More companies recognize cybersecurity needs to be built-in from the beginning.
By Jeff Dorsch & Ed Sperling
Many people pay lip service to the concept of security in Internet of Things devices, software, and networks. That oversight is beginning to fade away, however, as companies begin digging into one of the broadest and most complex problems in the IoT age.
Unlike other technology issues, which have been solved in increments, security is all-inclusive. While hackers can infect a computer or even a system of computers with malware, the connections are broader, deeper and less well-managed in the IoT world. Connected systems can infect other systems with little or no human oversight.
“We see customers to this day wave their hands and say perimeter security is good enough,” said Felix Baum, senior product manager for runtime solutions in the Embedded Software Division of Mentor Graphics. He added there is a general perception inside of cars, enterprises, and houses that the outside world can’t see in. “This has proven to be incorrect. We have to consider enabling security with each and every IoT device. All aspects – every bit and piece of silicon goodness.”
Five years ago developers of secure systems would order a part from a vendor—such as NXP Semiconductors and its new subsidiary, Freescale Semiconductor—and “schmear security on top of the device,” Baum said.
NXP, which last month held its NXP FTF Technology Forum in Austin, Texas, where its Freescale unit is headquartered, now provides authentication measures in its chips going back three years or so, according to Baum. “The software running on the device is authentic,” he said, and it can “hide things away from Android and Linux.” Those are two of the most popular operating systems in IoT devices and systems.
Security is nothing new when it comes to computing. Companies such as Symantec, Trend Micro and Kaspersky Labs have built large businesses safeguarding PC data over the past couple of decades, starting with the widespread commercialization of the Internet in the early 1990s. But most of that effort was confined to software or network security. Hardware vendors rarely saw the need to add security into their products until the past few years because side-channel attacks and back doors were viewed as theoretical rather than real. Even where vendors did offer security features, such as Texas Instruments’ OMAP architecture, those security hooks were rarely utilized.
Much has changed since then. Over the past year, in particular, hardware vendors are becoming much more concerned about security. This is partly due to greater awareness that hardware can be breached, and partly due to demands from makers of safety-critical systems, such as automobiles, which are looking to minimize legal liability. Whether that is built into the hardware itself, or whether it is added into embedded software, isn’t always clear.
“The general perception in the past was that if higher security and speed are important, then you put the security in hardware,” said Pim Tuyls, founder and CEO of Intrinsic ID. “If area is important, you put it into software. But what has changed is that people have become aware that hardware-based security is much better. It’s now a must-have, and it’s being picked up by many companies. If you have social attacks, they steal your password. If you can hack into software, the impact scale is probably up to 1,000 users before someone fixes it. If it’s the operating system, the impact is up to 10,000. But if you can fiddle with the hardware, the impact can be in the billions. Once you control the hardware you can change the software functionality and control the system.”
Understanding the ecosystem is another matter, though.
“If you do a design and all of your IP goes overseas and the fabs are overseas, the big question is whether you get back what you wanted,” Tuyls said. “It’s not just backdoors. There’s also counterfeiting. If you think about chips for automotive and aerospace, that’s a problem. I’ve spent the last 1.5 months talking about this at conferences. Before that, there was about one conference a year. There’s a lot of talk about big data and data mining, but all of that depends on whether you can trust the data. If not, the value of the data is much less.”
ARM introduced its TrustZone technology nearly a decade ago, but initially the technology generated little more than conversation. With the introduction of the IoT, and demands by mobile phone makers for more robust security, interest in the technology began picking up. ARM now makes security standard in its Cortex-A designs, with simpler versions of TrustZone in Cortex-M and Cortex-R devices.
Other processor core vendors have taken the cue, as well. Synopsys provides security in its ARC processors, and Andes Technology builds secure cores in multi-core configurations. “IoT issues are getting clearer year by year,” said Frankwell Lin, Andes’ CEO. “Security is now the second-most important issue after power.”
Embedded software, firmware, and updates
As chipmakers increasingly are responsible for developing the embedded software in complex chips, they also now must wrestle with the software that runs inside of those chips. In the past, most of that software was considered untouchable, but as hackers become more sophisticated with a range of side-channel attacks, nothing is being taken for granted anymore.
