Categories

Editor's Choice
Multimedia, Videos
AI & ML
Analogue, Mixed Signal, LSI
Circuit & System Protection
Computer/Embedded Technology
Design Automation
DSP, Micros & Memory
Edge Computing & IIoT
Electronics Technology
Enclosures, Racks, Cabinets & Panel Products
Events
Interconnection
Manufacturing / Production Technology, Hardware & Services
News
Opto-Electronics
Passive Components
Power Electronics / Power Management
Programmable Logic
Smart Home Automation
Switches, Relays & Keypads
Telecoms, Datacoms, Wireless, IoT
Test & Measurement





Telecoms, Datacoms, Wireless, IoT



Print this page printer friendly version

The five pillars of secure IoT design

19 April 2017 Telecoms, Datacoms, Wireless, IoT

For any industrial Internet of Things (IoT) application, ensuring signal integrity is crucial for safety and operational reliability. However, even the most robust system has many attack surfaces that are vulnerable to would-be ­hackers intent on compromising a system. This is unacceptable for high-reliability systems in general, but as more contextual information gets added, including time and position, the level of compromise increases dramatically, so gaps in security must be identified and closed at every opportunity.

In the case of an IoT sensor, a chain of trust must be established from the sensor to the microcontroller and wireless module, and all the way through to the end application. In industrial applications for the IoT, every attack surface must be secured in order to establish a chain of trust. u-blox refers to this as its five pillars of secure IoT design:

• Device firmware and Secure Boot.

• Communications to the server.

• Interface security.

• Enforcing API control.

• Robustness that includes handling spoofing/jamming.

Secure Boot ensures that a device is executing the intended firmware by authenticating at each stage before booting the next process. Also, while over-the-air updates are useful for mass uploads of many widely deployed IoT devices, they create an attack surface that can be vulnerable, so all firmware must first be validated before being installed. A good implementation will include a backup of a previously authenticated image to allow backtracking if there is a problem.

At the communications or transport layer, a device needs to be able to authenticate itself with the server and all exchanged data should be encrypted, with no possibility of a ‘man in the middle’ attack. Secure key management will allow for this, even on a per-session basis.

The defined APIs that provide access to device functionality are also a vulnerability that must be addressed, though they are often overlooked. This is particularly insidious as hackers usually have a lot of time to look for open APIs and explore their relationship to device functionality and features, which sometimes might include access to paid services. Also, developers often use undocumented APIs for their own test and configuration purposes, so these must be protected too, using the same formal authentication and authorisation processes as used for all APIs.

The fifth link in securing IoT devices involves ensuring robustness, such as when facing jamming or spoofing attempts that might undermine the device’s ability to get accurate position data from a GNSS. The design must be able to detect that the reported information is not accurate and report the situation to the user or IoT network operator.

For more information contact Andrew Hutton, RF Design, +27 (0)21 555 8400, [email protected], www.rfdesign.co.za



Credit(s)

Tel: +27 21 555 8400
Email: [email protected]
www: www.rfdesign.co.za
Articles: More information and articles about RF Design


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The trends driving uptake of IoT Platform as a Service
Trinity IoT Editor's Choice Telecoms, Datacoms, Wireless, IoT
IoT platforms, delivered as a service, are the key that will enable enterprises to leverage a number of growing trends within the IT space, and access a range of benefits that will help them grow their businesses.

Read more...
RF power amplifier
RF Design Telecoms, Datacoms, Wireless, IoT
The ZHL-20M2G7025X+ from Mini-Circuits is a 32 W power amplifier that operates from 20 to 2700 MHz and delivers a saturated output power of +45 dBm.

Read more...
Introducing the Quectel EG800Z series
iCorp Technologies Telecoms, Datacoms, Wireless, IoT
The EG800Z series is Quectel’s latest ultra-compact LTE Cat 1 bis module, designed to deliver reliable connectivity, low power consumption, and robust performance across a wide range of IoT applications.

Read more...
NeoMesh on LoRa
CST Electronics Telecoms, Datacoms, Wireless, IoT
Thomas Steen Halkier, CEO of NeoCortec, recently gave a keynote speech where he spoke about “NeoMesh on LoRa: Bringing true mesh networking to the LoRa PHY”.

Read more...
Modules upgraded with Direct-to-Cell tech
iCorp Technologies Telecoms, Datacoms, Wireless, IoT
Quectel Wireless Solutions has announced that several of its LTE modules are now available with Direct-to-Cell (D2C) functionality, enabling devices to seamlessly connect to satellite networks.

Read more...
USB/Ethernet smart RF power sensor
RF Design Telecoms, Datacoms, Wireless, IoT
The PWR-18PWHS-RC from Mini-Circuits is an RF power sensor that operates from 50 MHz to 18 GHz and is designed to capture pulsed and trace modulated signals with very high data resolution.

Read more...
Tiny Bluetooth LE + 802.15 + NFC module
RF Design Telecoms, Datacoms, Wireless, IoT
Unleashing enhanced processing power, expanded memory, and innovative peripherals, the BL54L15µ from Ezurio is the ultimate choice for small and low power connectivity.

Read more...
Trasna and RF Design announce distribution agreement
RF Design News
Trasna and RF Design have announced a strategic distribution agreement for cellular IoT solutions which will ensure seamless availability of Trasna’s cellular connectivity solutions.

Read more...
AI modules for edge intelligence
Otto Wireless Solutions Telecoms, Datacoms, Wireless, IoT
SIMCom has introduced two new entry-level AI computing modules, the SIM8668 and SIM8666, designed to bring intelligent capabilities to lightweight, energy-efficient edge devices.

Read more...
High performance ISM antennas
iCorp Technologies Telecoms, Datacoms, Wireless, IoT
Quectel Wireless Solutions has announced the launch of two new high performance ISM antennas, designed to meet the need for wireless communication in devices that operate in the industrial and commercial applications.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Publications by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  Hi-Tech Security Solutions
»  Hi-Tech Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd | All Rights Reserved