I love this disclaimer that is often included in many data sheets for computers, “No computer system can provide absolute security under all conditions.” How true this statement is, but yet many military and aerospace computing platforms are frequently embedded in very mission critical applications that must be secure. Invasion from interlopers can bring a mission down. Increasing mobility of electronic platforms makes the challenge even more daunting. What are the major security issues designers need to be concerned with when developing embedded platforms? How can you reduce the risk of security intrusions when developing embedded platforms?


Computers are used in military and aerospace applications from IT to UAVs. The IT applications use server technology that has well established security protection built into the architecture but the UAV application has many embedded computing platforms that are not able to use much of the IT technology. In past years, protecting real-time, embedded platforms was a lower priority as each system was very isolated, but now, security is of paramount importance in embedded computing platforms, as more and more data is being transmitted and stored electronically. As platforms become more intelligent and connected, connected via wireless networks that are especially vulnerable, the concern for security has gained even more prominence.


Security Issues

Security is such a huge topic that it is hard to decide where to begin. I won’t be able to completely do the topic justice but at least I would like to be sure that your eyes are open to the basics. Risk is everywhere, hence the disclaimer at the introduction. Just when you think you might have a secure system, someone finds a vulnerability and brings down your platform. Short of a totally isolated system built with the highest degree of caution, a secure system is nothing but a dream. But understanding the types of security threats can at least help set some priorities and manage the risk.

In his book, “Security for Ubiquitous Computing”, John Wiley & Sons, Inc., Frank Stajano uses a well-established taxonomy to subdivide computer security threats into three categories, according to whether they threaten confidentiality, integrity or availability. Breaking security into these elements makes the evaluation of potential solutions easier and more effective.


Stajano describes confidentiality as the property that is violated whenever information is disclosed to an unauthorized principal. That may be a person or another computing device, either is relevant. Integrity is violated whenever the information is altered in an unauthorized way. It may be altered at a host or in transit between devices. Availability is the property of a system which always honors any legitimate requests by authorized principals. It is violated when an attacker succeeds in denying service to legitimate users, typically by using up all the available resources.


Security Management.jpg

Security Risk Management.


Security is critical from the hardware through the layers of software all the way to the end application. Each is important to ensure the most secure system possible. To manage your risk, you must be sensitive to security threats through the entire system architecture. Security starts at the processor. A foundation or root-of-trust must be established to provide security services upon which to build a robust security environment. Intel vPro technology was first introduced in 2006 and has been upgraded with several new features since then. It offers a strong foundation upon which to build a secure system. Much has been published on the Intel vPro technology and I leave that to you for further research.


Technology Overview




Intel® Trusted Execution Technology (Intel® TXT)

Establishes hardware-based root of trust to defend against software attacks at launch

Intel® Virtualization Technology (Intel® VT)

Works with Intel TXT to deliver built-in protection against malware and rootkit attacks

Intel® OS Guard

Delivers automatic “blanket” protection to defend against escalation-of-privilege attacks

Intel® Identity Protection Technology (Intel IPT) with public-key infrastructure (PKI)

Protects access points by working with authentication solutions to support hardware-based storage of tokens or certificates inside the platform

Intel® Advanced Encryption Standard New Instructions (Intel AES-NI)

Encrypts data up to four times faster without slowing performance or interfering with user productivity

Intel® SecureKey

Generates high-quality random numbers to enhance encryption for online transactions

Intel® Anti-Theft Technology

Offers tamper-resistant security to detect potential theft with the capability to automatically disable PCs

Intel® Advanced Management Technology (Intel® AMT)

Provides remote support for proactive threat management and diagnosing, isolating, and repairing an infected PC, regardless of operational state

Intel® Platform Protection Technology with BIOS Guard

Provides authentication and protection against BIOS recovery attacks; BIOS updates are cryptographically verified to ensure malware stays out of the BIOS

Intel® Platform Trust Technology and Intel® Boot Guard

Designed to work with Microsoft* Windows* 8., Intel Platform Trust Technology supports secure and measured boot, and Intel Boot Guard protects again boot block-level malware



The next layer of defense is at the BIOS level. The threat of attacks on the BIOS is growing with reports of intrusions at the BIOS level becoming more common. The National Institute of Standards and Technology (NIST) has released new security guidelines for updating the BIOS, the point at which the security threat is the greatest. Through new security guidelines – NIST SP 800-147, NIST is setting standards that require authentication of BIOS upgrade mechanisms.


