(Source: buffaloboy/Shutterstock.com)
Many challenges face embedded development engineers tasked with implementing effective security measures. Knowledge of what is being protected, the threat landscape, and specific attack vectors to be protected against is necessary. Not to mention the added urgency that comes with overreported, high-profile breaches.
Securing embedded devices is no longer optional. As more products became connected, the primary perceived attack vectors originated from internet traffic, but now entire embedded systems are subject to constant and varied threats.
Developers can employ several techniques that make the task of securing systems much easier. Silicon Labs is a founding member of the ioXt Alliance, an industry-led initiative that, with partner collaboration, has led to the creation of eight key principles. We will discuss these principles in this post, which include:
Often, high-volume consumer devices are all shipped with the same default password. Typically, users want to quickly deploy their new device, so many do not take the simple step of changing the default password to a new one. Shipping each new device with a unique factory-programmed password is a simple first step in making it more difficult for adversaries to gain access to or take control of, potentially, hundreds of deployed devices.
Any microcontroller-based device has a multitude of interfaces and ports that can be accessed either locally or remotely. The primary application will use some of these ports during operation and for communications. However, the rest–particularly any that function as external communication interfaces must be secured. Likewise, any IC-to-IC interfaces—such as between the microcontroller and a display controller—must be secured. It is recommended that all interfaces be encrypted and authenticated during use.
In a world of open and interoperable technologies, the use of industry-recognized, open, and proven cryptographic standards is essential. The use of closed, proprietary cryptographic algorithms is not recommended. The use of open cryptographic standards encourages participation by all developers, engineers, and stakeholders to be continually evaluated for potential vulnerabilities against new security threats.
It is essential that when a consumer purchases a new device, it is already set for the highest possible levels of security. Shipping a product with no or minimal security options configured can pave the way for adversaries to take advantage. The consumer out-of-box security experience should be that all possible security measures are enabled. Developers should not leave a consumer unprotected by default.
With the increasing number of consumer smart-home devices that can update themselves automatically over the air being shipped, the priority is that every update should be signed cryptographically. In this way, hackers are prevented from attempting to update a device with malicious code.
Consumers shouldn't have to become administrators of their own devices, faced with deciding whether to update a product's software image. If an update needs to be made, it should be deployed and implemented automatically. Moreover, updates should be applied at times when they will not compromise the device's operation. For example, a smart-connected washing machine should not be updated while the machine is in use.
Often, consumers who experience a problem with their embedded smart-home device are unsure who to contact. Has it been compromised? Is there a new vulnerability that should be reported? This principle pledges that product manufacturers will create a means for customers to report problems and communicate their concerns regarding product security.
As with product warranties, which have an expiration date after purchase, the period during which security updates are available should also be defined and communicated to the consumer. Continuing to support a product with security updates involves continued engineering costs, so consumers need to make informed decisions at the time of purchase. Manufacturers also have the option to offer extended warranties to offset ongoing security updates.
The detailed explanation of how we embrace these principles can be found in the Silicon Labs – IoT Endpoint Security Fundamentals document.
We already have far more control over our homes than we could imagine a few years ago, thanks to the IoT, and that is not slowing down. This means preparing for the next generation of cyber criminals will be a challenge we solve as an industry. Silicon Labs’ state-of-the-art Secure Vault has been designed to help connected device manufacturers address these evolving threats by protecting from unauthorized access and guaranteeing chip authenticity. Secure Vault strengthens product security, future-proofing, and addresses security regulation without adding cost or complexity through over-the-air updates.
Secure Vault features are:
Securing IoT systems can be challenging. Silicon Labs, and industry partners, created the ioXt Alliance. This alliance set forth eight principles to include in an IoT security plan. These principles are:
The Eight Principles of IoT Security blog was written by Jackie Padgett and was first published on the Silicon Labs website.
Jackie Padgett serves as Corporate Marketing Manager for Silicon Labs where she oversees the company’s global public relations, communications, and corporate responsibility programs.