The IoT is transforming everything from wind turbines and factory automation to critical infrastructure. But with this smart, connected world comes an increased and very real threat of cyberattacks. While the need to build defenses to such attacks is understood, organizations may not have the tools, skill set or bandwidth to develop security measures themselves.
Many, instead, seek solutions that allow appropriate security to be integrated into their systems quickly and easily, leaving them free to focus on core competencies and delivering competitive advantage.
IoT security challenges
Another common issue facing IoT devices is that they are often resource-constrained and do not contain the compute resources necessary to implement strong security. As such, many devices do not or cannot offer advanced security features.
For example, sensors that monitor humidity or temperature cannot handle advanced encryption or other security measures. Plus, as many IoT devices are “set it and forget it” — placed in the field or on a machine and left until end of life — they hardly ever receive security updates or patches.
From a manufacturer’s viewpoint, building security in from the start can be costly, slow down development and cause the device not to function as it should.
Connecting legacy assets not inherently designed for IoT connectivity is another security challenge. Replacing legacy infrastructure with connected technology is cost-prohibitive, so many assets will be retrofitted with smart sensors. However, as legacy assets that likely have not been updated or ever had security against modern threats, the attack surface is expanded.
In terms of updates, many systems only include support for a set timeframe. For legacy and new assets, security can lapse if extra support is not added. And as many IoT devices stay in the network for many years, adding security can be challenging.
IoT security is also plagued by a lack of industry-accepted standards. While many IoT security frameworks exist, there is no single agreed-upon framework. Large companies and industry organizations may have their own specific standards, while certain segments, such as industrial IoT, have proprietary, incompatible standards from industry leaders. The variety of these standards makes it difficult to not only secure systems, but also ensure interoperability between them.
The convergence of IT and operational technology (OT) networks has created a number of challenges for security teams, especially those tasked with protecting systems and ensuring end-to-end security in areas outside their realm of expertise. A learning curve is involved, and IT teams with the proper skill sets should be put in charge of IoT security.
Industrial Internet of Things (IIoT) are increasingly the target of cyberattacks
For many companies, digital transformation through IIoT implementation is seen as fundamental to delivering competitive products, optimizing productivity and continuously improving business performance. Unfortunately, devices on the Industrial Internet of Things (IIoT) offer attackers extra opportunities for disrupting business and causing damage to property and people.
Intercepting data from industrial control systems can reveal manufacturing secrets, potentially exposing a source of competitive advantage. If devices can be taken over or cloned or spoofed, exploits can include corrupting sensor data, shutting down critical systems, and sending false control commands that can pose a serious threat to safety. Major examples include the Stuxnet attack that affected Iran’s nuclear program and Black Energy 3 that reportedly shut down part of Ukraine’s electrical grid.
Studying cyber-attacks has taught the industry much about the weaknesses they exploit. As that knowledge grows, so security best practices and standards develop. These help system architects to understand the protection their assets require and techniques to resist attacks. IEC 62443, for example, founded on a risk-based analysis of potential threats, is emerging as an international standard for cyber security.
By assessing the risk to a system based on the consequences and impact of a successful attack, IEC 62443 defines five security levels (figure 1), covering devices from those that do not require protection to those that require the highest levels of threat resistance.
For the higher security levels (i.e. level 3 and 4) of IEC 62443, hardware-based security is a requirement to protect the device authenticators, the private keys and also critical symmetric keys to name some examples. The advantage of storing critical secrets and data within a discrete hardware chip comes with enhanced protection as a dedicated security chip is hardened against logical as well as physical attacks, whereas with Software-only methods the barriers for logical attacks are much lower.
It’s all in the cyber security mix
Mutual authentication between end nodes, the devices they connect with (e.g. a gateway) and/or the cloud allows only genuine, uncompromised devices to communicate – as shown in figure 2.
Without robust authentication, it may be possible to connect to, clone or load malware onto a genuine device. ‘Bad actors’ can then subsequently exploit the connection to disrupt the proper functioning of products or services, or intercept data. In addition, authentication protects providers of products or services against misuse by customers. Failures in the field can occur when non-genuine spare parts are used or counterfeit devices are inserted or an unauthorized repair is attempted. Authentication highlights rogue activity, ultimately saving the provider bearing the costs of rectification.
In practice, effective cyber-protection relies on several commonly employed defenses as illustrated in figure 3. These include secured communications, secured boot sequence of connected devices, and secured processes for applying firmware updates over the air (OTA).
Securing communications is important to prevent malicious agents interacting with connected devices or eavesdropping to gain intelligence or steal IP. In addition to authenticating components and personnel, and enabling connected devices to have unique credentials, encrypting exchanged data is also necessary to prevent these types of attacks. Where devices are to receive OTA (over-the-air) updates, securing this process is essential to prevent malicious software being introduced. Authentication and integrity checking is again essential, together with securing the loading mechanisms and signing and/or encrypting the code to be loaded. Secured boot processes using techniques such as code signing provide further protection for connected devices when they are most vulnerable to attack.
Although digital transformation offers irresistible business benefits, the security challenges presented by the IIoT must be handled effectively. A thorough analysis of the cyber security threats is key to develop a robust and long lasting cyber security implementation. Dedicated security chips play a crucial role in the cyber security mix and help provide robust protection for connected assets.
They are benefiting from hardware immutability and compliance with industry standards while being ready to design-in quickly and efficiently.