Over the past year, there have been a rush of Internet of Things (IoT) cyber-attacks, the most famous of which was the IoT Denial of Service attack on Dyn that disrupted internet traffic for a day. As more IoT devices are deployed, the frequency of serious cyber-attacks will only increase, and increase quickly. Many consumer IoT manufacturers are under intense schedule and cost pressures where a delay to add cyber security could be the difference between success and failure. Industrial IoT companies have a different problem, where long product lifecycles make security difficult to manage and almost impossible to retroactively deploy.
There are no silver bullets in this situation, but the best way for both Consumer and Industrial IoT companies to dramatically improve security quickly and cheaply is through Trusted Computing. Trusted Computing is based on a specialized chip called the Trusted Platform Module (TPM) 2.0 - the hardware root of trust - and a Trusted Software Stack (TSS), like TrustSentinel 2.0 from OnBoard Security. A TPM can securely store passwords, certificates, and encryption keys used to authenticate the platform. A TPM can also store platform measurements to ensure that the platform's software has not been altered. Since these checks are all done prior to the Operating System booting, Trusted Computing can prevent malware from infiltrating the system.
When correctly implemented and managed, Trusted Computing will reduce or eliminate some serious security vulnerabilities. I'll summarize a few of the more common ones here:
Defense against Root/Boot Kits
One of the most devastating attacks on IoT is the use of Root Kits and Boot Kits, which reside outside of the standard file systems and launch before the operating system. Trusted Computing "takes a picture" of the normal state of the system and detects anomalies like Root/Boot Kits, preventing the malware from infecting the system and restoring the IoT device to a clean state. Trusted Computing also protects user keys from being exposed even when the unit is infected.
Data Confidentiality, Integrity, and Availability
Data stored on an IoT device should be protected, whether it is private user information or company data used for billing. Trusted Computing keeps hackers from stealing or changing data, or from using that data to falsely impersonate an authorized device.
Fraudulent IoT devices shouldn't be allowed access to IoT services. The servers which manage IoT devices must be strongly identified so that cyber-impersonators cannot take control of an IoT ecosystem. Trusted Computing provides strong authentication with IoT services or with other IoT devices, preventing malicious access.
Many IoT devices need to be securely managed remotely, because physical access to the millions of IoT devices is cost prohibitive. Trusted Computing gives IoT manufacturers a secure capability for managing large numbers of IoT devices from a central control point and allows the devices to be recovered and fixed remotely after a cyber-attack occurs.
End User Provisioning
Both Consumer and Industrial IoT devices need a way to provision policies and credentials to end users. Sometimes this provisioning takes place during first use by the end user. Trusted Computing offers an avenue for these devices to be securely provisioned.
Hardware Tampering protection
Some IoT devices, especially Industrial IoT, are vulnerable to hardware tampering, including the replacing of memory or other ICs with hacker-programmed devices. Trusted Computing makes it expensive and very difficult to successfully tamper with the hardware of an IoT device.
Software/Firmware version and updates
Invariably, security vulnerabilities will be discovered. IoT companies need to know which devices in the field are impacted and how to update them securely with patches. Trusted Computing provides a mechanism for determining software/firmware versions and finding a secure way to install updates.
These are just a few of the more powerful security use cases of Trusted Computing. A more complete list of use cases can be found at the Trusted Computing Group website.
If you are new to TPMs and Trusted Computing, you may be unsure how to begin. OnBoard Security offers consulting services and software to make your transition to a secure IoT system proceed quickly and efficiently.