Internet of Things
Secure updating is key to protecting billions of devices
By Steve Hanna, chair of TCG’s embedded systems work group
W
ith the constant emergence of new technology and predictions that there will be more than 21 billion IoT devices by 2025, the security threat landscape for embedded systems is evolving at a rate which can be difficult to keep pace with. Network-enabled embedded systems (the “Internet of Things” or “IoT”) are increasingly found in places such as smart homes, smart cities, smart factories, and wearables – presenting a variety of security challenges.
Turbulent threat landscapes As the market for IoT systems grows, we see a contest between manufacturers all trying to offer the best capabilities at the cheapest price - carrying the dangerous risk of security taking a back seat. This creates a threat climate like never before as these systems become an enticing prospect for attackers.
IoT devices often act as a bridge between the virtual world and the physical, providing a rare opportunity for hackers to interact remotely and making the possibilities almost limitless. Attacks on products like home security cameras or smart fridges might seem mundane – but can allow confidential data to be accessed. Often, this kind of targeting sees victims spied on through their own cameras or their financial information stolen by opportunists who have simply exploited an insecure embedded system. In this setting, the importance of secure updates to
software and hardware in embedded systems has never been more profound.
Potential for huge financial and collateral damage Many embedded systems are constantly vulnerable to new threats due to outdated software and firmware. As soon as an embedded system is built and shipped, attackers start looking for software and firmware vulnerabilities. They often find such vulnerabilities in widely used open source components and, once one is found, they move quickly to exploit it. The ability to safely secure and update a device is therefore critical as the uptake of IoT continues. The famous WannaCry ransomware
outbreak in 2017 highlighted the very need to implement a safeguarded update process, as thousands of systems ranging from ATM machines to information panels and medical equipment became corrupted and caused widespread damage. The only way it was able to succeed was because of old software running on the devices which did not have the required patches downloaded to block the attack. When the Ukrainian power grid became
compromised in 2015, causing 225,000 houses to experience a temporary power loss, the attackers exploited a weak update mechanism to disable critical components. The BrickerBot malware conducted a similar attack on household IoT devices. Thus, we see that a weak update mechanism can be worse than no update mechanism at all!
Tackling threats head-on With the host of cybersecurity risks that now exist, developers must take an instrumental step in protecting devices by
tackling threats head-on. By making security a priority right from the conception of the product through to its design and development, the integrity and infrastructure of an embedded device remain safeguarded throughout its lifetime. No single solution can address the range
of attacks that IoT systems face. Instead, a “defense in depth” approach is recommended, whereby a range of different techniques are employed to detect and manage threats that arise throughout the device’s lifecycle. However, no software or other human creation is perfect; bugs and vulnerabilities will be found after products are shipped. To avoid having these vulnerabilities destroy security, the ability to carry out updates through a protected process must be included in IoT devices, thus permitting remote management of the system’s integrity.
Importance of safeguarding the update process To truly safeguard embedded systems, a thorough and well-vetted form of updating needs to be established. New guidelines from Trusted Computing Group (TCG) set out a series of recommendations that can be followed for a range of different IoT devices to enable such updates and prevent weak links being exploited. Firstly, software developers must
incorporate security into every step of the development process. Developers must do a full security analysis to highlight any essential countermeasures needed to protect the overall integrity and functioning of the system. The identified countermeasures must be deployed, and the system reviewed periodically to see if more or different countermeasures are needed.
The usage of the latest technological
solutions is also suggested. This includes the TCG Trusted Platform Module (TPM), which allows managers of embedded systems to manage the integrity of software remotely with a wide range of commands that allow appropriate action to be taken. Meanwhile, the ability to identify the authenticity and status of software through an agreed value of measurable security standards will assist in an evaluation of the risk levels of devices once deployed. By building in this process, developers can make IoT devices more resilient by being able to meet risks as they arise. Key personnel, such as software
developers, must receive security training so that best practices can continue to be implemented as simple bugs or weak security checks can provide a loophole for attackers to exploit. With any networked device, input validation is critical because attackers often send maliciously crafted messages. A robust incident process enables the response team to quickly and effectively respond to security problems to avoid major embarrassment or financial damage from an ineffective response. Many other valuable security measures are described in the document, including separate lists of advanced techniques for safety-critical systems. As billions more come to rely on the
wide-ranging use of IoT devices, it is crucial that developers can deter ever-emerging risks. By establishing a secure update process, they take the most important step in addressing problems throughout the system’s lifetime.
trustedcomputinggroup.org
Custom PCB Connectors Quality without compromise
Custom pin lengths and header heights for precise board spacing Bespoke connectors for where standard products aren’t up to spec
+44 (0)1256 472000
sales@gtk.co.uk www.gtk.co.uk www.cieonline.co.uk Components in Electronics April 2020 31
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44
