2.6 Embedded and Specialized Systems

Question 1

a combination of computer hardware and software designed for a specific function. [this] may also function within a larger system. The systems can be programmable or have a fixed functionality.
• Hardware and software designed for a specific function
– Or to operate as part of a larger system
• Is built with only this task in mind
– Can be optimized for size and/or cost
• Common examples
– Traffic light controllers
– Digital watches
– Medical imaging systems
SoC (System on a Chip)
• Multiple components running on a single chip
– Common with embedded systems
• Small form-factor
– External interface support
– Cache memory, flash memory
– Usually lower power consumption
• Security considerations are important
– Difficult to upgrade hardware
– Limited off-the-shelf security options

Answer 1

Embedded systems

Question 2

semiconductor devices that are based around a matrix of configurable logic blocks (CLBs) connected via programmable interconnects. [this] can be reprogrammed to desired application or functionality requirements after manufacturing.
• An integrated circuit that can be configured
after manufacturing
– Array of logic blocks
– Programmed in the field
• A problem doesn’t require a hardware replacement
– Reprogram the FPGA
• Common in infrastructure
– Firewall logic
– Routers

Answer 2

Field-programmable gate array (FPGA)

Question 3

[this(a)] a category of software applications for controlling industrial processes, which is the gathering of data in real time from remote locations in order to control equipment and conditions.
[this(b)] a collective term used to describe different types of control systems and associated instrumentation, which include the devices, systems, networks, and controls used to operate and/or automate industrial processes.
• [this(a)]
– Large-scale, multi-site [this(b)]
• PC manages equipment
– Power generation, refining, manufacturing equipment
– Facilities, industrial, energy, logistics
• Distributed control systems
– Real-time information
– System control
• Requires extensive segmentation
– No access from the outside

Answer 3

(a) Supervisory Control and Data Acquisition (SCADA) / (b) Industrial control systems (ICS)

Question 4

the collective network of connected devices and the technology that facilitates communication between devices and the cloud, as well as between the devices themselves.
• Sensors - Heating and cooling, lighting
• Smart devices - Home automation, video doorbells
• Wearable technology - Watches, health monitors
• Facility automation - Temperature, air quality, lighting
• Weak defaults
– [this] manufacturers are not security professionals

Answer 4

Smart devices / IoT (Internet of Things)

Question 5

Specialized (embedded systems)
• Medical devices
– Heart monitors, insulin pumps
– Often use older operating systems

• Vehicles
– Internal network is often accessible from
mobile networks
– Control internal electronics

• Aircraft
– DoS could damage the aircraft
– An outage would be problematic

• Smart meters - Measure power and water usage

Answer 5

Specialized (embedded systems)

Question 6

a technology that allows you to make voice calls using a broadband Internet connection instead of a regular (or analog) phone line.
• [this]
– Instead of analog phone line or the
– Plain Old Telephone Service (POTS)
• A relatively complex embedded system
– Can be relatively important
• Each device is a computer
– Separate boot process
– Individual configurations
– Different capabilities and functionalities

Answer 6

VoIP

Question 7

In the home or small office with a handful of computers, [this] is more for human comfort than the machines. In large datacenters, a humidity-free room with a steady, cool temperature is essential for the trouble-free operation of hundreds or thousands of servers. See server farm.
• [this]
– Thermodynamics, fluid mechanics, and heat transfer
• A complex science
– Not something you can properly design yourself
– Must be integrated into the fire system
• PC manages equipment
– Makes cooling and heating decisions for workspaces
and data centers
• Traditionally not built with security in mind
– Difficult to recover from an infrastructure DoS

Answer 7

HVAC (Heating, Ventilation, and Air Conditioning)

Question 8

Also known as a UAV (unmanned aerial vehicle), a flying device that is controlled remotely by a user. [this] fly using multiple propellers mounted on arms that extend from the center.
• Flying vehicle
– No pilot on board
• May be manually controlled from the ground
– Often with some autonomy
– Set it and forget it
• Extensive commercial and non-commercial use
– May require federal licenses
– Security and fail-safes are required

Answer 8

Drones

Question 9

Printers, scanners, and fax machines:
• All-in-one or multifunction devices (MFD)
– Everything you need in one single device
• No longer a simple printer
– Very sophisticated firmware
• Some images are stored locally on the device
– Can be retrieved externally
• Logs are stored on the device
– Contain communication and fax details

Answer 9

Printers, scanners, and fax machines (multifunction printer)

Question 10

a software component that rapidly switches between tasks, giving the impression that multiple programs are being executed at the same time on a single processing core.
• An operating system with a deterministic
processing schedule
– No time to wait for other processes
– Industrial equipment, automobiles,
– Military environments
• Extremely sensitive to security issues
– Non-trivial systems
– Need to always be available
– Difficult to know what type of security is in place

Answer 10

RTOS (Real-Time Operating System)

