Ensure a victory against attackers
The Internet-of-Things is extremely important today, and security is essential for a smooth running IoT. To achieve this, it is crucial we solve the main challenge of secure identities for constrained IoT devices and find efficient ways to deal with the many identity technologies in use.
The sensors we deploy are gathering data that we use to generate decisions or feed important machine learning, and we need to be able to trust the root data being used. Likewise, distributed actuators need a way to trust the commands that they receive. Yet, time and time again, we hear about attacks on Internet of Things (IoT) devices — simple attacks that exploit things like USB drives or default passwords – and the news is accelerating. Attacking “things” is the new fashion. With the number of “things” easily measured in billions, is it any wonder the IoT is such a rich target?
It may seem paranoid to fret about criminals hacking your refrigerator or reprogramming your coffee machine, but as more devices join the Internet of Things (IoT), those concerns are becoming common. IoT security is becoming a bit concern, especially in personal devices like mobile phones and health trackers. Thankfully manufacturers (including us) have devised hardware-based encryption and security that can make the IoT much more secure.
The many threats to IoT security
As with any embedded system, IoT designs face a continual stream of threats. As hackers employ new attacks, developers hurry to close security holes. In deployed devices, the need to update IoT firmware adds to potential weaknesses in security. For example, even the use of a simple firmware validation check can leave the software exposed. In this situation, developers might hope that querying some external resource for validation might catch attempts to replace firmware with hacked code. Yet, even relatively novice hackers can replace firmware with code that ignores such validation checks.
Use of encryption alone to lock down firmware offers no sure remedy. Even encryption can fall to attacks such as chosen ciphertext attacks, where hackers determine the encryption key by studying the target system’s decryption process. These types of attacks can be difficult to mitigate, but the use of authentication with encryption is known as an effective defense.
Security as a major challenge to the IoT’s growth. But semiconductor companies can help overcome these problems and capture significant value by providing security solutions across industry verticals.
The rise of the IoT security chip
With the ever-expanding landscape of the internet of things, we are now in an environment where every semiconductor and chip IP vendor is, or soon will be, launching their own “security” chip. No matter the type of IoT product, all security is moving deeper into hardware, and ultimately down to the silicon layer. In order to explain how we arrived here, it’s necessary to first take a look back.
GPC chips to ASICs
A good place to start is general-purpose computing chips (GPC chips). One of the biggest purveyors of GPC chips is Intel, followed by AMD. These chips exploded in popularity in the 1990s because they could do everything well; consequently, billions of them were sold. But over time, especially as products began shrinking in size during the last decade, gradually there was a shift towards application-specific integrated circuits (ASICs). (Make no mistake, Intel did, does and will continue to sell millions of general-purpose processors. However, its meteoric rise in the 1990s and 2000s has been tempered of late. IoT and small device forays have failed, for example, the Edison line.)
Better known as specialty chips, ASICs rose in popularity as companies realized they didn’t need very powerful GPCs, but rather only parts of them to perform basic tasks. As a result, these new smaller chips increasingly became more common. Then, as early IoT devices were introduced, device makers found these chips were ideal due to the smaller size, lower power consumption and lower cost, along with the fact that they could be produced at mass scale. ASICs fit the bill well.
This shift also led to the next phase of specialty semiconductors: power control chips by Infineon, graphics chips by NVidia, automotive chips by NXP and so on. Following that, companies saw that manufacturers were creating specialized chips geared towards security. Mobile was also growing steadily at this time, further pushing the need for smaller chips as phones gradually added more varied sensors and capabilities.
Secure silicon and the supply chain
The market has now reached a point where most mature and respected semiconductor companies want to have a security play. For example, Infineon makes Trusted Platform Modules while other companies, like Renesas, produce secure microcontroller units (MCUs). This is a fascinating evolution since we began with companies creating security software running on general-purpose chips, but then slowly started moving down the layers to companies selling secure MCUs capable of tasks such as key generation, secure key storage and boot verification. Originally, these security functions were relegated to software, but now the MCU is handling these natively through APIs.
