Hardware-based trust anchors are key for connected applications and smart services, whether for a robotic arm in the smart factory or automated air conditioning in a private home. The new OPTIGA™ Trust M solution from Infineon Technologies helps manufacturers to enhance the security of their devices while at the same time improving overall system performance. The single-chip solution securely stores unique device credentials and enables devices to connect to the cloud up to ten times faster than software-only alternatives. It is ideal for industry and building automation, smart homes and consumer electronics.
In an exclusive interview with Mr Guruprasad Vyasa, Country Head – Sales and Business Development for Connected Secure Systems, Infineon India spoke to EM more about IoT security, hardware based security platform and Infineon chip based security solutions and its advantages.
1.Which are the rising concerns about IoT Security?
From smart cars to smart factories, the Internet of Things (IoT) is transforming every aspect of modern life. Deployment of smart, connected devices delivers many benefits but also brings a very real threat of cyberattacks that can harm innocent users.
Building trust in and between connected IoT devices is the first step in a holistic strategy. Security must be understood as a number one priority and be integrated from the beginning. IoT devices need strong, tamper-resistant protection. This degree of protection cannot be provided by software alone – it needs hardware-based security.
2.What are the IoT security challenges?
- The complexity of cyber-systems are increasing continuously due to increasing connectivity and the inception of new technologies like artificial intelligence and quantum computers
- The world of connected devices is a highly-fragmented, diverse one. For example, the type of cyber security required for a connected car varies from that of an automated factory (also known as “industry 4.0”) to a powerful computer on four tyres. Today a modern vehicle may generate 25 GByte each hour. For autonomous vehicles it could increase up to 1TByte per hour. Some data are confidential and some data can be linked to a person. Cybersecurity, safety and privacy therefore receive a high priority.
- Technologies and methodologies of cyberattacks are also continually changing
- There is no ‘one size fits all’ approach, nor a security reference design that can be described as ‘the’ IoT security solution; the IoT markets are highly fragmented and come with their specific requirements
- However, demand for security is increasingly seen – yet the market needs trusted, reliable and easy to integrate solutions as often IoT device manufacturers are no security experts.
3.Can you highlight the importance of hardware based security solutions and how it works?
Companies who are looking for a security solution need one that is equally easy to use – in terms of fast integration and time to market – and trustworthy. Unlike software-only solutions a hardware-based solution is strong, tamper-resistant and provides a solid foundation. In addition Infineon´s independently-certified hardware security solutions are pre-integrated and therefore easy to integrate into any system.
4.How will you prove your security solution as trusted?
Security for the IoT revolves around three main concepts: Confidentiality, Identity and Integrity. These concepts can be expressed as questions. Is the transfer and storage of sensitive data protected? Are the components of the IoT system (device, server, etc.) what they claim to be or are they digitally disguised? Have the components been compromised or infected?
A Root of Trust is the best way that these questions can be positively answered. The Root of Trust is a security chip hardened against attacks and integrated into the IoT device, network, or server. Depending on the intended application, the chip used can provide different levels of protection that fulfil some or all of the roles for hardware security illustrated.
5.Tell us about your OPTIGATM Trust M products and its key features?
The OPTIGA™ Trust M is a high-end security solution that provides an anchor of trust for connecting IoT devices to the cloud, giving every IoT device its own unique identity. This pre-personalized turnkey solution offers secured, zero-touch onboarding and the high performance needed for quick cloud access.
OPTIGA™ Trust M offers a wide range of security features, making it ideal for industrial and building automation applications, smart homes and connected consumer devices.
The turnkey set-up with full system integration minimizes design, integration and deployment effort.
More information can be found on our webpage: http://www.infineon.com/optiga-trust-m
6.What exactly mean by ‘Anchor of Trust’?
Secured Identities for machines provide the anchor for implementing any measures to protect electronic exchange and storage of data. As known from daily life where ID cards or passports are used for identification of humans, secured identities are used by machines to reliably identify each other. But even these secured IDs digitally stored on machines could become the subject of attacks and theft.
Hardware-based security solutions based on security chips are the best way to efficiently protect machine identities as well as data and communication. Security controllers provide a greater level of security than concepts that are purely software-based as it is relatively simple to read and overwrite software.
Silicon manufacturers such as Infineon Technologies use highly secured, certified processes to personalize hardware trust anchors, i.e. providing a secured identity to each security chip. This often includes a set of keys and certificates stored on the chip in order to allow other devices in the industry automation system to securely authenticate a remote device, to build up a secured connection, and exchange data in a protected way.
Proper hardware anchors are security-certified components that are also equipped with measures to protect them against physical attacks. As such, they offer protection during transit. In other words, a hardware anchor protection is so robust that it does not need special security measures to be shipped using cost-efficient logistics channels. This not only applies to shipping the security chip itself but, more importantly, also to shipping devices that contain a hardware anchor with customer-specific keys. These physical protection capabilities can reduce costs particularly during installation and delivery processes.