Question 11

a closed-circuit television system used to maintain close observation of a person or group. closed-circuit television - a television system that is not used for broadcasting but is connected by cables to designated monitors (as in a factory or theater)
• Video/audio surveillance
– Embedded systems in the cameras and the
monitoring stations
• Secure the security system
– Restrict access from others - Prevent a denial of service
• Physically difficult to replace cameras
– Accessible independently over the network
– May allow for firmware upgrades

Answer 11

Surveillance systems

Question 12

enables a new kind of network that is designed to connect virtually everyone and everything together including machines, objects, and devices.
• Fifth generation cellular networking
– Launched worldwide in 2020
• Significant performance improvements
– At higher frequencies
– Eventually 10 gigabits per second
– Slower speeds from 100-900 Mbit/s
• Significant IoT impact
– Bandwidth becomes less of a constraint
– Larger data transfers
– Faster monitoring and notification
– Additional cloud processing

Answer 12

5G

Question 13

a removable smart card for mobile cellular telephony devices such as mobile computers and mobile phones. [this] cards securely store the service-subscriber key (IMSI) used to identify a GSM (Global System for Mobile communication) subscriber.
• [this] card - A universal integrated circuit card
• Used to provide information to a cellular
network provider - Phones, tablets, embedded systems
• Contains mobile details
– IMSI (International Mobile Subscriber Identity)
– Authentication information, contact information
• Important to manage
– Many embedded systems, many [this] cards

Answer 13

Subscriber identity module (SIM)

Question 14

data communication and telecommunications tools, technologies and services that utilize a narrower set or band of frequencies in the communication channel. These utilize the channel frequency that is considered flat or which will use a lesser number of frequency sets.
• Communicate analog signals over a narrow range
of frequencies
– Over a longer distance - Conserve the frequency use
• Many IoT devices can communicate over long distances
– SCADA equipment - Sensors in oil fields

Answer 14

Narrowband

Question 15

describes bandwidth and channels (the signal or system frequency). In terms of bandwidth, [this] baseband is the highest frequency (measured in hertz) used by the bandwidth, or the upper bound of the bandwidth
• Generally a single cable with a digital signal
– Can be fiber or copper
• The communication signal uses all of the bandwidth
– Utilization is either 0% or 100%
• Bidirectional communication
– But not at the same time using the same wire/fiber
• Ethernet standard - 100BASE-TX,
1000BASE-T, 10GBASE-T

Answer 15

Baseband

Question 16

a standards-based wireless technology developed to enable low-cost, low-power wireless machine-to-machine (M2M) and internet of things (IoT) networks. [this] is for low-data rate, low-power applications and is an open standard.
• Internet of Things networking
– Open standard - IEEE 802.15.4 PAN
• Alternative to WiFi and Bluetooth
– Longer distances than Bluetooth
– Less power consumption than WiFi
• Mesh network of all [this] devices in your home
– Light switch communicates to light bulbs
– Tell Amazon Echo to lock the door
• Uses the ISM band
– Industrial, Scientific, and Medical
– 900 MHz and 2.4 GHz frequencies in the US

Answer 16

Zigbee

Question 17

Constraints of Embedded systems:
• Not usually a fully capable computer
– Low cost, purpose-built
• Adds additional constraints
– May have limited or missing features
– Upgradability limitations
– Limits in communication options
• An ongoing trade off
– Low cost systems - Unique management challenges

Answer 17

Constraints of Embedded systems

Question 18

Constraints:
• Power - May not have access to a main power source
– Batteries may need to be replaced and maintained
• Compute
– Low-power CPUs are limited in speed
– Cost and heat considerations
• Network
– May not have the option for a wired link
– May be in the middle of a field
– Wireless is the limiting factor
• Crypto
– Limited hardware options
– Difficult to change or modify cryptography features
• Inability to patch
– Some IoT devices have no field-upgradable options
– Upgrade options may be limited or difficult to install
• Authentication
– Security features are often an afterthought
– Limited options, no multi-factor, limited integration
with existing directory services
• Range
– Purpose-built - usually does one thing very well
– May not provide much additional functionality
• Cost
– Single-purpose functionality comes at a low cost
– Low cost may affect product quality
• Implied trust
– Limited access to the hardware and software
– Difficult to verify the security posture

Answer 18

Constraints

Question 19

a low cost, credit-card sized computer that plugs into a computer monitor or TV, and uses a standard keyboard and mouse. It is a capable little device that enables people of all ages to explore computing, and to learn how to program in languages like Scratch and Python.

Answer 19

Raspberry PI

Question 20

• an open-source electronics platform based on easy-to-use hardware and software. [these] boards are able to read inputs - light on a sensor, a finger on a button, or a Twitter message - and turn it into an output - activating a motor, turning on an LED, publishing something online.
• designed to make electronics more accessible to artists, designers, hobbyists and anyone interested in creating interactive objects or environments.

Answer 20

Arduino