Uprooting Trust: Learnings from an Unpatchable Hardware Root-of-Trust Vulnerability in Siemens S7-1500 PLCs

Over the past decade, low-cost hardware crypto-coprocessors have become an attractive solution for improving device security on embedded systems. Relying on dedicated components to offload security operations, however, presents unique challenges to overall system security. When implemented incorrectly, these components may be abused by adversaries to infiltrate Root-of-Trust (RoT) protections and compromise the greater system. Unlike software-based RoT, when a hardware-based RoT is found vulnerable to tampers there are few remedies to ‘patch’ or defend against attacks. This work presents a case study for addressing realworld security practices related to implementing hardware RoT for embedded systems via discrete co-processing components. Furthermore, we identify design fallacies, which we have encountered with increasing frequency in commercial embedded systems. Through this investigation, we provide practical mitigating solutions for integrating secure RoT peripherals for use on embedded hardware. Specifically, this assessment is conducted by uncovering novel vulnerabilities related to the discrete RoT implementation on the Siemens S7-1500 series Programmable Logic Controllers (PLCs). Our findings are cautionary evidence of how tlawed assumptions related to RoT implementation may allow malicious actors to spoof authentication credentials, re-encrypt firmware, and ultimately gain covert, privileged control over these devices without invasive or destructive practices.