Yocto Kernel Development & Security Hardening

A profitable and successful device is a secure device – but in a world of threats, how do you secure your device and ensure it has a chance to find its market and deliver for end-users?

Yocto Kernel Development & Security Hardening

This is a key strategy to adopt and, in the article below, we’ll outline:

• What security hardening is,
• Why it is important for Linux devices,
• How you can leverage your Linux BSP to reduce vulnerabilities,
• How Yocto Kernel Development plays a part in security hardening,
• And we’ll provide examples of how Witekio customers have relied on our Yocto expertise, to improve and upgrade the security of their market-leading smart and connected devices. 

This is a one-stop-shop article for all your Yocto Kernel Development & Security Hardening needs! (easy for you to say).

It’s not a trick question and the answer is as straightforward as you think:

Security hardening is the specific steps, actions, updates and changes applied in an effort to better secure a system by reducing its attack surface.

Many actions can be taken to harden the security of a system or a device. Some common examples include: 

• Removing unnecessary software and services to ensure that only the software and application layers required for the effective running of the device remain 
• Removing unnecessary users to ensure that only those with current credentials and permissions can use the device 
• Controlling network access by, for example, installing a firewall to prevent the device from communicating with malicious actors, and to prevent the access of the device by those actors 
• Adding intrusion detection capabilities so that security teams are alerted should a bad actor gain attempt to gain or succeed in gaining access to a device 
• Removing or improving default users and passwords to avoid the problem of predictable attacks on easily accessible user accounts with simple passwords 
• Updating embedded software, applications, and operating systems to remove vulnerabilities and help protect a device from an attack vector through an OTA update 

There are many reasons why security hardening should be on the agenda of device vendors, but there are three in particular that are most often chief concerns. 

First. As an increasing number of Linux devices connect to the internet, these devices are becoming popular attack surfaces for people with malicious intent. The ease of connecting and deploying these devices to enterprise wireless internet systems is a significant selling point. But also makes them yet another target for those seeking to exploit those same enterprise systems. 

Second. Attackers are becoming more aware of Linux devices. As Scott Murray of the Konsulko Group explained at the Yocto Project Virtual DevDay in 2020, it’s trivial to scan all IPv4 devices using a search engine like shodan.io, the world’s first search engine for connected devices. Customers, in turn, cannot be relied upon to follow vendor guidelines and may connect their devices directly to the internet, and Universal Plug and Play may make services on a device unexpectedly visible. 

Third. The attacks on connected Linux devices may not be direct. Devices might instead be leveraged as part of a criminal botnet or as part of a DDoS attack. Such security breaches are not directly targeting the data on the device, nor its core functionality, but rather exploiting its connected status and processing power to execute code that enables an attack on a second device, enterprise, or server. 

This is why security hardening is a priority for device vendors and a consistent focus for embedded software and connected device developers. And for Linux devices and developers, Yocto is often an important arrow in their quiver. 

A device’s Board Support Package (BSP) is a fundamental component of security hardening. A well-optimized Linux BSP helps ensure seamless compatibility between device drivers, kernel modifications, and software libraries. A typical board support package will include a unique set of device drivers for the embedded device to interact with its hardware components. If these device drivers are poorly implemented or outdated, they may contain vulnerabilities that attackers could exploit to gain unauthorized access to the device or its data.

A weak board support package may also lack features such as secure boot mechanisms, allowing attackers to tamper with the boot process and compromise the integrity of the device’s software stack. Getting your Linux BSP development right can help improve access control mechanisms, cryptographic libraries, and secure communication protocols, making sure that your device is hardened from the ground up.

There’s a popular Chinese proverb that goes something like this: 

The best time to plant a tree was 20 years ago. The second-best time is now. 

When it comes to security hardening, the same rule applies. 

Ideally, development on the Kernel and hardening of the attack surface before a device is released to the market. By adopting a security by design approach, the Kernel can be developed to minimize the attack surface and deny bad actors the capacity to exploit the device. Pre-release kernel development to harden the security gives a vendor more confidence moving forward and makes the new device less of a target in a world of billions of connected devices.

Witekio engineers regularly work with clients to harden their security and a small team of developers can rapidly reduce the attack vectors that a vendor’s device is open to. 

Sometimes, however, a device is already on the market when, for one reason or another, there is a need for development work on the Linux Kernel to harden the device against a new security threat. Even in cases where a device has been hardened before release, it might be necessary to push updates to an OS or update drivers to ensure the device is safe (or really: safer) from bad actors. 

A couple of recent examples of Yocto Kernel Development & Security Hardening by the Witekio team include the smart ticketing solution market leader Masabi, and vending machine leader Evoca and their new software systems. 

Masabi turned to Witekio for our embedded Linux expertise, our knowledge of system security, and our knowledge of connectivity. As this smart ticketing solution involved sensitive data, we undertook a cryptography investigation and advised Masabi on the integration of cryptography elements to secure their solution.

The Masabi ticketing solution went to market as a fully innovative and secured solution, enabling ticket validation across all modes of public transit and used by numerous public transportation providers around the world. 

Evoca, too, sought out Witekio for its expertise in low-level software customization, system design, and software architecture, and experience in both Qt and Yocto kernel development.

With the vending machines accepting and processing payments, security is a must and the Witekio team customized a Linux Yocto 1.6 BSP to run on the new machines and its secure software platform. This secure platform eased and accelerated innovation, and protected Evoca and its partners after deployment at sites and on machines worldwide.

The Solution?

Drawing from over 20 years of expertise in IoT device security, embedded systems security, and software development, we understand the inherent risks and vulnerabilities associated with every connected product. Our proficiency lies in identifying and patching these vulnerabilities. Whether you’re seeking assistance with enhancing the security or maintenance of an existing device or preparing to launch a new, smart, or connected device, Witekio’s seasoned team possesses the requisite knowledge and experience to transform IoT device security into a distinct competitive edge.