also makes it possible to improve crime prevention. This results in considerable potential for protecting critical infrastructures and thus increasing security of supply. It is also possible to improve police emergency response and increase crime prevention by gaining information more quickly and more effectively. Efficient forensic extraction of the embedded firmware may involve extracting the suspected tampered firmware from the hardware with bit accuracy. Examination in an emulation environment may involve dynamically examining the extracted firmware and full