We Can All Move IoT Security Forward
Industry groups such as the National Institute of Standards and Technology (NIST), the Industrial Internet Consortium (IIC), and the IoT Security Foundation (IoTSF), are developing security frameworks to help address the many foreseeable issues our IoT devices will face. They are coupled by industry-specific undertakings whose comprehensiveness and maturity vary from vertical to vertical. The FDA, for example, issued guidance entitled Postmarket Management of Cybersecurity in Medical Devices in which broad security recommendations are provided, but not mandated, for Class-3 implantable devices. All of these efforts are still in their early stages though, and any enforcement of tangible policy will only arrive after lengthy review processes at both government and industry levels.
The good news is that there’s no need to put IoT on the shelf in the meantime. At the same time though, it doesn’t excuse designing and deploying now with the hopes of securing later. The characteristics of the IoT—including the sheer magnitude of IoT deployments, their diversity, and their broad deployment—means such an approach would be costly, ineffective, and often impossible.
The following five tenets of IoT Security establish a secure foundation that allows IoT projects to move forward today, while ensuring security will be sustained tomorrow. Many of these concepts are already beginning to make their way into industry guidelines and proposed legislation such as the IoT Cybersecurity Act of 2017, NHTSA Guidelines, FDA publications, and IETF drafts. The best news of all is that these tenets can be adopted and fully executed today.
- Unique credentials for each device
- Establishing an organization-specific Root of Trust (RoT)
- Verification of digitally-signed firmware and software updates
- Continual lifecycle management and secure update
- Private key storage in hardware wherever feasible
Unique digital certificates for each device allows an organization to validate, via strong authentication, that a device is authentic and assert with high assurance that its messages are genuine. Common alternatives, such as static passwords and shared keys, do not provide the required level of security or control.
Your own Root of Trust means you have complete control over the identity validation of each device you are issuing identity to. Sharing a Root of Trust, be it with partners, competitors, or complete strangers, results in sharing risk. Your own private Root of Trust ensures your chain of trust contains only constituents you authorize.
Malicious executables and scripts cause damage to devices. It is imperative that devices verify the authenticity of any new software or firmware prior to their installation. Code signing is the method of using a certificate-based digital signature to sign executables and scripts in order to verify the author’s identity and ensure that the code has not been changed or corrupted since it was signed by the author.
Static systems are inherently insecure, and this principal applies to cryptography as well. Cryptographic algorithms weaken over time and many IoT devices will be deployed for durations that extend well beyond the effectiveness of their cryptographic keys. One must be able to perform complete lifecycle management for certificates, keys, and Roots of Trust that are stored on devices (and within IoT ecosystem gateways, servers, and applications as well).
Trusted Platform Module (TPM) technology or Secure Storage hardware are designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. It allows a hardware-enabled way to secure your cryptographic keys and certificates.
As the IoT landscape evolves and its security requirements shift, an IoT system must be equipped with a solid identity framework from its inception. Secure devices are the forefront of these efforts. PKI and a Root of Trust provide that secure foundation for IoT devices, platforms, applications, and data analytics. A method to securely update device identity and trust ensures this foundation will stand the test of time and properly mitigate foreseeable obstacles that lie ahead. For additional information on the 5 Tenets of IoT Security, click here.