Microcontrollers and their main protection measures

In recent years, due to technological breakthroughs, there has been a trend towards the development of devices that are as small as possible, targeted at very specific functionalities and with optimal performance. An essential part of this has been the use of microcontrollers (or MCUs), which are essentially compact integrated circuits designed to perform a specific operation in an embedded system.

- Microcontrollers. Source -

A typical microcontroller includes a processor, memory and input/output (I/O) peripherals on a single chip. In addition, they support various types of hardware elements that allow them to adapt to the specific functionality required by the application. An example of such elements would be the display drivers and 2D graphics acceleration, allowing them to control displays and accept touch inputs.

Also, unlike other microprocessors, such as CPUs, microcontrollers are not designed to run heavy operating systems, such as Linux or Windows, as they consume too many resources. However, there are called Real-Time Operating Systems, which support a single application that has direct access to the chip's hardware and has the vast majority of the processing time. Direct access to the hardware also offers another advantage: real-time communications. Unlike an operating system abstracted from the operating system, an application running on an RTOS has fewer abstractions that slow down access and generally offers much lower access latency to the connected hardware.

Microcontrollers have endless applications that are not only very present in people's daily lives but have also become very important in the industrial world, especially in modern manufacturing plants, as they consist of intelligent production lines that analyse information and automate processes. In addition, they also play a major role in IoT (Internet of Things) as many microcontrollers receive integrated support for connectivity via Ethernet and Wi-Fi, among others.

Most common families

Depending on the complexity and requirements of the tasks to be performed by the microcontroller, different microcontroller families can be used to optimise resources and better suit the needs of the application.

Microcontroller families are based on a processor architecture for their design, so before describing the main microcontroller families and their differences, it is useful to detail which two architectures are currently used:

• Complex Instruction Set Computer (CISC). CISC microprocessors are characterised by their versatility, as they have a large instruction set and allow complex operations to be performed between operands in memory or internal registers.

• Reduced Instruction Set Computer (RISC). RISC microprocessors only support a fixed number of instructions, and only load and store instructions can access data memory. This enables segmentation and parallelism of instruction execution, as well as reduction of memory accesses, resulting in higher execution speed.
   

  

- RISC vs CISC. Source -

It can be seen that no one architecture is better than the other, but that each is designed for different purposes. The processor architecture, coupled with the choice of parameters such as bus width or memory structure, gives rise to many microcontroller families, two of the most important being 8051 and ARM:

• 8051. The 8051 microcontroller was designed by Intel in 1981. It is an 8-bit microcontroller, based on the CISC architecture and is built with: 40 Dual Inline Package (DIP) pins, 4kb of ROM storage, 128 bytes of RAM storage and 2 16-bit timers. It consists of four 8-bit parallel ports, which are programmable and addressable as required, plus a crystal oscillator that is integrated into the microcontroller with a frequency of 12 MHz.

• ARM. The Advanced RISC Machine (ARM) microcontroller was created by Acron Computers in 1987. It is a 32-bit microcontroller based on RISC architecture and is divided into multiple categories such as ARMv1 or ARMv2 depending on the features that make it up.
   

  

- ARM Microcontroller -

Interfaces

Microcontrollers, in addition to the components mentioned so far, make use of different interfaces and communication protocols to transmit information. The most used interfaces are as follows:

• UART (Universal Asynchronous Reciber/Transmitter). 
• SPI (Serial Peripheral Interface). 
• I2C (Inter-Integrated Circuit). 
• JTAG (Joint Test Access Group).

These interfaces are very useful for suppliers and technicians when carrying out communications and accessing memory data, the problem with these interfaces is that they are a great access point or focus for cyber attackers due to the low cybersecurity of this technology.

These attacks are carried out using hardware hacking techniques and, although physical protection measures are already in place to block these attacks, they are sometimes not applicable, as in some cases the use of the interfaces is indispensable for suppliers and technicians.

Microcontroller protections

Due to the major problems that this technology can cause, because of its low level of cybersecurity, different solutions are being sought.

For example, the solution to protect microcontrollers from hardware hacking. This solution lies in the implementation of security measures via software and the elimination of unnecessary services:

• Secure Boot. It is a protection mechanism designed by Espressif for its ESP32 model to safeguard the device from executing any unauthorised code. In this way, it checks that each piece of software being booted by the bootloader is signed by a secure boot verification scheme based on the RSA cryptographic algorithm. The secure boot process is performed in two steps.
  • First the verification is performed, that is, if the RSA signature of that piece is correct, the software is executed. 
  • The second step is when the bootloader tries to load a particular application image, where the RSA signature of the application is verified before executing it.
• Flash memory encryption. Also designed by Espressif, this functionality is enabled using eFuse bits, which are one-bit fields that can be programmed to 1, but cannot be reset to 0, and are used for system and user parameters. This functionality makes it possible to protect the readability of the content stored in flash memory by encrypting by default the three main software components of the system: the bootloader, the partition table and the application partitions. Additionally, any section of memory with different usage can be encrypted.
• Unnecessary services. In addition to the two security measures just mentioned, another effective method, which does not require special components or encryption elements, is to limit the services available on a system to the minimum necessary. This would significantly reduce the attack surface on these devices. Two best practices that serve to increase the security level of a microcontroller are described below:
  • Suppression of the message emitted by the bootloader on start-up: The bootloader emits a message with sensitive information about the device. This message is easy to intercept and would allow the attacker to obtain information and elaborate more complex attacks, so it is advisable to implement configurations that block this message. Such configurations include eliminating event broadcasting and blocking the use of a console on the UART port.
  • JTAG port disabling: To prevent the attacker from using the debugging facilities that allow full control of the device, the debugging service should be disabled if possible. While it is true that debugging mechanisms are useful for designers, it is advisable to consider keeping the port disabled, even if this requires a change to the device for updating or reprogramming.

- Espressi ESP32 series microcontroller; Source - 

Conclusions

Microcontrollers are more present than ever before, and it is rare to find an electronic device that does not have one, but at the same time, this expansion and development in microcontrollers means increased interest from cyber attackers, especially in industrial environments.

However, awareness of cybersecurity in OT environments has been increasing in recent years and the result is materialising in a significant increase in security measures in different aspects of industrial plants. This includes microcontrollers which, however small they may be, can be a source of major problems if they are not configured correctly.