How to create a secure IoT device
•Download as PPTX, PDF•
0 likes•231 views
Some core principles to guide developers towards creating secure IoT devices. Why. Because not having security is not an option anymore.
Recommended
More Related Content
What's hot
What's hot (20)
Similar to How to create a secure IoT device
Similar to How to create a secure IoT device (20)
Recently uploaded
Recently uploaded (7)
How to create a secure IoT device
- 1. IT’S ONLY SMART….. IF IT’S SECURE AKA HOW TO CREATE A SECURE IOT DEVICE MIKE HENDRICK VP ENGG. SEQUITUR LABS INC.
- 2. 2 Kudos! Copyright Sequitur Labs Inc. 2017 If you are thinking about IoT security……… …………you are way ahead of the game
- 3. 3 • Smart Home • Smart Building • Smart Car • Smart Medical Devices • Smart Cities • Smart Grid • Smart Wearables Opportunity: Smart Future……. Copyright Sequitur Labs Inc. 2017
- 4. 4 Problem: The “Smart” Future …… Copyright Sequitur Labs Inc. 2017 …….it has it’s own - Viruses - Malware - Hacker community This lightbulb is so “smart”……….
- 5. 5 Multiple connectivity options • WiFi • Bluetooth • BLE • Whatever……… “Smart” lightbulbs Copyright Sequitur Labs Inc. 2017 Connects to your • WiFi network • Phone • Other devices What does it do? • It stores your network credentials • Knows what devices it should connect to
- 6. 6 Hmmmm……So What? HACKERS CAN USE THIS INFORMATION TO GET INTO YOUR NETWORK AND STEAL • Passwords • Financial information • Attack webcams (been there, done that) • Steal health related information • Control security systems Copyright Sequitur Labs Inc. 2017
- 7. 7 Say it Ain’t So!! Copyright Sequitur Labs Inc. 2017 A connected lightbulb is a “portal” into - Your home - Your life - Your family - Your friends
- 8. 8 Bottom-line: IoT without Security……. Copyright Sequitur Labs Inc. 2017 ….. is like handing over the keys to your kingdom
- 9. 9 • Smart Home • Smart Building • Smart Car • Smart Medical Devices • Smart Cities • Smart Grid • Smart Wearables This Could Happen to ANY Connected Device in ANY Sector Copyright Sequitur Labs Inc. 2017
- 10. 10 HELP!! Copyright Sequitur Labs Inc. 2017 Where do I start? • Define the threats • Design for Security • Select the right platforms
- 11. 11 Defining the Threats Copyright Sequitur Labs Inc. 2017 • Firmware Theft • Malware • DDoS Attacks • Man-in-the-middle • Physical attacks • Corrupted firmware • Compromised peripherals Devices need protection throughout their life cycle • Create • Operate • Retire
- 12. 12 Security Threats Faced by A Device Copyright Sequitur Labs Inc. 2017 • IP Theft • Unauthorized manufacture • Cloning Create Operate Retire • Compromised communications • Compromised upgrades • Data theft • Firmware corruption • Malware • DDoS • Data theft • Stolen network credentials • IP Theft • Cloning Threats
- 13. 13 Design For Security - Through The Lifecycle Copyright Sequitur Labs Inc. 2017 • IP Theft • Unauthorized manufacture • Cloning At Manufacture • Establish hardware root of trust • Securely inject unique keys and certs at manufacturing • Immutable device ID Threats Security Measures
- 14. 14 Design For Security - Through The Lifecycle Copyright Sequitur Labs Inc. 2017 • Compromised communications • Compromised upgrades • Data theft • Firmware corruption • Malware • DDoS During Operation • Trusted boot process • Hardware based isolation of critical material • Payload authentication • Authenticated communications • Tamper resistance • Trusted remediation Threats Security Measures
- 15. 15 Isolation Technology Example: ARM TrustZone Copyright Sequitur Labs Inc. 2017 • Secure /Non-Secure States • Low impact context switch • Controlled access to resources • Crypto resources • Security applications • Keys • Peripherals
- 16. 16 Design For Security - Through The Lifecycle Copyright Sequitur Labs Inc. 2017 • Data theft • Stolen network credentials • IP Theft • Cloning Retiring The Device • De-authorize devices • Wipe stored data • Secure command and control Threats Security Measures
- 17. 17 Security Through The Device Lifecycle - Summary Copyright Sequitur Labs Inc. 2017 • IP Theft • Unauthorized manufacture • Cloning Create Operate Retire • Compromised communications • Compromised upgrades • Data theft • Firmware corruption • Malware • DDoS • Data theft • Stolen network credentials • IP Theft • Cloning • Hardware root of trust • Inject unique keys and certs at manufacturing • Immutable device ID • Trusted boot process • Hardware based isolation of critical material • Payload authentication • Authenticated communications • Tamper resistance • Trusted remediation • De-authorize devices • Wipe stored data Threats Security Measures
- 18. 18 Selecting The Right Platform – From a Security Perspective Copyright Sequitur Labs Inc. 2017 • Hardware Platform Considerations • MCU v/s MPU • Hardware isolation technologies • Hardware crypto accelerators, TRNG • Tamper detection, resistance • Secure debug capabilities • Device/Application Use Considerations • Connectivity/data transmission (example – device pairing, cloud connectivity) • Peripherals that need security (example – biometric readers) • Application data that need securing (example – patient info in medical device) • Application processes that need securing (example – financial transactions)
- 19. 19 Key Takeaway Copyright Sequitur Labs Inc. 2017 It’s only Smart if it’s Secure
- 20. 20 More Stuff Here…. Copyright Sequitur Labs Inc. 2017 • CoreTEE: http://www.sequiturlabs.com/coretee/coretee-demo/ • CoreLockr-TZ: http://www.sequiturlabs.com/corelockrtz/corelockr-tz-demo-for-secure-iot/ • End-to-End Security Use Case: https://youtu.be/C0fCUgBvzDc • ARM and Sequitur Labs Demonstrate Secure IoT Systems: http://www.sequiturlabs.com/media_portfolio/arm-sequitur-labs-demonstrate-secure-iot-systems/ • Sequitur Labs Shows Real-World Use of New TrustZone for v8-M Platform: http://www.sequiturlabs.com/media_portfolio/sequitur-labs-shows-real-world-use-of-new-core-m-platform/
- 21. 21 Talk To Us..... Copyright Sequitur Labs Inc. 2017 • We can help. • We like helping. • Really. • Try us out! www.sequiturlabs.com info@sequiturlabs.com