How Hardware Design Choices Can Help Secure IOT Devices

6623

Curated by Anindeeta Chakraborty

IOT is a huge opportunity but IOT security is a big problem. The key to IOT security and performance is strong hardware foundation.

With the widespread adoption of internet everywhere, today every object is getting connected to another object. As these connected devices can gather and share huge amount of information over the internet, there are concerns that our personal information could be misused by hackers for various reasons.

In order to protect Internet of Things (IoT) devices and networks against cybercrime, companies are increasingly focusing on the IOT security.

IOT security is a process of eradicating all the possible vulnerabilities in the hardware device. It also means equipping the hardware device with certain solutions so that it can either resist or prevent the malicious attack.

IOT SERVICE CAN BE MONETISED BY BUILDING A STRONG ECOSYSTEM OF INTERCONNECTED SERVICES

Creativity is limitless in IOT

IOT is all about giving brains or making everyday objects around us smarter. It is a network of internet connected objects with unique identifies and unique data. Today IOT devices are used predominantly in homes, offices, industries and medical sector.

Creativity is limitless in IOT. This technology when applied on things that are naturally around us can lead to innovation or opportunities.

There are seven billion people in the world and approximately 0.2 people are diet conscious. They want to eat clean and stay fit. So, how about creating a smart plate that analyzes weight based on the person’s health parameter readings and customise his/her eating habit based on the person’s age group.

This is just an example of how IOT is getting applied on things, driven by our day-to-day needs.

Make Money on IOT Products 

IOT is all about the connecting of things with internet, but where exactly monetization stands in the world of IOT? An IOT service provider go through these four phases in his journey – Connect Things, Data Gather Optimize, Drive Services and Interconnect Services.

Let’s assume that you are booking an Uber cab.

Connect Things: In the first phase, you are connecting to the Uber server and the things that are being connected here are your mobile device, cab drivers, cab rides around you that have multiple sensors installed in them.

Data gather optimise: Next on the server, it is trying to gather as much data as possible and optimise it to the best possible means. The data here means the GPS locations of the customer and the multiple drivers nearby. It can also indicate the peak hours of traffic.

Drive services: Here the Uber server or the app connects the customer to the nearby cab service. Additionally, it uses the information about the peak hours to search the prices.

Interconnect Services: It is the most important phase in any IOT service provider’s journey. Uber started its journey with the cab providing service, but now it has partnered with aviation industry, health sector, restaurants and also courier services to expand its wings. Here both parties are benefiting from the partnership, and this is leading to monetisation.

Thus, we can see that IOT service can be monetised by building a strong ecosystem of interconnected services.

IOT growth maximum in smart home sector

Basic building blocks of any IOT device comprise of sensors, compute unit called MCU, battery and connectivity (Wi-Fi, Sub Gigahertz or Bluetooth depending on the application needs).

When it comes to semiconductor industry, opportunity exists in various sectors such as lifestyle, smart home, automotive, industrial, meters, healthcare, etc.

The growth rate is different in all these sectors. While smart home is seeing the highest growth rate in terms of IOT, industrial sector is growing at the lowest rate.

The main reason behind this is that the adoption rate or the perception of IOT varies from sector to sector. In case of industries, the data is quiet proprietary which they do not want to put it on the cloud, they just want to encapsulate it in the industry framework itself. Unlike industrial, security needs may not be as tight as possible in smart home. As a result, IOT growth rate is higher in smart home sector.

The Need for IOT security 

When devices are connected over the internet, the network exposes multiple interfaces for the hackers to hack it. This security issue has to be solved at the IOT device itself. So, security is the biggest concern that needs to be sorted out right at the design phase or the hardware foundation.

In one of the IOT hacking cases recorded in the recent history, a hacker was able to remotely raise home temperature by 12 degree Celsius on thermostat. Here, the hacker could demand ransom money to release the control of thermostat.

Similarly, there was a pacemaker device from St. Jude Medical that had a problem in the transmitter. This could be threatening for patients.

What might be the reasons that led to such type of hackings? It may be because the inscription was not strong enough, or the login credentials were very simple, or the source code were written in a plain text that could be easily hacked.

Therefore, we need to solve all such problems right at the hardware level.

Chip Level Attacks

The internal hardware structure of an IOT device consists of a CPU; a code RAM for storing the firmware; system RAM for storing data; some security related blocks called crypto; a real-time clock, a battery and a crystal.

There are numerous areas where the hardware can be attacked. A hacker can modify the code and tamper the crystal which is providing the clock to your device to hamper the execution. A hacker can also take the chip into a hibernate mode, which means the chip will lose all its secure related content.

These are the problems that should be solved at the chip level. If these are not solved at the chip level, even if you add software patches or anything else, you won’t be able to fix the problem.

