Locking Out the Investigator: The Need to Circumvent Security in Embedded Systems

Read, Huw; Sutherland, Iain; Xynos, Konstantinos; Roarson, Frode

doi:10.1080/19393555.2014.998847

Cited by 3 publications

(4 citation statements)

References 5 publications

(4 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Liles et al (2009) explored the legal issues facing forensics experts which highlighted legal concerns including the interpretation of legislation. Read et al (2015) focused on the legal and ethical issues of jailbreaking and hardware modification to access devices, and Stoykova et al (2022) highlighted the legal and technical issues relating to the reverse engineering of file systems. Exploiting vulnerabilities in some cases provides the investigator access to devices that would otherwise be inaccessible.…”

Section: Prior Workmentioning

confidence: 99%

Legal and ethical issues of pre-incident forensic analysis.

Sutherland¹,

Bovee

Xynos³

et al. 2023

eccws

View full text Add to dashboard Cite

Investigators searching for digital evidence may encounter a variety of different IoT (Internet of Things) devices. Data in such devices and their environments can be both valuable, but also highly volatile. To meet best practices and to process these devices in an expeditious and forensically-sound manner, an investigator should have a predefined plan. Developing such plans requires prior knowledge developed through the exploration and experimentation of the “target” devices. The expanding variety, number, and pervasiveness of IoT devices means there is an increasing need for pre-incident analysis to ensure forensic tools and techniques acquire, preserve and document evidence appropriately. Many of these IoT devices have proprietary file- and operating-systems and may employ mechanisms to protect intellectual property by limiting or preventing access by researchers. Disassembly of the device and circumventing these mechanisms may be restricted by contract, end-user licence agreement (EULA) or legislation regarding intellectual-property rights. Legislative exclusions exist for security research, in some jurisdictions, permitting legitimate analyses. The pre-incident analyses of hardware to establish a forensic process bear some similarity to vulnerability and security research, however there are distinct differences in their end goals. This paper discusses the legal and ethical issues that may be encountered when conducting pre-incident forensics analyses focussing on IoT hardware. It highlights areas of particular concern, identifies best practice and subjects requiring future work as presented in the literature before providing a series of recommendations for forensics investigators processing these types of devices.

show abstract

Section: Prior Workmentioning

confidence: 99%

Legal and ethical issues of pre-incident forensic analysis.

Sutherland¹,

Bovee

Xynos³

et al. 2023

eccws

View full text Add to dashboard Cite

show abstract

“…Specific security countermeasures for RTES can be implemented in two stages: (i) identify specific attacks that could threaten the systems; and (ii) implement security-guaranteed services, overcoming the challenges of real-time performance and energy consumption [27]. The study in [88] showed how security measures could be circumvented in different platforms. This demonstrates the importance of highly robust solutions and their availability for a long period.…”

Section: B Security Countermeasures Of Essmentioning

confidence: 99%

“…A cyber-attack could produce severe consequences, e.g., the damage of all systems connected to the targeted system. Hence, it is important to consider the impacts and responses to potential cyber incidents, caused by attacks on these levels [95], [27], [130], [131], [126].…”

Section: ) Impact Of Cyber Attacksmentioning

confidence: 99%

Analytical Review of Cybersecurity for Embedded Systems

Aloseel

Shaw

et al. 2021

IEEE Access

View full text Add to dashboard Cite

To identify the key factors and create the landscape of cybersecurity for embedded systems (CSES), an analytical review of the existing research on CSES has been conducted. The common properties of embedded systems, such as mobility, small size, low cost, independence, and limited power consumption when compared to traditional computer systems, have caused many challenges in CSES. The conflict between cybersecurity requirements and the computing capabilities of embedded systems makes it critical to implement sophisticated security countermeasures against cyber-attacks in an embedded system with limited resources, without draining those resources. In this study, twelve factors influencing CSES have been identified: ( 1) the components; (2) the characteristics; (3) the implementation; (4) the technical domain; (5) the security requirements; (6) the security problems; (7) the connectivity protocols; (8) the attack surfaces; (9) the impact of the cyber-attacks; (10) the security challenges of the ESs; (11) the security solutions; and(12) the players (manufacturers, legislators, operators, and users). A Multiple Layers Feedback Framework of Embedded System Cybersecurity (MuLFESC) with nine layers of protection is proposed, with new metrics of risk assessment. This will enable cybersecurity practitioners to conduct an assessment of their systems with regard to twelve identified cybersecurity aspects. In MuLFESC, the feedback from the systemcomponents layer to the system-operations layer could help implement "Security by Design" in the design stage at the bottom layer. The study provides a clear landscape of CSES and, therefore, could help to find better comprehensive solutions for CSES.INDEX TERMS Characteristics of embedded system, countermeasures, embedded system, cybersecurity of embedded system, MuLFESC, risk assessment.

show abstract

“…Several hacks have been developed that circumvent the security measures on the 3DS and allow third-party (homebrew) applications to be installed. As discussed in [23], these mechanisms could be used as new vectors to extract data from embedded systems. In the case of the 3DS, a number of applications and game titles have been shown to be exploitable.…”

Section: Forensic Valuementioning

confidence: 99%

A Forensic Methodology for Analyzing Nintendo 3DS Devices

Read

Thomas

Sutherland³

et al. 2016

IFIP Advances in Information and Communication Technology

Self Cite

View full text Add to dashboard Cite

Handheld video game consoles have evolved much like their desktop counterparts over the years. The most recent eighth generation of game consoles are now defined not by their ability to interact online using a web browser, but by the social media facilities they now provide. This chapter describes a forensic methodology for analyzing Nintendo 3DS handheld video game consoles, demonstrating their potential for misuse and highlighting areas where evidence may reside. Empirical research has led to the formulation of a detailed methodology that can assist forensic examiners in maximizing evidence extraction while minimizing, if not preventing, the destruction of information.

show abstract

Locking Out the Investigator: The Need to Circumvent Security in Embedded Systems

Cited by 3 publications

References 5 publications

Legal and ethical issues of pre-incident forensic analysis.

Legal and ethical issues of pre-incident forensic analysis.

Analytical Review of Cybersecurity for Embedded Systems

A Forensic Methodology for Analyzing Nintendo 3DS Devices

Contact Info

Product

Resources

About