| Embedded systems -- manifesting the Internet of Things through automation of industries, businesses, and homes -- create an unprecedented attack surface for exploitation over cyberspace. This presents a conundrum for information assurance and cybersecurity planning. Scrutiny of cybersecurity threats is typically accomplished through conceptualization of academic models, with iterations on the cyber kill chain being the most recent; however, current vulnerability analyses must take into account a more flexible cyber kill chain expanded in scope for applicability to embedded systems. This paper synthesizes current security analyses in embedded systems and addresses both the depth and breadth of technical complexities involving threats to such devices with respect to the cyber kill chain model. Establishing this context expands the scope of the cyber kill chain to include alternative, shorter kill chains that are more closely representative of embedded system attacks. Weaknesses are found through underlying constraints inherent to embedded system design that enable adversarial action on objective while deviating from the typical intrusion model. Such findings suggest fewer steps are possible to achieve embedded system attacks than in intrusion-based cyber kill chains. Borrowing from existing system engineering models, and focusing on embedded system constraints as a point-of-failure, alternative kill chains are suggested. Considering that kill chain steps must be uninterruptible to accomplish an action on objective, representing embedded system attacks in a reduced number of steps illustrates where security practitioners can focus defensive effort. This paper proposes shorter, alternative kill chains expanded for embedded systems. The shortest of these embedded system kill chains includes the following three steps: reconnaissance, exploitation, and action on objective. |
