Description
Place: Online
Language: English
Request more information
Magnus Kindberg (SE, NO)
Phone: +46 (0)40 59 22 22
magnus.kindberg@nohau.se
Heidi Lehtomäki – Finland
phone: +358 40 196 0142
heidi.lehtomaki@nohau.fi
Klaus Ahrensbach – Denmark
Phone: +45 3116 1019
ka@nohau.dk
Secured Embedded Linux Platform Build
The security of embedded systems is important today and even more in the future.
Linux is dominant as an operating system for embedded devices. Even if there is no great ‘attack’ interest in the device itself, the embedded device can be a gateway for malware to access other systems.
In this course, you will learn the various options for secure boot and installation, as well as cryptography. You will learn how to build and start Linux in different environments such as ARM but also on RISC-V and X86_64 platforms.
You learn to use the OP-TEE environment (Open Portable Trusted Execution Environment) in practical exercises. This course is a prerequisite for the Linux hardening course.
Objectives:
• Implementing secure boot
• Verifying the authenticity of system components before they are loaded and executed.
• Ensure the authenticity and integrity of the bootloader, kernel.
• Implements the Trusted Boot
• Provides a secure environment for the secure monitor firmware.
• Run OP-TEE on secure environment that runs alongside the main operating system.
Course Format:
• Online course, 2 days, 6 hours each (excluding break time) total 12 hours.
• From 40% to 50% of training time is devoted to practical activities.
• Labs are conducted on QEMU ARM-based board.
Prerequisites:
• C Language knowledge
• Embedded Linux Build knowledge
For in-house training the agenda can be adapted to your needs. Please ask!
Linux overview
- Linux history
- Linux architecture and modularity
- Linux system components
- The various licenses used by Linux (GPL, LGPL, etc)
Boot Chain
- Low-level boot
- Boot on NOR
- Boot on NAND
- Boot on SD/MMC/eMMC
- Multistage Boot
- Why do we need a trusted boot chain
- Security Concerns
- Confidentiality and Integrity
- Tampering Prevention
- Compliance and Certification
Secure Boot
- Secure Boot concept
- The chain of trust
- Complete secure boot process
- Key Management
- Introduction to key management
- Cryptographic algorithms and key types
- Key storage options: Hardware-based and software-based
- Key management processes: Generation and revocation of keys
- ARM-based platforms hardware features overview
- Secure Monitor
- Secure World
- Trusted Execution Environment
- Secure Boot on RISCV and X86_64
- Cryptographic Accelerators
- Software Solutions
- Open source
- Proprietary
First and Second Stage Bootloaders
- U-Boot
- Capabilities and features
- Configuration, customization, and compilation
- U-Boot SPL as First-Stage Boot Loader (SSBL)
- Role of u-boot in the trusted boot chain
- How U-Boot verifies the authenticity of the images it loads
- Configuration options for securing the boot process
- Interaction with the secure world and Trusted Execution Environment
- Signing U-boot
- Arm Trusted Firmware (ATF)
- Overview and features
- ATF Boot flow
- Services
- Build and deploy
- Other platform specific components
Secured Linux Image
- Introduction to Linux kernel
- Source code
- Configuration
- Compilation
- FIT (Flattened Image Tree) Image
- What is FIT and why is it used
- Advantages of using FIT image
- Configuration
- Building a Secure FIT Image
- Kernel Configuration for a Secure Linux Platform
- Configuration options for secure boot in the Linux kernel
- Access Control Configuration overview
Exercise: Boot the platform with the prebuilt image
Exercise: Generate keys that are going to be used for platform encryption
Exercise: Build and boot the platform with U-boot as FSBL and SSBL
Exercise: Build and Boot the platform with ATF as FSBL and U-boot as SSBL
Exercise: Create a secured FIT Linux image
Security Considerations when Creating a Root Filesystem
- Tips for hardening and securing a rootfs
- Minimizing the rootfs
- Strong authentication
- Keep software updated
- Using initramfs
- Read-only root filesystem
- Introduction to read
- only root filesystem
- Purpose and benefits
- Overview of the different solutions available
- SquashFS
- Explanation of what SquashFS is and how it works
- Pros and cons of using SquashFS
- Steps to create a SquashFS image
- Mount SquashFS image as a read-only root filesystem
- CramFS: Small memory footprint
- OverlayFS-based read-only root filesystem
- UnionFS-based read-only root filesystem
- Considerations when choosing a read-only root filesystem solution
- Evaluation based on use case, security, performance, and compatibility
- Encrypting Update Images
- Securely update Linux platform using Mender
Data encryption
- Why data should be encrypted?
- Data encryption implications
- Full disk encryption
- Overview and risk
- Encryption at a disk partition level or the whole disk
- How to use dm-crypt
- Other solutions
- LUKS
- TrueCrypt
- VeraCrypt
- File-based encryption
- How it works
- Using fscrypt
- Using eCryptFS
- Advantages and disadvantages of each approach
Open Portable Trusted Execution Environment (OP-TEE)
- Introduction to OP-TEE
- Key Features
- Hardware, software, and firmware requirements
- Architecture of OP-TEE
- Components, modules, and communication channels
- Use Cases
- Secure storage
- Secure communication
- Secure execution of applications
- OP-TEE build and deployment
- Setting up the environment
- Configuration of OP-TEE
- Compilation of OP-TEE
- Comparison to other TEE solutions
- Trusted Applications (TA) on OP-TEE
- The role of a TA in a secure system
- Writing a Trusted Application
- Loading and executing a Trusted Application within the OP-TEE runtime
- Debugging and testing Trusted Applications
- Communication between Trusted Applications and normal world applications
- Best practices for creating secure Trusted Applications
Exercise: Create a read-only file system using SquashFS
Exercise: Encrypt a partition
Exercise: Encrypt some files and directories
Exercise: Build and install OP-TEE
Exercise: Write a TA application that communicates with a normal world application