7.What are the targeted applications of this solution?
Smart Cities: The city of Los Angeles’ replacement of municipal street lighting with LED lamps reportedly led to annual savings of $8 million in electricity costs (60% reduction in energy use).1,2 Now, wireless connectivity to a network control centre is expected to lead to further savings in maintenance while creating a dynamic system that improves safety. Such connected environment will require higher security protection to prevent attackers intruding the city network.
Smart Buildings: In New York, smart building technology is helping a real estate firm reportedly saves approximately $1 million in operating costs in a single office building. 5 This savings will add up quickly; the City of New York estimates that as much as 75% of energy related emissions in the city can be better managed through use of such smart building technology.3 Additionally, it was reported that the firm is working with technology providers to mirror these savings in smaller buildings it owns and ultimately find ways to make the technology available even to residential homes. Embrace security design concept in the smart building systems from the beginning, as it is more difficult to have them retrofit and cost the developers and building owners more investments if this is not factor in from day one.
Smart Factories: Industry 4.0 is the IoT in production and networks the entire value chain. That means it connects machinery, products, people and systems so as to enable processes that are largely automated. Companies can produce goods more efficiently, flexibly and cheaply in a smart factory. In order to protect themselves, companies must take security into account from the outset in Industry 4.0 projects. That includes keeping systems state-of-the-art and installing security updates. A combination of software- and hardware-based security solutions can also protect machines and communication nodes.
Smart Homes: Smart home devices, which today represent about 25% of IoT devices, will see sales increase from $61 billion in 2015 to $490 billion in 2019, with home automation and security applications leading the way.4While smart home devices make life easier and energy efficient, unprotected smart home devices are a very attractive target for attackers who could break into home networks, steal and misuse sensitive personal data and even gain unauthorized access to smart homes. Moreover, connected smart home devices could be misused for larger scale attacks, such as DDOS attacks, that can take down entire server networks. Hence, security solution is important to protect households.
Connected Cars: Mobility of the future requires the exchange of huge volumes of data. Cars send real-time traffic information to the cloud or receive updates from the manufacturer “over the air”, for example to update software quickly and in a cost effective manner. The senders and recipients of that data, whether car makers or individual components in the car, require cryptographic security keys to authenticate themselves. Security solution generates, stores and administers security keys for communication within the vehicle. It is also used to detect faulty or manipulated software and components in the vehicle and initiate troubleshooting by the manufacturer in such a case. Hence, safety of the driver and passengers in a connected car are always protected.
Smart Meters: Smart Meters are emerging as a critical element of the grid’s interface between providers and end-consumers. They monitor energy consumption, communicate with devices in the household and gather all information required by the grid to efficiently allocate resources. Smart Meters and Gateways installed at the consumer must be protected against manipulation, in order to prevent power theft and to provide data security. Communication between the appliances concerned must be protected against any infiltration of incorrect data, in the same way as the services for computing energy consumption, billing and invoicing.
8.How do you envision the future trends in embedded security?
An increasingly connected world requires consumers, industries and policy makers to recognize and address the security risks of the IoT.
IoT systems like e.g. smart builidings or smart home are complex integrating a large number of devices and technologies. Securing the whole system is important as attacks may target to disturb the proper operation of the whole system or utilize single devices to gain access to the e.g. the company’s IT network and valuable data.
Infineon`s security solutions are based on market-leading competence and designed for easy integration into embedded systems to protect the confidentiality, integrity and authenticity of information and devices. These trusted hardware-based security solutions scale from basic authentication chips to more sophisticated security protection implementations. Ultimately the solution must be easy for designers, engineers and device manufacturers to incorporate into their systems so that embedded security is ubiquitous in this digital age.
1 “Los Angeles to upgrade street lights with GPS,” http://www.fiercewireless.com/tech/story/los-angeles-upgradestreet-lights-gps/2015-05-14
2 “LA’s Street Lights Can Now Be Wirelessly Controlled,”http://gizmodo.com/las-street-lighting-will-becontrolled-by-a-wireless-ne-1696359821?utm_expid=66866090-62._DVNDEZYQh2S4K00ZSnKcw.0&utm_referrer=https%3A%2F%2Fwww.google.com%2F
3 “New system lets buildings learn from energyuse,” http://www.capitalnewyork.com/article/cityhall/2014/12/8558111/new-system-lets-buildings-learnenergy-use
4 “IoT Innovations Offer Essential Benefits for People with Disabilities,” http://www.aapd.com/resources/power-gridblog/iot-innovations.html?referrer=https://www.google. com/