“Security needs to be everywhere, and it needs to be end-to-end,” said Vincent Perrier, chief marketing officer for France’s MicroEJ. “When you download applications to devices and connect those devices, you need a secure connection layer. The server needs to know it’s the right device, and the best way to do that is with an authentication protocol and a private key. That capability needs to be on the device, too, so you can make sure that if you download code, it’s the right code.”
Mentor’s Baum agrees: “Folks update the firmware all the time,” he said. Many devices being shipped now will be updated and upgraded on a regular basis, he said, noting that IoT devices now can reboot with new images. “Hackers try to attack. It doesn’t happen overnight. They try for days, weeks.”
If a device contacts the IT department of an enterprise when hackers try to probe it for vulnerabilities, many of these breaches can be prevented. Some enterprises have implemented software agents that reset systems and monitor laptops for possible infections by computer viruses. There also is a long list of deterrents, including random number generators, crypto-processors, hypervisors, virtualization layers, private keys, authentication at multiple levels using multiple secure elements, and tamper-resistant packaging.
“The more layers of security you can put in, the harder it is for hackers,” Baum said, adding that for automotive and industrial IoT applications, four or five security layers may be necessary. “IoT devices are being designed to be connected.”
The bigger picture
Echoing a theme often heard from ARM executives, “there needs to be an ecosystem,” said Ryan Cameron, vice president and general manager of Industrial & Timing Products in the Application Products Group of ON Semiconductor.
Citing four priorities in chip product development, “first is security,” Cameron said at the Internet of Things World conference earlier this month in Santa Clara, Calif. “Security is fundamental and expected.”
It’s also critical to “add security at the [software] stack level,” he added. “We have to address every hole. The hackers only have to find one.”
GrammaTech, a spinoff from Cornell University in Ithaca, N.Y., touts the use of static analysis tools in reducing defects in software with its CodeSonar product. Among other attributes, CodeSonar can provide static analysis for binary code, according to the company.
GrammaTech’s customers are principally in the areas of industrial control equipment, automotive electronics, and aerospace systems, according to Paul Anderson, vice president of engineering. In industrial control, the priority is not so much in safety or security, but in preventing or reducing downtime, Anderson said. Downtime on a factory floor is costly and can cause losses in the hundreds of millions of dollars, he added.
Micrium, a leading supplier of real-time operating systems and related software tools, has worked with Icon Laboratories to provide a software infrastructure for IoT-ready devices, according to Mike Kaskowitz, Micrium’s vice president of sales and marketing. “Infineon has licensed our tool to include with all their boards,” he said.
Infineon Technologies is, indeed, deeply into the IoT security space. Exhibiting last month at IoT World, Infineon was talking up its line of secure devices, which include programmable authentication and device security.
At the heart of many of these efforts are standards such as Transport Layer Security (TLS), which at least provide a baseline. But those standards barely scratch the surface of what will be needed to secure billions of IoT devices.
“One key aspects in the industrial, automotive and medical markets is the development and deployment of functional safety standards, which require such companies to have a more stringent development process,” said Marc Serughetti, director of business development for the System Level Solutions Group at Synopsys. “This has a direct impact on their chip suppliers, whose development effort is increased. However, this cannot be simply addressed by each company in the supply chain individually. Functional safety standards apply to the end product delivered by industrial, automotive or medical device OEMs, which includes chips developed by semiconductor, but also software running on that chip that is developed by OEMs or other suppliers.”
Those standards increasingly involve security, as well. But unlike in the past, when people talked about security as an add-on, they now view it as a prerequisite for successful products. An increasing number of vendors are talking the talk and walking the walk on cybersecurity. The dangers of Internet connections have become obvious enough throughout the semiconductor industry.
Grappling With IoT Security
Updating connected devices creates a whole new challenge as threats continue to evolve.
Unexpected Security Holes
As more things are connected, security holes are showing up in places no one considered.
The Race To Secure The Car
Connectivity and complexity are raising concerns about safety and reliability.
White-Box Crypto Gains Traction
A niche obfuscation methodology is becoming more popular in cost-sensitive markets. But how good is it?