This year, more than 500,000 internet of things (IoT) devices will face some sort of compromise, according to a Forrester prediction. Considering how fast distributed denial of service (DDoS) attacks can spread via everyday products, it’s critical for everyone designing IoT products to factor in security early on. If this isn’t enough to convince you, consider that the cost of cybercrime could grow to $2.1 trillion by 2019. Dollars lost aside, there are also ramifications on brand and reputation, productivity, customer confidence, privacy, and even safety and wellbeing.
Cisco’s 2017 Annual Cybersecurity Report notes: “Security professionals are jarred into reality when breaches occur. Organizations that have not yet suffered a breach of their networks due to attackers may be relieved they’ve escaped. However, this confidence is probably misplaced.” According to the Cisco report, 22% of organizations surveyed said they lost customers due to attacks and, of this group, 39% reported losing 20% or more of their customers.
“Security as an afterthought for IoT devices is not an option, especially when you can’t patch IoT firmware because the vendor didn’t plan for over-the-air patching,” notes Ryan Francis, managing editor of CSO, in his article, “Data breaches through wearables put target squarely on IoT in 2017.”
Unfortunately, the reality is, security does tend to be an afterthought, often because of misguided perceptions over cost, time, and effort to implement it. Given the proliferation of smart, connected devices, along with the data that they collect and use, security should be an essential component of every design. What’s more, hardware-based security provides the best protection against breaches.
Root of Trust Delivers Robust Security
Compared to the traditional products of yesterday, today’s internet-enabled devices have many more points of vulnerability. Potentially sensitive data traveling from the devices to the cloud and back can be intercepted along the way. Many who do consider security believe that software-based cryptography is an ideal method because they feel it is cost effective and easy to implement and update; however, all it takes is a security flaw in the OS to compromise the security delivered by the encryption code. Also, keep in mind that operating systems and their patches are complicated, so it’s difficult and time-consuming to exhaustively figure out and safeguard all of the potential interactions that could trigger a breach.
Hardware-based security with a “root of trust” provides a much more robust methodology. With this approach, a secure microcontroller executes software from an internal, immutable memory. The software, stored in the microcontroller’s ROM, is trusted because it can’t be modified—and, as such, is the root of trust that can be used to verify and authenticate the application’s software signature3. Since this hardware-based root-of-trust approach starts from the bottom of a design, it allows you to close off more potential entry points into your design than can software-based security methodologies. This methodology also supports three key pillars of security: authenticity, data integrity, and confidentiality.
Another potential area of vulnerability is the IoT device firmware and operational configuration data. Both the firmware and data are generally considered to be safe during the manufacturing process. But all bets are off once the devices are in the field. Hackers could attempt to take control of the devices or modify their behavior, for instance. Cryptographic digital signatures offer strong protection through the lifetime of the device by digitally signing the firmware or configuration data loaded during manufacturing. Strong digital signatures are computed by a cryptographic algorithm, such as the FIPS 186 Elliptic Curve Digital Signature Algorithm (ECDSA). ECDSA is a type of asymmetric cryptography that uses a public key and a private key. The private key, which contains confidential information that can’t be shared, is used for signing in, for example, the device development environment. The embedded device, meanwhile, uses the public key for verification. If an attacker tries to infiltrate a device using ECDSA, he or she won’t be able to retrieve the private key because it isn’t there.
Asymmetric ECDSA cryptography is also useful for implementing a secure boot and download process. Such a process prevents attacks like malware injection—even during firmware updates—by allowing only authenticated firmware to run on an embedded device. This approach is computationally intensive and can be time-consuming to implement. However, embedded security technologies help. Security managers, secure microcontrollers, and secure authenticators integrated with cryptographic algorithms simplify the process of protecting entire systems. For example, Maxim’s MAXQ1061 DeepCover cryptographic controller offers a turnkey solution for an array of security functions. Its cryptographic toolbox provides key generation and storage up to full SSL/TLS/DTLS support with a high level of abstraction, including TLS/DTLS key negotiation, ECDSA-based TLS/DTLS authentication, digital signature generation and verification, SSL/TLS/DTLS packet encryption, and MAC algorithms. The IC can also be a secure bootloader for an external generic microcontroller. Maxim, which designed the first secure microcontroller and has been investing in digital security design for the last 30 years, also offers reference designs that can ease and accelerate the design process. For example, the MAXREFDES155# IoT embedded security reference designuses the DS2476 and DS28C36 DeepCover Secure Authenticators to authenticate and control a sensing node using elliptic curve-based public-key cryptography. The design offers a simplicity that supports rapid integration into any star-topology IoT network.
News headlines about data security breaches are, unfortunately, an all-too-frequent occurrence. Design engineers can thwart these attacks by integrating sinto their products at the earliest stages of the design. Embedded security technologies provide a turnkey solution to safeguard smart, connected products—along with the often-sensitive data that gives these products value.
For More Information
Learn more about embedded security solutions to protect your next design by downloading and reading Maxim’s embedded security solutions selector guide.