Hardware Design Solutions for Security

There are three categories where protection is needed: region-based memory protection, roll back attack protection and firmware attack protection.

Why we need memory protection?

Suppose you have OLA, UBER and MERU apps installed on your phone. While booking a cab, you have opened all these apps together to get the best service. All these apps have certain resources requirement for its application. One app may try to access data from the other, but if they are allowed to do so, they will end up creating financial harms against each other.

So, when one app tries to access data of the other, the hardware should stop it. That is why region-based memory protection is required.

SECURITY IS THE BIGGEST CONCERN THAT NEEDS TO BE SORTED OUT RIGHT AT THE DESIGN PHASE OR THE HARDWARE FOUNDATION

There are multiple parallel threats executing on your CPU at the same time, and these applications need to be isolated from each other. If you tend to share data, then you are leaking out something.

For memory protection, there is an ARM-v8 system which comes with a trust zone concept. It provides a programmable hardware along with the CPU that allows you to tag the different memory regions as either secure (S) or non-secure (NS). By tagging a memory region as secure, you are saying that you will allow all the accesses if those accesses are appearing from the secure region to any of the secure or nonsecure region, but vice-versa is not true.

This hardware allows firmware developer to tag maximum eight distinct memory regions. Using this type of system, we can achieve to some extent code, memory and peripheral protection.

The next-generation ARM Core is bringing additional hardware components called memory protection controller and peripheral protection controller which will enable granular memory partitioning with protection.

Rollback Attacks Protection: There is a peripheral called real-time clock (RTC) which usually sits on the hardware device.

An example of use case – The metering device which compute electrical consumption in your house has a real-time clock (RTC) peripheral embedded in it. The metering company may charge the consumer based on time or demand or load. But if a hacker is able to roll the time backwards for that particular peripheral, the charge could be increased or decreased depending on the intension. In addition, a hacker can also install an older firmware version which can make the device vulnerable to security threats.

Such security threats can be solved at the device level by having a peripheral protection, secured storage and battery backup.

Deploying the solutions mentioned above will help you in achieving the protection at the hardware.

Security in performance: You need to always ensure that the IOT device you are trying to build should never become a bottleneck.

Let’s assume that a remote robotic surgery is happening in Delhi and it is being controlled remotely by a doctor in London. If this IOT device takes a lot of time to encrypt or decrypt the data, it could be life threating for the patient. Here the IOT device itself is becoming a bottleneck.

This is the reason why you need to ensure that you have implemented hardware crypto accelerators for fast encryption and decryption. At the same time, you also need to check that the firmware is secured.

Firmware attack: Firmware is basically a set of instructions that you would want the device to execute. To ensure that the target embedded device only runs authorized firmware or uses only authorized configuration data, we need to provide both authenticity and integrity of the information. This means making sure that the data is trusted and not subsequently modified, otherwise there can be leakage of confidential and sensitive data, the device can be forced to operate incorrectly or show unpredictable behavior.

How can we solve this?

When a R&D facility develops a firmware code, they will generate a pair of public and private key. They will use the private key along with the firmware and feed it to the digital signature generation algorithm. The digital signature along with the firmware code will be transferred to the IOT device via a boot loader, where the cross verification will take place using the public key. The most important thing to remember here is that the private key is not stored on the device, thus the firmware cannot be hacked in such cases.

That is how you can achieve secure boot and secure download at the IOT device level.

How Can We Avoid Tampering in the Hardware?

Tamper refers to intentional alteration or manipulation to the system such that it compromises the secrets in the system or enables unauthorized operation in the system. To alter the device environmental or operational conditions with the intend to operate the MCU or other components in an unintended way, following ways of attacks can be used:

  • Induce over-temperature or under-temperature conditions
  • Induce over-voltage under-voltage conditions
  • Induce over-clocking or under-clocking conditions

Tampering in the hardware can be solved by having three categories of implementation in the device.

Tamper Detection: – This can be done by deploying voltage monitors, temperature monitors and clock monitors in the device.

Tamper Evidence :– This means logging the details about what time the event exactly occurred and what was the source of it.

Tamper response: – It is very important to reset device and erase keys before the hacker takes control of the device.

By following the above steps, you will be able to achieve all the possible security fixes at the hardware level.

Conclusion

IOT is a huge opportunity but IOT security is a big problem. The key to IOT security and performance is strong hardware foundation. In order to mitigate IOT security threats, we need to use an effective combination of software and hardware solutions.

Neither hardware alone nor software alone can solve the problem. It has to be the best possible mix of these two.

About the author

This article has been curated out of a speech presented by Ruchi Shankar, IP Design Manager, Texas Instruments, at the IEW/IOTSHOW.IN 2019.

An IIT Rourkee alumni, Ruchi has 14 years of experience across IP design, verification and Micro architecture. She also has rich experience in IP differentiation areas, specially related to power performance.