© 2017 WIND RIVER. ALL RIGHTS RESERVED. Securing Edge Devices Derrick Lavado Sr. Manager, OSBU
© 2017 WIND RIVER. ALL RIGHTS RESERVED.
Securing Edge DevicesDerrick LavadoSr. Manager, OSBU
2 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
What we will cover..
▪ Cybersecurity Risks in a Software Defined World
▪ Wind River Security Overview
▪ Introduction to Pulsar Linux
3 © 2016 Wind River. All Rights Reserved.
Our software has been deployed in over 2 billion devices; into environments, systems, and applications subject to the highest standards of safety, security, and performance.
4 © 2016 Wind River. All Rights Reserved.
HERITAGE▪ 1981: Founded▪ 1993: IPO▪ 2009: Acquired
SCALE▪ 1,200+ Employees▪ Presence in 20 countries
LEADERSHIP▪ Leading Commercial
Operating System Market Share
▪ Broadest Portfolio
INVESTMENT▪ 30+% of Annual Spend
Is on R&D▪ Rich History of M&A
For over 30 years, Wind River has helped the world's most recognizable brands power generation after generation of embedded devices.
CHEMICAL SECTOR COMMERCIAL BUILDING SECTOR COMMUNCIATIONS SECTOR CRITICAL MANUFACTURING
DAMS SECTOR DEFENSE BASE SECTOR EMERGENCY SERVICES SECTOR ENERGY SECTOR
FINANCIAL SERVICES SECTOR FOOD & AGRICULTURE SECTOR GOVERNMENT BUILDING SECTOR HEALTH CARE SECTOR
IT SECTOR NUCLEAR SECTOR TRANSPORTATION SECTOR WATER & WASTEWATER SECTOR
6 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
6 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
East-West
Nor
th-S
outh
Each node in the end-to-end topology represents one or more attack vectors.
Consequences of compromise are significant.
https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/
http://www.zdnet.com/article/target-confirms-breach-40-million-accounts-affected/
https://ics-cert.us-cert.gov/alerts/IR-ALERT-H-16-056-01
https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
Cybersecurity for the Software Defined World
7 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Software Complexity
https://media.ford.com/content/fordmedia/fna/us/en/news/2016/05/05/ford-invests-in-pivotal.html/
http://bit.ly/KIB_linescode
8 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
East-West
Nor
th-S
outh
Effective embedded cybersecurity requires a comprehensive approach that encompasses:▪ Silicon▪ Software infrastructure▪ Development tools
9 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Pillars of Device Security
Technological
▪ Securing a platform via hardware/software security enablement
▪ Secure communications
▪ Remote attestation
▪ Security monitoring
Operational
▪ Security alert and response process
▪ Security product development process
▪ Device manageability & OTA
Lifecycle
▪ Software maintenance– Bug fixes– Security patches– CVE
monitoring/reporting
▪ Providing software updates over n years of a Linux “LTS” distribution
10 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Device/Service & Communication Security Layers
Enhanced Security
Foundational SecuritySecure Boot &
InitializationProtected StorageHW/SW Identity
Trusted Execution
Environment
Hardware
Cryptography Key/Certificate Store
Public Key Infrastructure
Protected Communications
Protected Access
Protected Networks
Measured Boot & Initialization
Role Based Access Control
Mandatory Access Control / Least Privilege
Secure SeparationSecure Update Compliance
Auditing
Security Intelligence
Intrusion Detection
Intrusion Prevention
Root of Trust
Protected Storage
Crypto Acceleration
Trusted Execution
Deception
Auditing & Logging
Identity Silicon
Software
SIEM Analytics
11 © 2017 WIND RIVER. ALL RIGHTS RESERVED. An Intel Company
East-West
Nor
th-S
outh
1. SECURE DEVICES & SERVICES*
2. SECURE COMMUNICATIONS
3. SECURITY MONITORING & MANAGEMENT
SE
CU
RE
P
RO
CE
SS
ES
Cloud / Enterprise
Fog
Wind RiverCybersecurity Strategy
Intel Consistent Security Capabilities
Trusted Execution
HW/SW Identification
Protected Boot
Protected Storage
* Supports Intel consistent security capabilities
12 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Security Development Process
▪ Select and review process standards
▪ Select and review process checklists
