What security challenges do smart spaces present?
While the idea of smart spaces has been around for many years, the practice is still in its infancy due to the low adoption rate of IoT devices. Smart spaces can offer numerous advantages, including autonomous management of climate controls, monitoring environmental conditions, determining optimal energy use, and learning from user behavioral patterns to create a more comfortable experience. In fact, the technology needed to make smart spaces — which includes wireless SoCs, sensors, and AI co-processors — already exists.
But while smart spaces may be technically possible to integrate today, there are numerous challenges that they face — and many of these involve security. A smart space that lacks proper security measures containing thousands of individual IoT devices would be a gold mine to any hacker worth their salt.
First, hackers could disrupt the services provided by smart spaces and use this disruption to either commit further crimes or hold the space operator for ransom. Second, a hacker could gain entry into insecure devices, obtain network credentials, and use the network to hide criminal activities. Third, a hacker could potentially take over insecure devices to act as either zombies (devices which can launch DDoS attacks) or to perform operations useful to the hacker (e.g., crypto mining). Fourth, a hacker could utilize such a smart space to track individuals, invade their privacy, and even cause harm to them through the manipulation of the smart space.
Unfortunately, a network is only as strong as its weakest link, and a smart space that contains thousands of devices could be left entirely vulnerable thanks to one device having poor security standards. As such, smart spaces are highly susceptible to cyberattacks — and ensuring security at every level is of the utmost importance.
How do common practices hurt security?
Despite cybersecurity threats having existed for more than 30 years, bad practices still persist in most industries.
One such bad practice is the use of symmetric keys used to encrypt data. Now, there is nothing wrong with a symmetric key if that key is unique, long, and securely stored; even microcontrollers from 20 years ago can easily support such keys with the use of memory protection and on-chip storage. And yet many manufacturers continue to use symmetric keys that are common among all devices manufactured, meaning that breaking a single device gives a hacker access to all other devices. A recent example of this poor practice comes in the form of Siemens Simatic PLCs, which were all found to use the same symmetric key for data protection.
On the topic of using common symmetric encryption keys, common passwords are also found on some consumer devices and were extremely prevalent prior to 2020. This was particularly a problem for internet-connected devices such as routers and IoT sensors that would be manufactured in the millions and distributed around the world. As many of these devices had the same default admin username and password, it would often be easy for a hacker to gain access to vulnerable devices. In conjunction with commonly used passwords, these passwords would also be easy to guess such as “admin,” “password,” and, in some cases, no password whatsoever.
Another common challenge faced with earlier IoT devices is the lack of SSL/TLS support. This lack of encryption support means that any data sent over networks is unencrypted, and this allows for packet snooping to identify server addresses, usernames, and passwords. While the credentials for an IoT device may seem benign, it could allow a hacker to access customer data, including addresses, credit card details, and habits — all of which can be used.
Even though networks can deploy strong security keys for Wi-Fi access, infrequent changing of passwords can open up networks to brute force attacks. In fact, it only takes a hacker to identify the Wi-Fi password from a discarded device or on a piece of paper to have internal access, and a lack of password changing provides the hacker with indefinite access. Of course, networks that use ethernet ports can become even more vulnerable if credentials are not required, and this is commonly the case with LAN. A single, exposed ethernet port can give a hacker full internal network access, thus allowing a hacker to launch all kinds of attacks.
One such example where poor design resulted in a serious security flaw is IKEA’s range of smart lights. These lights utilize the Zigbee protocol, but poor implementation of this protocol would cause the light to reset if broken packets were received. This alone is not problematic, but when considering that the light undergoes a factory reset after five consecutive power cycles, glitching the Zigbee protocol five times (which is done remotely) gives a hacker ownership of the light.
How does security hardware help with such challenges?
While software solutions can provide devices with a large amount of security, not every problem can be solved in software. This is generally due to how software security works, and if malicious code can bypass operating systems and software security (particularly during boot), it is virtually impossible to remove. In such cases, hardware security can provide devices with a fundamental level of protection that is immutable, and in some cases, unbreakable. This is because the hardware is more fundamental than software, effectively sitting below — meaning that any malicious software can be trapped by the hardware.
