2. Motivation
• Supply Chain: A sequence of processes making up
a system, and their integration, spanning many
organisations
• IoT Supply Chain is huge with a large attack
surface
• Large Attack Surface - Security Vulnerabilities &
Security Threats – Huge
• Provide a Map of a specific IoT device supply
chain
• Help to show likely Vulnerabilities and Attacks
3. Characterisation of IoT
Endpoint Types
• IoT: Interconnected objects + people +
systems + resources + services
• IoT Endpoint: a device that is part of
the IoT infrastructure
• Simple Endpoint, serves a singular
purpose e.g. light switch
• Medium-sized Endpoint, e.g. IoT-
enabled washing machines
• Gateway Endpoint, e.g. internet
connected smart TV acting as a Gateway
Endpoint between light bulbs, fridges,
etc., to the control infrastructure
3
4. IoT Lifecycles & Lifecycle Stages –
Keys to understand the challenges
of securing an IoT supply chain
4
Different IoT Lifecycles:
1. IoT device/product/service
lifecycle
2. Stakeholders’ lifecycle
3. Contextual life cycle
4. Data lifecycle
4. Trust relationship lifecycle
IoT Lifecycle Stages:
• Concept
• Development
• Production
• Deployment
• Utilisation
• Support
• Retirement, Sunsetting or
Decommissioning
• Re-commissioning
Many security threats & vulnerabilities in these lifecycles
and stages
6. IoT Supply Chain – Sources of
Vulnerabilities & Attacks
Vulnerabilities
1.People, Policy and
Procedure
Vulnerabilities
2.Platform
Software/Firmware
Vulnerabilities
3.Network
Vulnerabilities
4.Gateway
Vulnerabilities
Attacks
• Malicious insertion of
defect
• Exploitation of latent
vulnerabilities
• Non-cyber attacks e.g.
reducing the accuracy
of physical sensors and
actuators
7. The iPhone Supply Chain –
An IoT Supply Chain Exemplar
Country Num. of Apple
Suppliers in
Country
CHINA 349
JAPAN 139
USA 60
TAIWAN 42
SOUTH KOREA 32
MALAYSIA 21
PHILIPPINES 24
THAILAND 21
SINGAPORE 17
GERMANY 13
VIETNAM 11
…. ….
COMPONENT MANUFACTURER’S
NAME
System-on-Chip TSMC
Baseband Intel
RF Front End TDK Corp.
GNSS Broadcom Ltd.
…. ….
8. Supply Chain Attacker Strategy
• Intelligence and
Planning
• Design and Create
defect
• Insert defect
9. Mitigating Potential Vulnerabilities
in the Supply Chain
• Protect critical information
and systems
• Detect and Respond to
Attacks on Supply Chains
• Recover from Attacks
10. Conclusion and Next steps
• Paper made visible and concrete the supply chain of a
typical IoT device, the iPhone
• Plan to STAMP and STPA for security and hazard
analyses.
• Developed at MIT, both have good track records in
inter-component safety and hazard analyses
• In STPA, failure events, and Accidents, are caused by
safety constraints not successfully enforced
11. STAMP’s four components
of Controller, the
Controlled entity,
Actuators and Sensors
11
Conclusion and Next steps
Apply STAMP &
STPA for Hazard
Analyses of IoT
Supply Chain.
Exciting New
Territory for
Research