To know about UART Security protocols we will first understand what UART is. UART stands for Universal Asynchronous Receiver/Transmitter. A UART’s main purpose is to transmit and receive serial data. One of the best things about UART is that it only uses two wires to transmit data between devices.

UART is a character-oriented protocol that means data is sent byte by byte. In UART communication, the transmitter wire of the first device is connected with the receiver wire of the second device, and the transmitter wire of the second device is connected with the receiver wire of the first device.

How does UART Communicate?

• The Data frame of UART consists of the starting bit, main data then comes the parity bit, this parity bit is optional. some
• devices need this, some don’t. It is useful only if the devices need to check the error present in the data stream.
• Initially, the transmission line and reception line of the UART is high which indicates that the line is idle and there is no data transmission.
• When a Transmitting device wants to start the communication, it pulls the transmitter line low which means it goes to zero and due to this the receiver will understand that yes the transmitter wants to send the data.
• When the transmitting line goes low, it stays low for one clock pulse. After that there is a frame of 8 bits data that needs to be delivered at the receiver side, if there is 1 in the data it is shown as 5V in electronics hardware and 0 in the data is shown as 0V.
• After that parity bit comes, and finally, there is a stop bit to notify the receiver about the end of the communication.
• The stop bit is actually logic high, it stays high for one clock pulse and furthermore to notify the receiver.
• So basically UART data frame is a 10-bit data frame including start bit and stop bit if we use parity bit then it becomes 11-bit data.

Serial interfaces send data to-and-from systems,  on the other hand, parallel interfaces send multiple bits concurrently using multiple wires.

UART supports a wide range of RS-32, RS-422, RS-485 serial protocols. Examples of serial interfaces include Universal Serial Bus (USB), Recommended Standard No. 232 (RS-232).

Security Risks for using UART

Internet of Things (IoT) devices may support UART to send and transmit signals wirelessly. Manufacturers install UART interfaces on IoT boards to review serial console logs and complete any debug activity required. Since UART interacts with IoT devices, it is possible for hackers to infiltrate the UART shell and root shell. Shells manage user interaction with a computing system through an input-output interface. Hence, we have to take UART Security into consideration

If a cybercriminal gains access to the root shell, they can cause detriment to an organization. For example, hackers may:

• Infiltrate and reverse engineer firmware to see how to exploit it further
• Gain access to sensitive information such as certificates or API keys
• Examine communication protocols for vulnerabilities
• Target user devices, including company users and clients

Unfortunately, all it takes is a little hardware tinkering and persistence to compromise the UART interface. There are three UART connections: transmitter, receiver, and ground. All hackers need to do is locate the connections on a circuit board, connect with them – by using a serial connecter – and begin interfacing with the console to target the firmware.  Since root shell access is commonly enabled over UART, organizations must find ways to secure IoT UART interfaces.

How to Secure ?

UART Security is becoming important because there are plenty of UART-embedded IoT devices on the market today, plus an increasing amount of devices with IoT functionality being brought to market. But IoT applications are still in the early stages, with little security standards in place. The place to start is securing the hardware. In addition to the UART interface, the following IoT application interfaces should be protected:

Short Description

If you are a manufacturer of IoT devices, chances are firmware security is a top priority. If the firmware is important to protect, the easiest solution is to restrict customer access to the UART. Any individual who has UART access can infiltrate it and gain access to sensitive information, such as intellectual property.

Security Policies

IoT devices expand upon an enterprise’s attack surface. Therefore, it is important to implement cybersecurity policies that protect the way data is collected, processed and stored. Take an inventory of the IoT devices your organization has connected to a network. Network management tools will help your organization to conduct an audit and take an inventory of the devices that have IoT operating. Solar Winds Network Performance Monitor, Paessler PRTG ManageEngine OpManager each offer network management tools.

Implement a Secure IT Network Architecture

With IoT devices, take proper care to secure your network – from hardware devices to software applications. We should apply Basic security restrictions such as “least privilege” and “need to know” to users accessing your network. According to the US Department of Homeland Security, an organization can take the following precautions to secure their IT network:

• Separate and segment networks according to function: this will not only prevent intruders from taking control of data and devices, but it will also restrict the amount of lateral movement a hacker can make throughout the network. Placing routers in between networks will segregate them, enabling network administrators to control and filter traffic. In the event of a data breach, organizations can shut down network segments, while protecting the others.
• Tools such as private virtual LANs helps to isolate users throughout user domains. Install Virtual routing and forwarding      (VRF) technology, which will separate traffic over multiple routing tables simultaneously on a single router.

• Restrict lateral communications to the most necessary ones: secure networks for lateral communications, including peer-to-peer. Filtering Communications between workstations makes it difficult for a hacker to find a vulnerable spot from which he can launch a cyberattack. These backdoors will hinder an organization’s cybersecurity defenses. Firewalls can help to restrict traffic flow between hosts in a network.