iot security imperative: stop your fridge from sending you spam
DESCRIPTION
We've all heard the continuing news about or been victims of hacked passwords, data breaches, identity theft and lost privacy, because our heavy reliance on Internet connectivity. Our digital world necessitates ever improving security. But now we're on the cusp of a major revolution where our appliances, cars, clothes and the very fabric of our lives (no pun intended) are also connected. Software and silicon designers must take active design measures for ensuring user data. In this talk, Amit Rohatgi, president of the prpl Foundation, will outline the market and technical challenges as well as the essential measures in the design phase for securing our ever-more-connected digital world. He will also discuss why open-source is appropriately suited for addressing theses challenge and how the prpl Foundation is tackling this from the ground-up.TRANSCRIPT
Getting Hacked Via Your Fridge or, the IoT Security Imperative
Amit Rohatgi, president prpl Foundation
CIE-SF / CINA September Seminar9/4/2014
IoT & Security: presented by Amit Rohatgi at CIE-SF 2Thursday, September 4th, 2014
IoT & Security: presented by Amit Rohatgi at CIE-SF 3Thursday, September 4th, 2014
IoT & Security: presented by Amit Rohatgi at CIE-SF 4Thursday, September 4th, 2014
• “Smart refrigerators and TVs hacked to send out spam …” – NBC news
• If hackers can exploit a weakness in a single type of Internet-connected home appliance or system—such as an Internet-connected door lock—they may be able to harm thousands of people at once.
More connected homes, more problems
IoT & Security: presented by Amit Rohatgi at CIE-SF 5Thursday, September 4th, 2014
Incorrect Perception Bad Planning
• Integration• Device cost• Data mining• Footprint
Lower TCOAdded
revenue
• Security & privacy
• Integrity• Reliability
Higher cost??
Waste of time??
IoT & Security: presented by Amit Rohatgi at CIE-SF 6Thursday, September 4th, 2014
Target Breach: an anatomy
HACK
ED
$200M cost, CEO ousted
Compromised credentials from
HVAC vendor
1 HVAC systems monitor temp. changes for see
how long customers stay
2
Malware programs
installed on HVAC systems
3Unified backend systems at store
(and most retailers)
4
PoS system breached
5Millions of credit
card numbers start flowing out
6Breach
detected! Manual intervention was
needed
7
IoT & Security: presented by Amit Rohatgi at CIE-SF 7Thursday, September 4th, 2014
How Big Is this Problem?
IoT & Security: presented by Amit Rohatgi at CIE-SF 8Thursday, September 4th, 2014
Problem – Enterprise and Corporate Risk• According to the MPAA and RIAA – studios and
artists lost over $10B due to piracy in 2010
• Technology companies, such as Qualcomm and Cisco, lose hundreds of millions in revenue, due to cloning
• Corporate Cloud usage is on the rise with Mobile access– A breach at the corporate level would be very
expensive
IoT & Security: presented by Amit Rohatgi at CIE-SF 9Thursday, September 4th, 2014
Problem – Personal Risk
• Mobile devices are “valuable” – due to their transaction and content capabilities– Privacy loss more than hardware loss– Attackers want data, not devices
• Mobile cloud storage is UP !– Need to “bind” device to cloud
• Devices are easily “rooted”– Secure sandboxes for data and code execution
are required
IoT & Security: presented by Amit Rohatgi at CIE-SF 10Thursday, September 4th, 2014
IoT Market Challenges
• Scale– Billions of devices (identity & authentication management, in-field updates, dynamic interactions, big data, real time
data mgmt.)
• Multiple technologies and standards– Creation of technology silos– Established / emerging / competing– Standardization is a key enabler
• Solutions are highly fragmented– Need for common/flexible platforms– Applications environments with multiple PKIs or Roots of Trust
• Low power requirements– Operate for 2 years on a coin battery
• Cost limitation
• Long life cycles
Security
IoT & Security: presented by Amit Rohatgi at CIE-SF 11Thursday, September 4th, 2014
IoT Security Chain (device-to-datacenter)
Sensors NodesAggregation Points
Routers /GatewaysSTBs Cloud
HW Root of Trust + Secure Boot => Secure Over The Air/Wired Field Updates
Secure sensor data for sensitive applications (e.g.
medical, industrial, enterprise)
Enable in field device personalization (add/remove features)Future proof designs with flexible programmable architecture
Private Data Disposal
Secure Server + Secure Network => Secure
Services
Secure Remote MonitoringProtect Intellectual Property against SW cloning (e.g. proprietary algorithms)
Intellectual Property Tampering Detection Intrusion Detection and Secure Remote Monitoring
IoT & Security: presented by Amit Rohatgi at CIE-SF 12Thursday, September 4th, 2014
IoT Security Aspects
• System Security must be Embedded
• Know what is being protected
• Trust begins at home– Secure boot, run time protection, process separation
(TEE)
• Trust between network elements– Authentication and confidentiality– Via registration protocols (trust all devices signed by
manufacturer’s signing key) or online protocols (pairing, TLS, IKE)
IoT Security Questions
1. What is the connectivity model?2. Who owns the device?3. What is running on it?4. Where is it located?5. How is it protected?6. How are attacks detected?7. What is the recovery mechanism?