BIOS providers have taken the security challenge seriously and offer suites of products providing multiple levels of security. They support the latest Intel vPro technology which allows users to manage, inventory, diagnose, and repair their systems in efficient, remote, and streamlined ways all without compromising system security. The BIOS providers support the NIST SP 800-147 guidelines and they offer multiple other security options to protect FLASH and other storage devices. Users prefer to keep as much of the security responsibility at the hardware and BIOS level as possible because that is where the defense is strongest.


Phoenix Technologies’ Phoenix SecureCore has an impressive suite of security support. American Megatrends (AMI) with its Aptio V UEFI BIOS compliant products features UEFI Secure Boot for enhanced platform security.


Operating System

Operating systems play many roles in providing increased levels of security. The most recent advancement became more feasible with the introduction of multi-core processors that enable the ability to run multiple instances of operating systems on one multi-core processor. This has led to hypervisor architectures that can protect key elements of the software environment. Real-time operating system suppliers have made hypervisors a key part of their product portfolios.


Green Hills Software demonstrates an excellent example of how important security is to an operating system supplier. They have a dedicated business unit, INTEGRITY Security Services (ISS) business unit, to address the growing need for more secure software. ISS packages the INTEGRITY operating system with a toolkit to provide reliable and authenticated security software that can ensure these ubiquitous embedded devices remain secure.


ISS toolkits are based on the Green Hills proprietary Federal Information Processing Standards (FIPS) compliant Cryptographic Toolkit. The ISS Cryptographic Toolkit meets the latest government standards and also provides the underlying FIPS compliant cryptographic primitives for use with a comprehensive compliment of security protocols. The toolkits are designed to be small, scalable and certifiable by the US Government. Support is available for Windows, Linux, VxWorks, INTEGRITY and general-purpose operating systems on Intel processors.


ISS focuses on addressing:

  • Authentication - the process of ensuring that users, devices and software on a network are correctly identified.
  • Authorization - grants users and devices the right to access resources and perform specified actions.
  • Network Access Control - mechanisms that limit access to the network to authenticated and authorized devices, software and users.
  • Confidentiality - using ciphers to transform data to make it unreadable to anyone except those authorized and authenticated to view the data.
  • Integrity - checking mechanisms are designed to detect unauthorized changes to transmitted data through the lifecycle of a device, software and data.
  • Remote Management - a method to monitor, update and manage remotely manufactured and fielded devices.


Delivering end-to-end security solutions

A connected battlefield is critical to our Armed Forces' success. As multiple classifications of data are transmitted to more devices and vehicles on the battlefield; the requirement for a high assurance, portable encryption toolkit is critical.


Attacks on computers and networks continue to proliferate in spite of extensive software approaches to prevent these attacks. Establishing a strong digital identity for both the user and the computer system through hardware-based security is a significant step beyond software-only strategies.

The defense community has made cybersecurity a top priority. In the push for defense programs to use more COTS, the dependencies on Intel Intelligent System Alliance members and their products only becomes greater. Security never rests as defense systems shift to Intelligent Systems. New breaches are discovered and technology shifts to address the breaches.


I would love to hear more about your experiences as a system designer and what you have done or plan to do to manage security risks.



Learn More


Solutions in this blog:


Related topics:


American Megatrends (AMI) is an Affiliate member of the Intel® Intelligent Systems Alliance.

    Contact American Megatrends>>
Green Hills Software, Inc. is an Affiliate member of the Intel® Intelligent Systems Alliance.

    Contact Green Hills Software>>
Phoenix Technologies is an Affiliate member of the Intel® Intelligent Systems Alliance.

    Contact Phoenix Technologies>>

Jerry Gipper

OpenSystems Media®, by special arrangement with Intel® Intelligent Systems Alliance

Editorial Director, OpenSystems Media, VITA Technologies