Companies like Xilinx also have security capabilities within more advanced chips, field-programmable gate arrays, while STMicroelectronics is releasing products like its ST-Safe line.
What we are also now witnessing is increased interest in secure memory. Consequently, products like Micron’s Authenta are now going to be natively capable of various security capabilities, such as health monitoring, including previously mentioned functions such as secure key storage.
Thus, we have now reached the point where the industry is talking about secure silicon, a space where companies like Intrinsic-ID play a leading role. Silicon-rooted security will be used to anchor everything on top of it. As a result, you will be able to trust your silicon chip and move all way up to applications, as well as uniquely identify devices at the hardware level.
However, as with any important development, there are also inherent risks. In this case, it’s that all IoT security chip makers will need to take great pains to understand where they source their silicon from. Consequently, a trust chain – and, in this case, a trusted supply chain — will be critical to ensure authenticity.
Trust chains or anchors must be strong as well as neutral. Some trust anchors are hardware based while others are rooted in software.
Some of the device hacks we are seeing today could be avoided. Implementing strong security standards early on is important step to avert future attacks. It’s worth noting that companies don’t need to install expensive chips on every device. As long as they are doing what they can to secure their devices, it will make it that much harder for hackers to be successful. And with the new IoT Cybersecurity Improvement Act of 2017 taking shape, the reality is that compliance and regulation is not too far down the road. The smart thing to do is to stay ahead of the curve and build security into the product design.
PKI’s important role in the IoT security chip
A critical element to successful IoT security chips will be public key infrastructure (PKI). All IoT devices with these chips will require a strong identity, which will then be used for secure authentication. Devices will need to prove who they are and not something else. They will even generate their own identity and store it safely, courtesy of PKI. In addition, it is conceivable that every device will have a certificate to prove its trustworthiness. And that is the one of the biggest goals of the internet of things: to create a trustworthy global system of systems. In that world, the chances of unauthorized access will be greatly reduced.
The chip has come a long way in the last several decades. It has gone from being massively powerful but also power hungry, to gradually dwindling to miniature size and form. Now, as we enter the age of the IoT chip, billions of devices and machines will be connecting with one another. It may take several years, but hopefully over time most device-makers will ultimately choose a secured IoT chip, ensuring that only approved devices and systems are communicating with each other. By doing so, they will be taking a bold step to certify the security of their devices — and ensure a victory against attackers.
Khor Hwai Lin, Head of Sales & Business Development, Chipcard & Security, Infineon Technologies Asia Pacific Pte Ltd
A successful attack on an IoT device or system can have a significant impact on users, device manufacturers and service providers. The repercussion is felt both in the physical and the cyber worlds. An attack may expose confidential information such as private user data as well as know-how, intellectual property and process intelligence. In addition, it can lead to interruption of operations and even endangerment of company’s brand reputation. The types of risk associated with IoT vary depending on the application. (i.e. smart home, Industry 4.0, Connected Car, Information & Communication Technology, etc.) The methods of attacks are common across. Eavesdropping attacks are aimed at discovering information (which may then be used in future attacks). Other attacks involve subverting or impersonating the server to send bad commands or injecting false information from devices with intent to cause an unwanted response or to hide a physical attack. To minimize risks, use tamper-resistant hardware Trust Anchors (Infineon’s OPTIGA™ family) in electronics design to secure your cryptographic keys and root certificates.
Security ICs are designed with security protection as a core functionality, unlike a general-purpose controller that focuses on performance and scopes. For instance, Infineon security controller has the Integrity Guard technology with full error detection capability for the complete data path. Dedicated dual CPUs constantly check on each other to establish whether the other unit is functioning correctly. Security ICs are equipped with full encryption over the complete CPU core and memories – meaning no more plain data. The design of the security chip alone impedes attacks and offers the highest level of protection.
Infineon OPTIGA™ product family is designed to deter four main attack scenarios on IoT devices; namely Fake device, Eavesdropping, Manipulation and Malware attacks.