1
Security for the Internet of Things (IoT)Challenges & Opportunities
Anand Rajan
Director, Emerging Security Lab
Intel Labs
August 2015
© 2015 Intel Corporation
2
Motivation
Challenges & Key Research Problems
Summary / Call to Action
Demo
Outline
3
Internet of “Things” or “Threats”? *
“Crypto weakness in smart light-bulbs exposes Wi-Fi passwords” (July 2014)
“Internet of Things has arrived – and
so have massive security issues”
Jan
2013
“The Internet of Things is set to change
security priorities”
April
2013
“IoT Cyber-attack by 100000 smart appliances” (Jan 2014)
“Scariest search engine on Internet”
Jan
2013
* Computer Technology Review, March 2015
“Smart Nest Thermostat: A Smart Spy
in your Home”
Aug 2014
Hackers Remotely Kill a Jeep on the Highway — With
Me in It ...
July 2015
4
• Combination of Wearable and IoT Computing
with Ubiquitous Connectivity creates a very
dynamic threat landscape
• Tendency at these design points is for security
to lose out due to cost and energy constraints
• Security Solutions for IoT apps that require a large number of devices
“The State of Embedded-Device Security (Spoiler Alert: It's Bad)” (Sep 2012)
Need for Security in IoT
5
What is unique about IoT security?
Impacts the Physical World
Highly Constrained Environment
Power, Performance, Die-Size, Development Cost, UI
Large & New Threat Surface
IoT system needs to be Robust, Survivable, Dependable
Significance of DOS attack
Physical Access to Devices makes Tampering easier
Heterogeneous Devices, Multiple Protocols make it harder to Secure
Crypto Algorithms need to outlive the long Industrial IoT Product Lifetimes
6
Security Across IoT Verticals
TransportationEnergy
Smart
BuildingsEnvironment
Monitoring RetailMedical
Smart
Factories
7
Example: IoT Transportation Usage
Confidentality & Privacy Data Authenticity Availability & Safety
Smart Highways Tracking of User Location Correct Billing andMetering
Accidents and CapacityReduction
Inventory Tracking Tracking may leak Company Strategies
Costly Misrouting of Inventory
Commerce Interruption,Shortage of Goods
8
Example: IOT Smart-Buildings Usage
Confidentality & Privacy Data Authenticity Availability & Safety
Building Management
Data on User Activity and Energy Consumption
Forging control messages can overheat spaces and harm equipment
Replaying valid control messages en masse can overwhelm system
Public Infrastructure Monitoring
Personalized Data Delivery (ads) vs. the danger of Big Brother always watching
Emergency Services dispatched unnecessarily
May bring Digital City to a standstill if unavailable
9
Example: IOT Environmental Monitoring Usage
Confidentality & Privacy Data Authenticity Availability & Safety
Urban Noise Mapping
Transmitting recordings instead of noise levels
Unknown problems go unfixed by municipality
Phone crashes
Emission Monitoring
Potential to harm reputations, esp. if unintended emissions
Polluters may continueto pollute, health risks; framing of innocents
Factory closures based on incomplete data
10
Security Foundation for IoT
Secure IoT
Endpoints
Secure IoT
ConnectionsSecure IoT
Lifecycle
TransportationEnergy
Smart
BuildingsEnvironment
Monitoring RetailMedical
Smart
Factories
11
Outline
Motivation
Challenges & Key Research Problems
Summary / Call to Action
Demo
12
Challenge #1: Secure IoT EndpointsEndpoints must underpin Security
• HW Root of Trust
• Secure Boot
• Lightweight Trustworthy Execution
• Scalable Crypto
Diversity of edge device is huge challenge
Even Motes may need to establish Trust
Sensors
Actuators
Aggregator
Cloud
EdgeIOT
Just-Enough Security for each Endpoint
13
Key Research Questions
Capability, Cost, Power
Can we deliver credible security at the NanoScale design points?
• Dedicated security co-processors (TPMs), execution modes (TXT, SGX) are intended
for platforms with significantly higher capabilities
• Are there more optimal security solutions for NanoScale (<100K gates)?
14
Challenge #2: Secure IoT Connections
Many IoT usages will involve ensembles of devices
• Secure Device-to-Device Pairing & Communications
• Trustworthy & Flexible Grouping
Authenticate IoT Swarms (large ensembles)
• Self-learning to establish trust relationships
• Need to scale up to billions of endpoints & network devices
Usability is Key
• Eliminate need for Manual Configuration
• Seamless for Normal Users, Intuitive for Sysadmin
Secure Channels for Diverse EnsemblesSource: http://keelyhoneywell.wordpress.com
15
Device-to-Device (D2D) Authentication
• Securely pair devices without input/output capabilities
• UX: Non-obtrusive bootstrapping with minimum human intervention
Groups
• Securely discover available and capable devices for grouping
• Secure Ad-hoc Grouping & Ungrouping
• Topologies & Communication Paradigms
• Scalability: Handle large swarms of moving or dynamic devices
Securing D2D/Group Communication
• Authenticity, Integrity, Confidentiality, Anti-Replay & Audit
• Customized protocols or schemes for protecting specific IoT applications & workloads
Resource constrained
Key Research Questions
16
Challenge #3: Secure IoT LifecycleSystem Launch
• Measurable & Attestable
Sytem Execution
• Resistent to Malware during Runtime
System Management
• Detection & Diagnosis
• Patching & Remote Management
• Security for Long-Lived Devices
Cradle-to-Grave Secure Operation
Stay Secure
Run Secure
Start SecureSy
stem
Life
cycle
17
Key Research Questions
Build & Launch Secure IoT Systems• How to build secure endpoints with right set of primitives? Programming Framework?
Runtime Security for IoT Systems• Trusted Boot & Attestation? Fast, Lightweight, Real-Time? Anti-Malware Solution?
Maintain Security for IoT Systems
• Real-Time Monitoring & Diagnosis? Fast reaction to attacks?
Secure Update of IoT Endpoints & Systems• How to securely patch compromised endpoints? Lightweight, Real-Time, Large-Scale?
• High-Value problem across IoT Verticals; Unique requirements per Vertical
18
Outline
Motivation
Challenges & Key Research Problems
Summary / Call to Action
Demo
19
Summary & Call to Action
+50B
Devices
50B
Devices
1T Sensors
& Actuators
Security = #1 Priority from Day 1
A Trustworthy, Safe and Reliable IoTFoundation is Essential
• Secure Endpoints & Connections
• Security from Cradle to Grave
Scaling IoT Securely is Key Challenge
• Scaling down to extremely resource constrained environments
• Scaling across billions of IoT Endpoints
Significant Research Challenges to build out the Trustworthy IoT Foundation
20
Outline
Motivation
Challenges & Key Research Problems
Summary / Call to Action
Demo
21
FPGA implementation of an Intel Research Architecture with Execution-Aware MPU
Technology Showcase: Telematics Exploit Mitigation
entry
ins, ins, ins, …
exit
Shellcode
Malicious Code
Code Injection
GSM Driver
Call Graph
OS
GSM Driver
Telematics App
CAN Driver
Typical Trusted Computing Base (TCB)
TCB with EA-MPU Enforcement
Telematics
SystemThrottle
Actuator
X