Hardware cryptography is one such example of hardware security that isn’t dependent on software, and its hardware nature makes it impossible to hack and alter. True random number generators based on physical properties such as noise and temperature cannot be altered in software, and hardware encryption engines are designed on a logic level, leaving little room for errors. By comparison, software encryption via routines can have malicious code injected to produce predictable results — or outright disable the encryption process.
Trusted platforms are another example of hardware security that sits outside of software and ensures that only authorized code is used to boot a system. Such systems are becoming exceptionally important in the fight against malware, as malware that enters the boot sequence can be particularly difficult to detect and remove.
Privilege levels are used in processors to prevent code from executing dangerous code that could allow access to protected areas of memory and access I/O devices. Privilege levels have been around for decades and can be regarded as being one of the earliest forms of on-chip hardware security.
On-the-fly encryption circuits are also starting to emerge that encrypt and decrypt data as it’s being used. By placing such a circuit between a CPU and RAM, it is possible to encrypt all data that physically leaves the CPU, thus making memory peaking pointless. While these functions are still in their infancy, they will likely become popular in future microcontrollers and processors that need to store data off-chip.
Tamper-protection pins are commonly found on higher-end semiconductors that may contain sensitive information internally. Tamper pins will be connected to specific voltages only known to the engineer during the design of the board, and if the chip is removed and powered up externally to the PCB, the change in tamper pins can trigger a memory wipe (or some other shutdown feature). Such pins protect a device from external physical attacks, something that software is rarely able to do.
Finally, on-chip AI engines are starting to make their way into devices that are capable of monitoring internal data buses, voltage levels, and I/O access. Over time, these engines learn to recognize what normal behavior is; if malicious code starts to run, this unexpected execution is detected, causing the AI engine to take action through system calls.
What platforms currently exist for engineers?
One processor range that is commonly associated with strong protection features is ARM, which often includes hardware cryptography, trusted boot systems to ensure code integrity, and privilege levels to prevent user code from interfering with system-level components. For example, the recently released STM32MP157D incorporates a dual-core ARM Cortex-A7, which includes TrustZone, AES256 and TDES encryption, a secure boot, SHA-256, secure RAMs, secure peripherals, an analog true random number generator, and a unique 96-bit ID that is pre-programmed.
Engineers looking to simplify their designs can turn to System-on-Modules (SoMs), as they combine most system components needed to work with a particular processor. For example, OPEN-Q™ 624A SOM provides engineers with an Android-powered, production-ready module that integrates connectivity for HD cameras and touchscreens while also providing built-in Wi-Fi, Bluetooth, and numerous I/O. Such devices have been particularly useful for those creating IoT security devices, thanks to the secure nature of Android and the many security features boasted by the ARM microprocessor.
Finally, engineers can look into creating secure network infrastructure that supports IoT devices in smart spaces. For example, the Sentrius™ IG60 Wireless IoT Gateways from Laird provide engineers with a secure network that provides multiple connectivity and security options. The use of the SAMA5D36, which itself is powered by an ARM core, provides many hardware security features including secure boot and Trust Zone.
Integrating security from the ground up
If smart spaces are to become a reality, devices need to integrate security from the ground up. But while many will consider software solutions to make devices secure, the hardware which devices run off is also incredibly important. Choosing a secure platform not only massively helps engineers by simplifying security but also makes it significantly harder for malware to run. The rise of System on Modules (SoMs) will undoubtedly help engineers create more complex designs by eliminating the need to handle low-level system design, thus reducing the number of factors that can go wrong. In addition to this, the use of complex SoMs capable of running more complex operating systems allows for additional security software routines to be executed in parallel to other tasks, and operating systems such as Linux can help to offload these tasks from engineers, who can then focus on the primary function of their design.
See related product
See related product