▪ Establish and review requirements baseline
▪ Architecture definition
▪ Architecture review
▪ Design definition
▪ Design review
▪ Test plan preparation
▪ Static analysis
▪ Manual code review
▪ Test execution
▪ Process compliance analysis
▪ Security validation
▪ Final release review
▪ PSIRT
Implement DeployAssessment Architecture Design
CVE Checker
13 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Communication and ResponseMITRECERT Customers security-alert@
windriver.com
Product Security Response Team
DefectFiled
Consolidated OLSNotification
Proactive OLSNotification
Does NotAffect Product
Applicableto Product
Patch andOLS Notification
14 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
CVE-2010-2943 CVE-2011-1020 CVE-2012-3412 CVE-2013-4312
Releases
Alerts
Fixed
2010
2011
2012
2013
2014
2 433
64543370 341
5186528841504639 7937 6488
4 4
2015
1844 2330
2016
5157
6449
4
CVE-2014-0160 aka
HeartBleed
CVE-2015-0235 aka Ghost
CVE - CVE-2016-0800
aka DROWN
Continuous Security Monitoring
15 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Cloud / Enterprise
Fog
Wind River Security Solution Portfolio
Wind River Professional Services
VxWorks Portfolio | real-time safety & securityWind River Linux | secure embedded LinuxPulsar | ready-to-use embedded LinuxDevice Agents | connectivity, monitoring, &
management
Titanium Edge | carrier grade NFV/SDNTitanium Control | embedded xFV/SDxPulsar | ready-to-use embedded Linux
Helix Device Cloud | device managementHelix CarSync | secure OTA updatesTitanium Cloud | carrier grade NFV/SDN
Sim
ics
| sim
ulat
ion
– de
vice
thru
sys
tem
16 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Wind River® Pulsar™ Linux is a small, high-performance, secure, and manageable container o.s. designed to simplify and speed development of IoT devices software.
INTRODUCING PULSAR
17 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Relationship between Pulsar and Wind River Linux –
Wind River Linux is a Distribution Builder
Wind River Linux
ProfilesBoard
Support Package
Select Hardware
Customize BSP
Linux Platform Source code
Customize, Configure, Build
1 2 3 4
Linux Binary Distribution
User-Space Libraries
Applications
❑ Wind River Linux is designed to create distribution for any architecture and any board
❑ Fine grain control on customization for size, performance and business needs
❑ Cross build tools run on Desktop
$$$
Manufacturers
Design and manufacture commercial devices
18 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Relationship between Pulsar and Wind River Linux –
Pulsar Linux takes care of building of binaries
Wind River Linux
ProfilesBoard
Support Package
Select Hardware
Customize BSP
Linux Platform Source code
Customize, Configure, Build
1 2 3 4
Pulsar Binary Distribution
User-Space Libraries
Applications
❑ Pulsar Linux is customized and certified for a selected hardware
❑ Certified boards boot up with default configuration. Users can then add or delete packages
$$$
End Users
Customize installed devices to suit individual
requirements
19 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Containers – A good balance of simplicity & isolation
Hardware Board
Linux Kernel
Applications
User Space Libraries
Hardware Board
Linux Kernel
User Space Libraries
Hardware Board
Linux Kernel
Applications
Virtual board
Linux Kernel
User Space Libraries
ApplicationsContainers
Virtual Machines
Self-contained, independent Micro-Services
Self-contained, independent Virtual Appliance
❑ Containers allow devices to be easily updated in field with very good isolation
❑ Containers allow porting of applications from other distros like Red Hat & Ubuntu
20 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Wind River Linux
Open Virtualization
Profile
Carrier Grade Profile
Security Profile
Pulsar Linux SecurityBinary platform with WR Linux “pedigree”
▪ Wind River Linux secure kernel
▪ Secure Boot
▪ Linux IMA
▪ Secure backup/restore
▪ SELinux
▪ TPM 2.0 and TPM2-TSS
▪ IPsec/L2TP/PPTP VPN
▪ Rootfs & Storage encryption
▪ Package signing
▪ Secure update
