The Right Security For IoT: Physical Attacks and How to Counter Them

Internet of Things hardware and security

Curated by Vinay Prabhakar Minj 

Implementation of security countermeasures on an IoT device can be best done by using hardware-based security.


Security is important and we need it because it is an indication of trust in order for Internet of Things (IoT) systems to proliferate.

We trust and put money in the banks because we know that they have physical protection and surveillance systems properly placed within the premises to ensure safety of our assets. Likewise, for IoT systems to grow and the ecosystem to flourish, security has to be in place.

We hear a lot about IoT and how big it is. IoT is really happening now and such is its power that something as simple as power tools can now be connected to the cloud and controlled remotely.

Architecture of IoT

An IoT ecosystem comprises of IoT devices/end nodes, gateway/edge computing device and cloud server.

First IoT devices/end nodes (which could be smart home appliances, streetlights, computers or robotics) send information to the cloud. This information is then processed through Machine Learning/AI to provide useful data to the user.

It is the intelligence of the devices that makes IoT smart. It’s not just about putting connectivity but adding a certain level of intelligence to the devices. The devices are made intelligent by adding sensors and actuators, which collect information and send to the cloud via a communication infrastructure (WiFi, Bluetooth, ZigBee, etc). The same information/data can also be processed at the edge level/fog level before it goes to the cloud.

IoT devices are vulnerable to attacks

IoT systems can be attacked efficiently in many ways. Some of the ways are:

  1. Device identity attacks: For the cloud to be able to understand or use your information, it has to trust that the device that is sending the information is legitimate and not a fake one. Hence, the device identity needs to be protected.
  2. Device integrity attacks: Through this attack, the device itself could have its configuration changed by malware or a hacker.
  3. Lifecycle attacks: You could have a legitimate device but if you don’t protect it with the right level of security, then that can invite hackers to install malware into your device. There have been many ransomware and DDoS (Distributed Denial of Service) attacks in the last few years and that can become even more frequent in the future with the interconnectivity of devices.
  4. Communication attacks: This refers to “man-in-the-middle” attacks or eavesdropping. It usually happens through the illegal usage of retail websites.

Need for protection against physical attacks

Physical attacks are often used to identify new IoT vulnerabilities. Before the actual attack is done, the attacker will first try to get physical access to the device by buying a copy of the targeted IoT device from the market. Then through reverse engineering, they would create a false attack “test” to see what sort of outputs can be obtained from it.

These physical attacks expose the vulnerabilities of the system. Examples of physical attacks –

  • The attacker can unsolder the device and read out the flash memory to analyse the software
  • The attacker can tamper the microcontroller to identify sensitive information or cause unintended behaviour.

After understanding all about the system, the attacker can now collect the “know how” gained from those physical test attacks and then can go ahead to perform actual remote attacks.

To counter this, implementation of the right security measures on an IoT device is very necessary. This is best done by using hardware-based security.


Hardware-based security

If you look at an IoT device, it comprises of the application processor, connectivity chips, sensors, actuators and a power supply. Right security countermeasures can be implemented after understanding the vulnerabilities and attack surfaces faced by the IoT device.

Below is a comparison of software-only implementation, isolated security IP and hardware-based security in an application processor and the advantages that they provide.

Software-based security measures Isolated IP security measures Hardware based security measures
Software attacks                 x ü ü
Micro-architectural attacks                 x ü ü
Physical attacks on MCU                 x                    x ü

Thus, it is clear that hardware-based security provides the secured space to keep critical data and also process critical operations.

If no security measure is taken then the application processor, consisting of the sensors, actuators, power supply and connectivity is at risk. To counter this risk, the application processor should be moved to a secure environment through a tamper-resistant hardware. This is somewhat like putting your money in a secure vault for safekeeping.

Hardware security can also be used to do the authentication of your device ID. This means that a series of security measures can be put between the server and the device itself to establish the authenticity of that device (and hence prove that it is not fake).

How to ensure that software updates are done securely

Likewise, to prevent system corruption caused by malware, the device must be protected from unauthorised updates. This is necessary as updates of your firmware happen pretty often and the user may download any updated versions without knowing that is actually malware in disguise.

So, to ensure secure updation of software, we can use hardware-based security trust anchors to establish verification of the digital signature of the firmware before being loaded into your MCU.

In conclusion, it is interesting to note that IoT is happening now and thus every connected device needs security. Whether you are a product designer or system integrator, one should always keep in mind that security needs to be included in your design right from day one.  Also, hardware-based security offers a tamper-resistant environment for you to store your credentials. This enables implementation of security against attacks easily and quickly.

About the author

The above article is an extract from a speech presented by Sarah Woo, Marketing Manager Digital Security Solutions, Infineon Technologies Asia Pacific, at the IEW/IOTSHOW.IN 2019.