One of the truisms of security for electronics is that the more prevalent, feature-rich or valuable a system, the more likely it is to attract the attention of hackers or criminals. If you look back several years, viruses for Mac OSX were very few and far between - but as OSX grew in popularity, attacks became more common. Applying this logic to the IoT, where there are already billions of connected devices, we can see the importance of adequate security.
As we connect more and more device types to the IoT, the consequences of attack become greater. Risks include identity theft, device manipulation, data falsification, IP theft and even server/network manipulation. It is one thing to have data on a hard drive compromised or an isolated computer rendered unusable. The IoT, however, connects smart homes, Industry 4.0 factories and even vehicles, exposing them all to potential security vulnerabilities. Security can no longer be an afterthought; it has to be central to any design strategy for a connected device.
When considering strategy for securing connected devices, we need to address three key elements:
- Solid security processes
- Strong isolation of security code and keys
- Protection against remote and physical attacks
One approach to security systems relies exclusively on software implementations. This has been popular in the past as no additional components were required and regular updating to the latest techniques was relatively easy. But the 'software only' approach also is vulnerable to physical attacks and / or vulnerabilities that exist in even the highest quality code. As a result, a hardware-based approach is now recognized as an important part of security strategy.
One way to bring hardware into the equation allows critical code to be located and executed in a specially created area of the microprocessor that serves as the “brain” of the system. While this does not normally require additional components, it does add a relatively small cost to the chip design. The resulting security is stronger than a purely software solution, as this approach provides a solid process as well as code and key isolation.
However, implementing a trust zone in this way does not eliminate all the potential vulnerabilities. The code remains on the same processor and will, inevitably, share resources such as memory. This leaves the system vulnerable to risks associated with code from outside the trust zone. Additionally, physical attacks can be rendered fairly easily with this approach, meaning that it is only really a potentially viable solution if the physical security of the device can be assured.
Introducing a dedicated security processor takes security to the next level, meeting all of the three key criteria listed above. The security processor may have its own dedicated resources, including secure memory, which removes some of the key vulnerabilities of the previous approach. In this case security code is executed entirely within the trust zone and there is little opportunity to leverage interface points from the outside world.
While this methodology does add some components, it also significantly simplifies system design. This is because the security code is completely separate and does not have to be 'woven into' the general operating code. In turn, this presents the opportunity for the security code, instantiated as part of the security processor, to be created by a dedicated team of experts without impacting the overall system development cycle.
When it comes to portable and wearable devices that exist within the IoT, the pressure to economize on space and component cost is huge, and is possibly one of the reasons that tempt developers to cut corners with security. However, that does not have to be the case. For example, OPTIGATM Trust X from Infineon, a company that has been providing security solutions for around 30 years and has shipped almost 20 billion security controllers worldwide. This dedicated security processor is optimized for IoT devices. Developed to minimize integration effort, it is ideal for customers who lack security expertise but nonetheless need fast time-to-market. It is a premium security solution with a small footprint, high performance and low power consumption.