21 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Current Intel Security Support across the PortfolioIntel Solution VxWorks Linux TitaniumUEFI Secure Boot ✓ ✓ ✓
TXT (trusted execution) ✓(PS) ✓ ✓
FSP (fast start) ✓(PS) ✓(PS) ✓(PS)
PTT (platform trust/TPM) ✓ ✓ ✓
AES-NI (cryptography instructions) ✓ ✓ ✓
VTx/VTd (separation/virtualization) ✓ ✓ ✓
NX (execution protection) ✓ ✓ ✓
QuickAssist (QAT – cryptography accelerators) ✓(PS) ✓ ✓
DPDK (network acceleration and DPI) ✓(PS) ✓ ✓
Intel NIC Virtualization (network separation) ✓(PS) ✓ ✓
Note: Specific profiles required for support of some features
PS = enabled through Wind River Professional Services
22 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Certified distribution, secured and extensible
Pulsar Linux
Package Manager agent(SmartPM, Open standard)
Software Maintenance
Package Repository
❑ Security updates and patches are pulled from Wind River repository
❑ Additional packages & applications are easily added directly from Pulsar Linux from various repositories
❑ Self hosted builds - ability to build packages from source on the device without cross development tools
010101010101010101010101010101010101010101010101010101010100100101010010010010010110101001
010101010101010101010101010101010101010101010101010101010100100101010010010010010110101001
010101010101010101010101010101010101010101010101010101010100100101010010010010010110101001
010101010101010101010101010101010101010101010101010101010100100101010010010010010110101001
Device Applications
WR 3rd party
Hardware Board
Integrators
Provide Solution by integrating commercial hardware & software
23 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
UTX-3115 & 3117
UTX-3115 Bay TrailAdvantech UTX-3117 Gateway (Intel® Atom™ X5-E3930)
Minimal Secure Kernel
Container Manager
Security (secure boot - TPM)
▪ Certified binary distribution for the Advantech UTX Gateway
▪ Includes Pulsar Security Framework
▪ Extensibility via packages and/or containers
▪ Updated with security fixes and patches
▪ Complete SDK
▪ Providing Export and IP compliance artifacts
Wind River Pulsar™ Linux for Advantech
Additional Containers
Gateway ContainerOpen JRENode JSMQTT
ModbusHelix Device Cloud Agent
Shim loader / Grub 2.x
24 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
http://pulsar.windriver.com
• Advantech UTX-3117 Gateway• Intel Atom® E3900 Processor• Pulsar Linux pre loaded• Integrated Pulsar Security Framework• Includes software maintenance
25 © 2017 WIND RIVER. ALL RIGHTS RESERVED.25 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Initial Investment
MaintenanceHidden costs include
upkeep of code base, bandwidth
drain, ever-evolving compliance, and safety standards.
Build vs. BuyLower Total Cost of Ownership▪ When considering embedded Linux for a device, it’s
important to take the long-term view into account. Embedded devices are often in production and in service for many years, sometimes decades.
▪ In the long run, commercial offerings that provide a reliable embedded Linux OS with support and maintenance are cheaper than maintaining a roll-your-own Linux solution in-house.
Get Started with Wind River Linux
Stay Current and Productive
Long-Term Cost Control
Try our TCO calculator to see how Wind River Linux can save you up to 53%www.windriver.com/products/linux/tco-calculator
26 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Open Source IP Compliance Challenges
Different File Formats
▪ Spreadsheets▪ Word Docs▪ Text Files▪ PDF▪ XML▪ Hardcopy
Different Record Fields
▪ License for each file? ▪ Governing package license?▪ List of Copyright holders?▪ Attribution notices?▪ Dependencies?
Different Definitions and Terms
▪ Open Source Software?▪ Open Source License?▪ Public Domain?▪ Source vs. Disclosure Doc▪ Accurate &▪ Complete
27 © 2017 WIND RIVER. ALL RIGHTS RESERVED.
Useful Links
▪ How to get Pulsar– http://pulsar.windriver.com
▪ Free Linux TCO Calculator – http://www.windriver.com/products/linux/tco-calculator/
▪ Learn more about Linux security – http://www.windriver.com/products/linux/security/
▪ CVE Database Tool– http://www.windriver.com/security/cve/main.php
™
28 © 2017 WIND RIVER. ALL RIGHTS RESERVED.