中文 English

Building Security into the Smart Home Devices with a Hardware Root of Trust

Best practices for protecting personal assets from cyber criminals.

popularity

The growth in the semiconductor industry over the past years has been driven heavily by the storage and compute needs on smartphones, computers, servers and data centers. These conventional drivers are set to change. New-age technologies like big data, artificial intelligence (AI) and the Internet of Things (IoT) will fuel the demand for the future growth in semiconductors. Not only is IoT assisting in new developments in technology, with the help of AI and big data, it is also enabling us to access data in real-time. This real-time data has helped to improve key processes within homes, moving toward a ‘smart’ and more efficient society.

A good example of IoT, big data and AI working together is in the smart home. The big data collected from sensors on smart washing machines enables AI to make decisions based on potential issues or maintenance work that needs to be fixed, and as a result the owner is aware well in advance of any technical issues that may need to be addressed. But one thing is certain—if you can’t trust the data, there’s no point in collecting, analyzing and making decisions based on it. Security in the post computer era must be foundational to the device and must be layered in and viewed as a primary design goal, rather than a tertiary afterthought.

Building security into the device
One approach to IoT security is to build protection directly into the device. This provides a critical security layer, and the devices are no longer dependent on the Internet gateway or a home router as their primary protection. A security solution for smart home devices must ensure the device firmware has not been tampered with, be able to secure the data stored by the device, secure in and outbound communications, and it must detect and report attempted cyber-attacks. This only can be achieved by including security in the early stages of design.

Trust in embedded security refers to an expectation of integrity that a smart home device is operating as designed. Software trusts that hardware is operating as it should be. Applications trust that the operating system is not corrupting files. Remote systems trust in the device’s identity to which it’s connected. This process of establishing trust is called authentication. A device’s root-of-trust is the point where authentication starts and then extends through each layer. For critical smart home applications, a hardware root of trust is an important building block to secure endpoints and services.

Design for security from the ground up using Hardware-Enforced Root of Trust
While there is no one-size-fits-all security solution for embedded smart home devices, solutions are available that provide semiconductor manufacturers and OEMs with the core security capabilities required to protect their devices, in addition to the flexibility needed to customize the solution to the specific requirements of their device. Security capabilities for a layered and siloed approach to device security should include:

  • Secure boot: Ensures that the firmware running on the device is authentic and has not been tampered with.
  • Unique ID: Ensures that every device has a unique identifier that cannot be altered. This ID should be associated with a device-specific symmetric key or asymmetric key pair. Device-specific keys should not be accessible by attackers and must be protected against tampering and replacement.
  • Device authentication: Devices must be authenticated with servers (and vice versa) to prevent spoofing and cloning of devices and servers.
  • Secure communication: Devices must be able to communicate securely with servers, keeping data private and protecting data integrity.
  • Secure over-the-air (OTA) firmware updates: Ensures that firmware can be updated to meet new threats and fix vulnerabilities, without allowing substitution of malicious code

Challenges for Smart Home Devices
Smart Home devices, like thermostats or doorbell cameras, often are built to very tight cost margins, and unfortunately security commonly loses out when trying to design into a budget. The important thing to do here is not just discard security features without regard for the possible consequences. Consider what the impact of a compromised device may have on the consumer or the network, and look at possible alternative mitigations that may alleviate some of the risks via an alternative mechanism. Insecure devices that are left in the network are a risk to others, especially if there are thousands or millions of them scattered far and wide. They could leak data or be hijacked and used for malicious purposes, denial of service attacks being a common example of this. A manufacturer’s name that becomes synonymous with insecure products is not a good place to be.

Bottom line
In conclusion, the widespread use of connected smart home devices has created an attractive target for cyber criminals and other unscrupulous operators. Smart home security therefore should be viewed as a primary design goal, rather than a tertiary afterthought. To be sure, consumers increasingly expect their devices to be protected out of the box, with seamless over-the air-updates (OTA) implemented securely. However, semiconductor manufacturers and OEMs need to be assured that securing smart home devices is not an insurmountable goal that negatively impacts profitability or time to market. As such, smart home devices should be protected using a layered security approach that offers robust protection against a wide range of threats through carefully thought-out system design.



1 comments

sDee says:

Even with iron-clad security within the home systems, consumers are completely in the dark about how their most private data (including video and audio) is being collected, used, shared and brokered by cloud based service providers. Google, as expected, is leading the way on exploitation and no one stands up to inform and protect consumers.

Leave a Reply


(Note: This name will be displayed publicly)