Security for endpoints
When choosing hardware for IoT endpoints, designers should consider several factors to ensure proper protection against hacking and enhance overall security. Here are some key considerations:
- A secure boot mechanism based on a hardware root of trust within the device is essential for preventing the execution of unauthorised code or malware from running. The concept of a hardware root of trust establishes a simple and unchangeable method of verifying the fundamental authenticity of the device, burned in at the time of manufacture, which allows the device to authenticate the boot-up code and, subsequently, the application code before loading. Additionally, devices need protection against the threat of rogue code at times when firmware is updated over the air (OTA). Secure boot and secure firmware update are both predicated on ensuring that only authorised and digitally signed firmware can be loaded and executed on the device. It’s important to assess the vendor’s track record in providing timely updates to apply security patches and maintaining a secure ecosystem.
- With the addition of an embedded secure element (eSE), a microcontroller or system on chip (SoC) can provide secure storage for cryptographic keys and support secure authentication capabilities. Many microcontrollers integrate hardware cryptographic accelerators to protect data from interception or eavesdropping.
- Special features to resist physical attack are also needed, particularly to protect devices that are installed in non-secure areas and can be vulnerable to tampering or side-channel attacks such as power analysis.
- A holistic security approach should also include robust software design, secure communication protocols, and regular security assessments throughout the development lifecycle of the IoT endpoint.
Connecting endpoints to the cloud
Gateways, or data aggregators, handle communication, data exchange, and management between IoT endpoints and the cloud. Often based on an application-class processor such as a multicore Arm Cortex-A system on chip, whereas endpoint devices would run on embedded-class Cortex-M cores, they also tend to take on most of the edge processing workload. They support software platforms that assist interaction with the cloud, such as Azure IoT, and integrate appropriate wired and wireless connection standards.
Typical connectivity includes Ethernet, commonly used in industrial settings and infrastructure deployments where a wired connection to endpoint devices can be established using cables and where applications require low latency and high data transfer rates. Industrial-focused gateways also often support serial communication using protocols like RS-232, RS-485, or Modbus to facilitate connecting to legacy devices that exist in factories for many years.
Wireless communication enables endpoints to be connected in situations where installing cables is inconvenient or impossible. Adding or removing endpoints is also straightforward, requiring no new installation or removal of cables, and wireless allows flexibility to assign the locations of endpoints and change these relatively easily if needed.
WiFi is often used to connect endpoint devices, which allows seamless integration into home automation, consumer electronics, and smart building applications. Longer-range connectivity requirements are served by 3G cellular and dedicated 4G LTE standards such as NB-IoT and LTE-M. As 5G networks roll out, more and more applications are expected to leverage 5G’s built-in provision for massive machine-type communications (MMTC) and ultra-low latency communication (ULLC). Low-Power Wide Area Network (LPWAN) technologies like LoRaWAN and Sigfox are also long-range wireless standards suitable for IoT applications. Depending on the size of the application and the amount of data exchanged over the radio interface, LPWAN can be more cost-effective than cellular.
In addition to these, Bluetooth® is popular for short-range connections to devices like wearables and personal area networks, while others such as Zigbee® are usually chosen for low-power, mesh network deployments in smart homes, industrial automation, and lighting control systems.
Securing the gateway
Hardware-based security features are as important in the gateway as they are in endpoints and may be based on an architecture such as Arm® TrustZone®. TrustZone is optimised for microcontrollers and for application processors, and established isolation between non-secure parts of the system and secure parts that are critically dependent on trust. And physically separates secure and non-secure processing and data storage to combine a high level of protection with minimal impact on execution performance. Generically, this is the same principle as a Trusted Execution Environment (TEE), which provides isolated execution spaces for running critical operations or handling sensitive data.
While assessing devices such as microcontrollers and SoCs for IoT applications, industry-recognised security certifications such as Common Criteria, FIPS 140-2 provide evidence that the hardware has been tested to meet specific security requirements.
The gateway’s connection to the cloud leverages protocols like HTTP Secure (HTTPS) and Transport Layer Security (TLS) to establish encrypted connections, safeguarding data integrity and confidentiality. On the other hand, lightweight messaging protocols such as Message Queuing Telemetry Transport (MQTT) and Constrained Application Protocol (CoAP) are commonly used for IoT device-to-cloud communication. These enable efficient data transmission, with low demand for bandwidth and facilitating real-time or near real-time updates.
While these are dependent on protection such as secure boot and physical attack resistance, in a similar way to endpoint devices, the hardware embedded in gateways tends to have greater resources for handling higher-level software-based security. For instance, they can handle secure communication protocols such as TLS or Datagram Transport Layer Security (DTLS), to encrypt data transmission between the IoT gateway and connected devices or cloud services. Strong access controls and authentication mechanisms are also needed to prevent unauthorised access to the IoT gateway. This includes using unique credentials, implementing two-factor authentication, and regularly updating and rotating passwords.
Firewalls and Network Segmentation are also important security precautions at the gateway level. The firewall restricts incoming and outgoing traffic and allows only necessary communications. Network segmentation minimises the potential attack surface by enabling devices to be separated from critical infrastructure and sensitive systems.
Figure 3: Arm TrustZone explained - a security technology that begins in the hardware of the Arm processor chip, which is the basis for secure boot. There are some Arm processors with TrustZone in both the Arm Cortex-A and Cortex-M series (Source - Microcontroller Tips).
Regular security audits and penetration testing are advised, as well as rigorous monitoring of the gateway's operation and network traffic for potential security incidents.
Conclusion
Advancements in IoT hardware and security are crucial for protecting and ensuring the reliability of connected devices and systems as the IoT continues to expand. Improved sensors offer greater accuracy, power efficiency, and embedded intelligence, while micro-power energy-harvesting systems reduce reliance on traditional power sources and extend device lifetimes.
To address potential vulnerabilities, effective security measures must be implemented. Hardware-based features like secure boot mechanisms, embedded secure elements, and secure storage for cryptographic keys prevent unauthorised code execution and enable secure authentication. Robust software design and physical attack resistance further enhance IoT endpoint security. Gateways play a vital role in connecting endpoints and securing data exchange. Hardware-based security features, secure communication protocols, access controls, authentication mechanisms, firewalls, and network segmentation contribute to gateway security.
Regular security assessments, penetration testing, and monitoring are essential for identifying and addressing security incidents. Prioritising security at all levels, from endpoints to gateways to the cloud, mitigates risks, and ensures IoT advancement. By focusing on IoT hardware advancements and robust security measures, we can confidently embrace the IoT's potential while addressing the challenges posed by its growth.
