The greatest security risk…to IoT

Attention has focused on cyber attacks on IT systems but the ‘things’ that make up the IoT are increasingly vulnerable, warns Pim Tuyls from Philips Research.

Public attention has focused on cyber attacks on IT systems but another, potentially greater, risk has quietly grown. The IoT underpins smart homes, smart factories, and even large utility and transport networks.

The threat can be combatted. Consistent use of network security standards rooted in hardware can blunt most attacks. In the past, “rooted in hardware” has been a challenge. Semiconductor vendors building IoT chips could devise a code and record it in on-chip memory. More securely, they could include hardware IP, for example a secret digital fingerprint called a physical unclonable function (PUF), can serve as a root of security.
IoT device designers have access to the same technology through software that can interrogate a PUF latent in virtually any IoT chip, even legacy chips. This allows device developers to provide a hardware root of trust even when using chips not equipped with hardware PUF IP.

What are the risks to the IoT?

The risks to the IoT include the kinds of attacks that threaten IT systems, and some worrying additional ones. It is possible to steal sensitive data from unprotected IoT devices, such as taking personal information from a smart home, or trade secrets from an automated factory. A ransom attack can lock IoT devices or encrypt their data, rendering an entire network inert.

Inadequately protected IoT devices can also be recruited into botnets, resulting in loss of service for the IoT network and potential liability for its operator if the bots are turned against some other target. When the IoT network controls critical devices, malicious attacks can cause physical damage, shutting down or destroying industrial equipment or crashing an electrical grid.

The vulnerability of the IoT

The vulnerability of the IoT is not due to ignorance or carelessness. It is primarily due to two circumstances beyond the control of any one vendor. First, for economic reasons, the IoT vendor community has remained mostly a fragmented assembly of small companies, making it difficult to settle upon standards. This has been especially true of security standards.

Second, the price of individual IoT device ICs is usually quite small. Often there is only one small SoC in a device. This makes it difficult to dedicate hardware resources to the security of individual devices – the IoT’s ‘things’. Elaborate hardware security modules used in large systems are out of the question, but there need to be standard security protocols to protect networks and hardware-rooted measures to secure the myriad devices.

Toward a secure future

There are two primary threats to IoT security. An attacker can intercept messages on the network and steal the information, or an attacker can fool an IoT device into accepting a malicious or corrupted device as legitimate. This would allow the attacker to send it bogus commands, to receive data not intended for it, or to corrupt code or data in the device.

To protect against these attacks there need to be two levels of IoT security. One is at the network level and one at the level of individual chips. The two depend on one another. At the network level, it is vital that all messages crossing the network be encrypted. It is equally vital that the recipient authenticate the sender of each message; that it proves the sender is who it claims to be.
Both of these needs can be met using public-key cryptography, just as is done for secure connections on the internet. Public-key cryptography, in turn, depends upon standards.

Experience with the internet and in datacentres has taught the industry that only widespread use can make a protocol robust enough and keep it current, to have a good chance of repelling a determined attack. Standards also promote interoperability between segments of the network.
Standard protocols are needed for authentication and for encryption and decryption. Standards should also cover the procedures for messages, data transmission and code updates. It must be certain that nothing crosses the network unencrypted, and that no device ever just trusts a message to be legitimate.

A hardware root

Authentication and encryption both require secret keys, long binary strings known only to the individual device. Creating these keys and keeping them secret has been a continuing challenge, especially in IoT networks deployed away from the physical security of datacentres.
Perhaps the obvious method is to have some trusted organisation, a security bureau or a chip manufacturer, create the necessary private keys and store them in non-volatile memory, ideally on the chip that will use them.

But is this really safe? Are those external organisations worthy of that level of trust? If the keys are in memory on a chip, can they be read from the outside, or can the chip be tricked into divulging them? Techniques to protect the keys include encryption, secure memory areas and trusted CPU modes that can be entered only at power-up or via an authenticating API.

Where do the keys come from, then? Ideally, keys would be derived not from a third party whose systems may be compromised, but from some intrinsic characteristic within the chip itself. Such a code would need to be unique to that chip and unguessable. It would never leave the chip and would be unknown even to the chip vendor.

Such characteristics exist. Research has shown that the process variations in IC manufacturing cause the cells in an SRAM array to power up in a consistent pattern, with some random noise. About 1kbyte of SRAM is sufficient to generate an ID string that can be made unique to that particular chip. Hardware IP has been used for over a decade to read the SRAM on power-up and extract this unique, stable, secret ID string. That string, in turn, can be used to derive secret keys and even random numbers.

Trust for every device

Originally such hidden ID capability required specialised hardware IP designed into the chip. This does not necessarily require special hardware IP. All standard SRAM exhibit a stable digital fingerprint, or PUF, on start-up.

For virtually any IoT IC, new or legacy, it is theoretically possible for software to derive a unique ID from this fingerprint. Every device in an IoT network can be secured with a root of trust that reaches deep into its hardware. This enables the level of hardware based authentication and encryption necessary for IoT security.

Intrinsic ID’s Zign software accommodates IoT developers’ existing infrastructure whether it is approved via asymmetric-key encryption for example, requiring only the chip to generate a unique secret key, or if it has specific needs, such as making sure that information within the chip is encrypted. Others still may be starting from a clean sheet of paper and need a full security stack.

With every IoT device in the network performing standardised authentication and encryption rooted in PUFs in the silicon, the door is closed on most kinds of attacks. This added security could mean no inconvenienced home automation user, no crippled manufacturing plant, or no blackout of a regional energy grid or transport system. That is motive enough to think again about IoT security.