Tesla is wise to regularly push security and other software updates out to its vehicles. But, unfortunately, not every smart, connected device has its security flaws addressed regularly, nor is every such device built with security in mind. Simply put, as sensors in internet of things (IoT) products continually gather valuable data for decision-making or machine-learning, we have to trust the root data being used. At the same time, distributed actuators must be able to trust the commands that they receive. With each headline about hacking, it has become more clear that design security is too critical to be overlooked.
Even though good embedded security technology is readily available, many device manufacturers view security as too expensive or too time-consuming to implement.
When it comes to security and hacking, it’s an economic game involving risk and reward for every endeavor.Remember the Jacquard loom, one of the first programmable devices? Jacquard looms, which used punch cards to program a mechanical loom’s weaving patterns, represented the dawning of “smart devices.” Yet, there aren’t tales of Jacquard looms being attacked.
Hacking Jacquard looms was a high risk since the looms were rare and generally inaccessible. Plus, the value of an attack was low. If the attack was hard to execute, and the results of any attack were unrewarding, then the target was not attractive enough to draw the attention of 19th century hackers.
A century later, room-sized computers were starting to serve government, military, and big business applications. The potential reward for hacking was increasing. However, these machines were rare and they required specialized skill to program and manage, so access was still limited. So even though the reward was increasing, the risk was still high.
Today, most of us carry devices products with intelligence and sensors. Smartphones are just the start. Smartwatches and fitness trackers track and monitor our health parameters. Smart home devices know when we come home and what we like for entertainment. Cars detect our travelling patterns, as well as our behavior.Whether we consent or not, information is always being gathered around us. And now, information is power and money, and all of the smart devices we surround ourselves with are also creating value by monitoring us.
Looking again at the risk-reward equation, the risk-side for many devices now is close to zero…each one. More things that surround us and sense or control our world are becoming connected, which makes these things accessible to any attacker. And the risk of exploring and executing an attack has never been lower. The reward isn’t always spectacular—such as when programmable street-warning signs are hacked to promote political points of view or convey humorous messages.
But then there are the more harmful cases. For instance, the Stuxnet attack on an Iranian nuclear processing facility had an obvious high reward—the perpetrators would be able to destroy important nuclear processing equipment of a political adversary. The attack was complex, and designed to take advantage of the connected nature of things to propagate without detection until it was too late and the centrifuges had already been reprogrammed to damage themselves. The reward was high, and the nature of our connected world lowered the risk side of the equation to a point where advanced actors could carry out a successful attack.
Time and Cost Pressures Hampering Security Efforts
Implementing design security means that the engineering team needs to consider and understand security issues to a certain extent, so there is a potential expertise gap with any team. Also, more stringent security measures utilizing advanced hardware will cost more than simpler software-based security. Finance, government, and similar industries are naturally inclined to think about security. Others build it in after they’ve discovered fraud or other problems. Unfortunately, there isn’t much incentive for designers (especially at startups) to add even minimal cost or time to design a new feature into a device that they’re pressured to release to market as quickly as possible.
Overlooking security comes with two big problems:
1. A “band-aid” approach to security is hard to effectively achieve on an existing product if it isn’t considered for the design at the beginning
2. Realistically, engineers aren’t available to go back and fix things later, ; business development demands that they move on to their next projects
How Can We Put Security at the Forefront?
The intent of good security is to build something that will practically keep people with bad intentions out that are not desired to participate in the system. Attackers will always look for the weakest system to attack that derives the most impact. Given this, even moderate system security improvements can make your application too tough to hack. In short: a moderate amount of security will probably solve most of your problems, and a thoughtful security design will likely keep you safe for a long time.
Maxim’s IoT embedded security reference design, which features an ECDSA/SHA-2 co-processor, can be used for authentication of IoT device nodes.
If your management buys into the fact that you need an extreme level of security and is willing to spend the time and money to get there…Fortunately, there are plenty of available technologies that ease the effort of designing in security.
For example, Maxim’s MAXREFDES155# IoT embedded security reference design authenticates and controls a sensing node using an elliptic curve-based public-key cryptography with control and notification from a web server. Many IC companies, including Maxim, also offer components such as secure microntrollers that provide a foundation for creating smart products that are also protected against hacking, cloning, counterfeiting, and other nefarious activities. With these technologies available, there’s really no reason not to build security into your IoT design early on.
By Kristopher Ardis, Executive Director; Micros, Security & Software, Maxim Integrated