You don’t hear about secure boot processes too often. But they’re extremely important to the security of a system.
That’s why F-Secure’s Hardware Security team puts a lot of time into making, breaking, and studying secure boot schemes. Thanks to these efforts, they’re finding more and more products with flaws in their secure boot schemes. In fact, they recently disclosed two design flaws that attackers can use to compromise a particular system-on-chip (SoC) used in automotive, aviation, consumer electronics, and industrial components.
They found the flaws in Xilinx’s Zynq UltraScale+ SoC. Specifically, the problems are with the chip’s “encrypt only” boot mode. The first is an issue with the boot header parsing performed by the boot ROM. The second is a problem with the partition header table parsing. Attackers able to tamper with the boot header in the early stages of the boot procedure can modify its contents to execute arbitrary code, thereby bypassing the security measures offered by the “encrypt only” mode. Ultimately, this will give attackers the access they need to compromise confidential data and processes on the device.
Unfortunately, the first issue cannot be addressed with a software patch. And while the second issue could theoretically be fixed with an update, a patch would not be enough to prevent attacks, since the first issue would remain.
A more in-depth technical explanation of the flaws and the impact for affected organizations is available in an advisory posted by F-Secure’s Hardware Security team. But the most significant aspect of the discovery is that it’s an example of how secure boot implementations are sometimes being done without considering the security implications of the way software security is anchored in hardware.
“When anchoring security features and processes, such as secure/trusted boot, to the hardware, it is vital to secure the hardcoded ROM code against design or implementation flaws,” says F-Secure’s Head of Hardware Security Andrea Barisani. “For this reason, our testing and validation efforts often focus on this area as the impact of any vulnerability is, most of the time, replacement of the hardware itself which, for obvious reasons, is not always possible.”
F-Secure Hardware Security team’s unique blend of security engineering and cyber security consulting gives them a unique perspective on security. That’s why their expertise is often applied to securing critical systems used by the aviation, automotive, and industrial sectors.
The term secure boot commonly refers to the delicate interaction of hardware security features with firmware and software security measures aimed at ensuring that only authenticated code can ever be executed on a specific device. Typically, devices use secure boot procedures to ensure the integrity of encrypted content by only executing trusted code.
This disclosure mainly affects original equipment manufacturers that use these chips to enforce authentication and confidentiality in the firmware, assets, and runtime environment of components they build. F-Secure contacted Xilinx in June to notify them of the flaws. Xilinx has already issued an advisory and updated the Technical Reference Manual for affected products. Both Xilinx and Andrea recommend organizations use the “hardware root of trust” mode as an alternative to the “encrypt only” option.
But Andrea says that this case is indicative of a bigger problem with the current state of embedded connectivity and security (or a lack of it).
“With internet-enabled machinery finding its way into pretty much every single industry, we’re starting to notice more products with insecure ROMs and boot processes,” explains Andrea. “Vulnerable and unpatchable hardware components can and will cause big concerns in all kinds of equipment when organizations face scenarios where an insecure component, that’s integral to a critical system, needs to be replaced. Because that process can be extremely costly, or in some cases, impossible without replacing an entire system.”