A guest blog post by Eric Heiser, Head of Services, Product Center Cellular, u-blox
5G, the Internet of Things, ubiquitous sensing, artificial intelligence, mixed reality, virtual personal assistants, connected cars, digital twins, blockchains, the cloud... The technological lineup promising to usher in a connected future is impressive, even more so considering that many of these terms that are now household names were largely unknown just a decade ago. Equally impressive is the list of benefits we expect the merging of the physical and digital worlds to deliver: safer, less congested streets, cleaner, more productive industries, smarter, more sustainable cities, longer, healthier lives.
Enabling this fully integrated, wirelessly connected digital future will require that data and the entire IoT ecosystem become as trusted as money and the financial system we rely upon every day. Today, systems are in place that let you go to a store almost anywhere in the world with nothing but a credit card and buy whatever you’d like. The levels of seamlessness and security that this requires are quite a feat, and they’re one that we will have to transpose to the IoT for it to live up to its potential. Getting there will require tackling the juggernaut of IoT security.
"By putting IoT security front and center in our devices and our minds, we are pioneering technology that will enable the connected future to live up to its promise."
You might be thinking that IoT security is more or less the same thing as IT security – after all, how much difference can a single o make. It isn’t. To put it bluntly, failing to sufficiently secure IT systems might get you fired. Failing to secure IoT devices could land you in jail. It may sound extreme, but there’s a reason for it. Because they bridge the digital and physical worlds, compromised IoT systems often represent a threat to people’s physical safety. Examples abound, from connected insulin pumps to perishable goods trackers that hackers could seek to manipulate.
In either case, the consequences of poor IoT security can be severe, and not just for the direct victims who might suffer physical harm. Device manufacturers can also see their business threatened by lost revenues as customers stop paying for affected services. At the same time, costs associated with upgrading or replacing sold products, lost brand reputation, and customers switching to the competition can hit their bottom line. IoT security is both a prerequisite for sustainable business and an insurance policy of sorts, reducing the risk of being hacked.
At its core, IoT security is about trust and control. As a user, you want to be sure that the data and the devices you rely on can be trusted, and that they remain under your control. It begins by ensuring that each individual device has an immutable identity, and that the firmware running on it is authentic and can be securely upgraded. Communications to and from the device have to be secure to keep them from being intercepted or manipulated in transit. All interfaces to the device need to be secured to limit device control to authorized users. And finally, the software running on the device needs to be robust enough to resist the attempts of hackers seeking to expose and exploit vulnerabilities.
And while all IoT applications should share a common baseline level of security, requirements vary case by case. A temperature reading from an environmental sensor deployed on a farm doesn’t need the same level of security as a temperature reading from connected vital data sensor in an intensive care unit (ICU). In the first use case, you’d want to know that the data is coming from the right sensor and that it has not been fiddled with; you probably are less worried about someone seeing the data on its way to the cloud. The situation is different in the ICU, where data breaches can lead to false diagnoses, poorly informed medical procedures, and can expose confidential patient data.
Let’s stay in the hospital for a minute. Imagine that you’re hooked up to a smart perfusion pump delivering drugs in response to wirelessly collected vital data. The last thing you’d want as a patient is for someone to feed the perfusion pump false data, causing it to deliver too much or too little medication, or to switch it off completely. Because they are so invasive, futuristic developments such as remote surgery raise the stakes further still. And as we saw earlier, such scenarios can bring on huge financial, reputational damage, and potential legal responsibilities to the developers of the compromised devices and to the hospital as a whole.
Switching to another IoT use-case, auto insurers offering reduced rates to customers with good driving habits, assessed using a black box, face a different set of threats. Customers might try to jam the positioning system to conceal illicit behavior. They might seek to tamper with the device to make it report false data to the cloud, allowing them to save fees. Or they might sue their insurers if hackers access and exploit personal data gathered by the black boxes. Insurance companies that fail to sufficiently secure their devices could suffer financially dealing with the aftermath. At the same time, the manufacturers of the black boxes might face extra costs to replace or upgrade vulnerable devices. Worse still, a hacker could find an exploitable vulnerability, replicate the devices, and sell them on the black market, syphoning off the auto insurers’ revenues while helping their customers save fees.
With stakes already high and set to rise further still, it may be reassuring to know that IoT security has finally landed on the radars of OEMs delivering IoT solutions to a wide range of verticals. Our internal market surveys have shown that big end-brands are passing down a new set of IoT security requirements to their suppliers. Because most device makers have little expertise in IoT security, they are looking to their trusted strategic component suppliers to fill the void.
Recognizing the importance that IoT security will play in protecting people, assets, and our customers, as well as in scaling up the globally deployed IoT, we at u-blox have committed to raising the bar on IoT security. We see it as a matter of corporate responsibility to release only products that comply with a demanding set of baseline security requirements. And by delivering components offering best-in-class IoT security, we hope to enable the expansion of the IoT into increasingly challenging use cases, from connected cars and smart buildings to connected health and advanced industrial applications.
Of course you can’t have security without a rock solid foundation to build on. That rock solid foundation is what we refer to as the root of trust (RoT). At its most basic level, a root of trust offers a trusted set of advanced security functionality through a combination of a unique and immutable device identity and the hardware and software capabilities required to enable trusted functions. Put more simply, it lets you trust that you are interacting with the right device, and that your data will remain secure.
Just as every car has an engine, secure IoT chipsets all have some kind of a root of trust. But not all engines are created equal, and the same is true for roots of trust. The security they provide depends on a number of factors, including where, how, and by whom they are implemented. While they offer the same overall functionality whether they reside in the software, inside a trusted execution environment, or inside a secure element, potentially one containing an eSIM, their ability to withstand attacks increases in that same order.
But even when IoT chipsets share a common security architecture, the level of security they provide can vary dramatically. Ultimately, it can come down to the robustness of the code that implements the secure libraries used to generate the crypto functions and keys needed to securely connect devices to the cloud. To offer our customers best-in-class IoT security, we partnered with Kudelski, a world leader in securing digital content. This allowed us to leverage their decades-long of experience protecting connected devices against criminal and state-sponsored attacks.
In addition to their commercially hardened root of trust, our latest generation of secure cellular IoT modem chipsets and modules leverage Kudelski’s proven and massively scalable key management system to derive security keys in devices and in the cloud. The result is superior encryption tailored to the needs of power- and data-constrained IoT applications in which millions of devices need to be managed simultaneously.
Businesses have more to gain from implementing robust security than protecting their revenues (top line) or their final financial result (bottom line). Security is also a fundamental enabler of service-based business models in which customers can subscribe to additional functionality on top of the base functionality their solutions provide.
Consider a versatile connected sensor targeting a wide range of applications, from monitoring the urban environment to tracking sensitive industrial processes. With a service-based offering, device manufacturers can let end-customers decide what level of security they are willing to pay for considering the potential consequences of hackers tampering with the data and services they are seeking to protect. Without robust IoT security, hackers could potentially switch on higher-level security features that would otherwise be sold as a service on top of the device itself, thereby robbing device developers of service fees.
At the end of the day, we are convinced that device developers targeting automotive, industrial, connected health, and many segments of consumer markets are looking for hardware suppliers that help them achieve a high level of IoT security without sacrificing time to market, product performance, and device longevity.