Security Considerations¶
Remote updates¶
The new Homebase generation (EWG5/6) use HTTP and its standard port 80 for remote firmware updates. The Homebase periodically checks the Energomonitor’s provisioning server and if update is ready for given serial number, the firmware binary is downloaded via HTTP GET request.
The HTTP GET request is always initiated from Homebase and contains serial number and current firmware version. If new firmware is ready on server, the response will contain firmware binary data. The Homebase will save them in flash memory and then restarts itself.
This update is done by bootloader application permanently stored in dedicated section of flash memory. This bootloader cannot be deleted, changed or disabled without direct access to Homebase itself.
The update process does not use DNS, the IP address of the provisioning server is fixed, so attacker cannot use any kind of DNS attack.
The only possible attack is Man In The Middle. If attacker can redirect TCP connection from Homebase to his server (on the public internet route), the bootloader can download wrong firmware. This firmware will be stored in flash memory and then executed. If firmware is not correct, the MCU will stop and restarts bootloader. Also, the Energomonitor’s provisioning server periodically checks if device is working correctly and any suspicious behavior can be detected.
To successfully imitate correct firmware behavior, the attacker has to have very detailed information about hardware, firmware and server side. Also the attacker’s firmware can be replaced by official FW at any time after attack is ended.
The Homebase contains very low power 8bit MCU with hardware implemented TCP/IP. It is not possible to run any kind of operating system (for example Linux) used by attackers. The attacker’s firmware has to be specifically implemented with detailed knowledge of hardware.
Sending measured data¶
Because of hardware limitations, there is no standard asymmetric encryption used for MQTT, thus the MQTT packets are send to server in plaintext. The MQTT payload (customer’s measured data and EWG configuration) are encrypted by standard AES128 (in CBC mode) and authenticated by HMAC-SHA256. AES and HMAC secret keys are stored in device’s memory during manufacturing and are unique for each Homebase. The secret keys are not transmitted via public network.