Whether for consumer and industrial segments, OEMs when developing any products, to manage today’s stiff time and cost pressures, needs them to be re-usable and scalable. For example, an OEM, manufacturing mobile phones and TVs, prefers to have Android OS as a common platform as the underlying technology can be the same with configuration-based changes done for Android Mobile and Android TV. Even a dedicated product, requires configurations to be done during setup and later to adapt to the changes in the field throughout its lifetime. So, it is essential to provide a mechanism to configure the product.
With a high proliferation of internet of things, a challenge when adding such a feature is that it opens up an avenue for security breach. The cybersecurity threats are growing in all application domains. Based on Varonis Global Data Risk research, it is estimated that IoT attacks are growing by 600% compared to last year and a 29% increase in threats in industrial control systems. A study by Kaspersky reveals that only 23% of industrial systems are ready with cyber-security requirements.
Embien has been helping customers across domains by solving their business challenges by leveraging technology effectively. Embien is making a unique mark in the industrial IOT segment as well, by developing products such as universal gateways, building/fire monitoring systems, Protocol translators on RF and wired technologies, etc. This case study explores a case where we developed a Secure Configuration tool for one of such gateways considering portability, scalability, performance, and modularity with emphasis on security.
Our Client is a Tier 1 Security and Fire monitoring product manufacturing company in this field for over 35 years. Have a large product line card, their hardware platforms are not the same across products. It might differ in terms of underlying processor, mounted memory, external interfaces based on the requirement and cost of the product. In some cases, the products share a common platform with only changes on the firmware front. All these systems need to be configured in the field by the field engineer or by their end customers to set up the interfaces and communication protocols. They approached Embien for a solution to these challenges for one of their product segments.
Embien analyzed the underlying requirements and considered several options for changing the configurations such as SD card, CLI via serial port, webserver based etc. Having SD Card-based approach, the user has to access the same physically which might not be feasible and could cause product downtime. The CLI based configuration is vulnerable to a security breach as the protection mechanism is very simple and everyone can have direct access to the interface. Finally, we zeroed upon the web server-based approach protected with HTTPS.
There are many solutions available in the market today to implement web servers on a Linux based system such as Apache HTTP, IIS, lighthttpd, Oracle Java Webserver, POCO, etc. We do have a lot of other open sources as well as commercial solutions readily available in the market. While each of them has a unique set of pro’s and con’s, one of the overwhelming requirement to choose the webserver for the product is the portability. Considering all these factors Embien supported in developing a POCO based webserver.
POCO is an open-source web server stack and targeted for all kinds are systems across the performance spectrum. As it is developed in C++, it can be ported to a variety of processor architectures such as x86, ARM, MIPS, etc with less or no effort. For embedded products, memory and performance are key challenges. As POCO Web Server is highly customizable, it can be configured to reduce its memory usage in the product. Further since POCO libraries and the underlying applications are also developed in C/C++ and are running as native binaries, there is no overhead when compared to VM, etc.
POCO provides tools to generate C++ code automatically based on webpages to be rendered. These backend code generated are available as C++ classes which have to be overridden to provide custom serving of web pages. POCO supports interleaved coding that can mix HTML and C++ code very similar to JSP. With the tight integration of application logic and web pages the performance remains at the top. Another advantage is that since the whole web pages are a part of the application binary, it is quite secure and update operations are simpler.
To reduce further overhead, the POCO webserver is run as a part of the application. This eliminates a lot of overhead of inter-process communication in case it is run as a separate application. It also allows precise control to start and stop the server whenever needed. On top of these, few more customization and optimization were done by Embien to improve its performance.
While it is possible to serve web pages both on HTTP and HTTPS interfaces, we disabled HTTP as a part of security. Over the HTTPS, the web traffic is protected by 128-bit encryption and is completely secure. As part of our solution, we included the server certificate and key for the HTTPS communication in a secure manner on a Crypto Authentication chip. Having not stored the keys in the filesystem, no one will have access to them and is 100% secure. During production, the keys are stored in a highly secure manner on to the chip from where it is not possible to retrieve.
There are plenty of cybersecurity attacks possible, some of the most famous and common methods are session hijacking, CSRF attack, and cookie attacks. In our implementation, every HTTPSession is secured with double protection using random generated cookies and CSRF tokens. All the configuration passed from browser client is validated with expected configuration values to protect from cross-site scripting attacks.
With such a design, Embien could successfully provide a Secure Configuration with POCO Web Server as an underlying HTTPS server and other secure elements built around it.
Embien is a leading industrial IoT solution provider with more than 50-man years of experience in designing and securing connected systems. Having a cross-domain expertise, we have been helping our customers across geographies in managing their products in a simple yet secure way. Our cyber-security team has helped identify and mitigate risks especially in industrial network environments without affecting the existing setup. We are the first choice for many of our Tier I and Tier II OEM clients in product design and development. Feel free to Get in touch Get in touch to secure your product lines.