IoT & Security: presented by Amit Rohatgi at CIE-SF 13Thursday, September 4th, 2014
Secure Platform Principles
Secure Boot
Secure
Execution
HardwareRoot
of Trust
SecureAsset Store
SecureStorage
SecureCommunication
IoT & Security: presented by Amit Rohatgi at CIE-SF 14Thursday, September 4th, 2014
Platform Security
• Secure boot process starts out in ROM
• After bootloader, the root of trust (hypervisor) is verified and loaded
• Iteratively verifies next stage of boot until HLOS (optionally inclusive)
• Secure partition(s) able to access full memory map. Non-secure can access only its partition
Non-secure HLOS (e.g. Android)
SecureOS 1
Secure App 1
Secure App 2
Secure App 3
Non-Secure
App
Non-Secure
App
Non-Secure
App
Secure & Protected Hypervisor
Virtualized N-core MIPS i6400 CPU
Virtualized I/O and Memory thru entire SoC Complex
Secure OS 2
IoT & Security: presented by Amit Rohatgi at CIE-SF 15Thursday, September 4th, 2014
Platform Security
• Secure boot process starts out in ROM
• After bootloader, the root of trust (hypervisor) is verified and loaded
• Iteratively verifies next stage of boot until HLOS (optionally inclusive)
• Secure partition(s) able to access full memory map. Non-secure can access only its partition
Non-secure HLOS (e.g. Android)
SecureOS 1
Secure App 1
Secure App 2
Secure App 3
Non-Secure
App
Non-Secure
App
Non-Secure
App
Secure & Protected Hypervisor
Virtualized N-core MIPS i6400 CPU
Virtualized I/O and Memory thru entire SoC Complex
Secure OS 2
• Flexible
• Scalable
• Reliable
• High
Performance
IoT & Security: presented by Amit Rohatgi at CIE-SF 16Thursday, September 4th, 2014
Exploring VirtualizationMultiple Secure Domains More Reliable & Predictable
More Powerful & Efficient Safer!• Global Platform considering
certifiable containers• Secure services can only affect
their container, not the overall system
Secure HypervisorCPU 1
CPU 2
CPU 3
CPU 4
CPU 1
Secure MonitorCPU 2
CPU 3
CPU 4
CPU 1
Secure HypervisorCPU 2
CPU 3
CPU 4
CPU 1
Secure MonitorCPU 2
CPU 3
CPU 4
CPU 1
Secure MonitorCPU 2
CPU 3
CPU 4
CPU 1
Secure HypervisorCPU 2
CPU 3
CPU 4
IoT & Security: presented by Amit Rohatgi at CIE-SF 17Thursday, September 4th, 2014
IoT in our daily lives
• Sleep is precious• Alarm defaults to 8am– +45m (meeting delay)– -5m (gas)– -15m (accident)– -20m (late train)= EXTRA 5 mins!!
IoT & Security: presented by Amit Rohatgi at CIE-SF 18Thursday, September 4th, 2014
WHAT IS prpl?Portability, Virtualization, and Compute
IoT & Security: presented by Amit Rohatgi at CIE-SF 19Thursday, September 4th, 2014
What is prpl?
• A Foundation created to accelerate a robust ecosystem via collaboration– Open-source community supporting the MIPS architecture, and
open to all– Provide access to free, unencumbered toolchains, associated
libraries – Common platform, debuggers, probes and software easily
accessible
• Community Benefits– Large ROI benefit – up to 4x gain– Time-to-Market & lower TCO – Strengthen MIPS ecosystem– Accelerate MIPS64 to mainstream– Faster innovation through focus on core competency
IoT & Security: presented by Amit Rohatgi at CIE-SF 20Thursday, September 4th, 2014
Why Open-Source?
• Enabling the Big Data revolution needs collaborative minds
• Fragmentation will slow down innovation
• More eyeballs = more secure
IoT & Security: presented by Amit Rohatgi at CIE-SF 21Thursday, September 4th, 2014
Synergies Drive Innovation
• IoT will enable big data• big data needs analytics• analytics will improve
processes for more IoT devices
IoT & Security: presented by Amit Rohatgi at CIE-SF 22Thursday, September 4th, 2014
BIG DATAKBMBGBPTEBZBYBnon-linear!
IoT & Security: presented by Amit Rohatgi at CIE-SF 23Thursday, September 4th, 2014
Big Data: The Internet of Cow
1.5B cows200MB/yr/cow
=
300,000 GB(0.3 petabytes)
per year
IoT & Security: presented by Amit Rohatgi at CIE-SF 24Thursday, September 4th, 2014
Big Data: Turbines
12,000 turbines500GB/day each
=
6 million GB(6 petabytes)
per day
IoT & Security: presented by Amit Rohatgi at CIE-SF 25Thursday, September 4th, 2014
Little Data Big Data Huge Data
• Each successive node in the IoT chain adds– Data and Storage requirements– Processing Requirements– Multi-tenant Requirements (ie security)
BytesMegabytes
Terabytes
Petabytes
ExabytesZETTABYTES(1000^7)
IoT & Security: presented by Amit Rohatgi at CIE-SF 26Thursday, September 4th, 2014
DIVERSITY IN IoTlots of hardware
IoT & Security: presented by Amit Rohatgi at CIE-SF 27Thursday, September 4th, 2014
IoT & Security: presented by Amit Rohatgi at CIE-SF 28Thursday, September 4th, 2014
Key Enablers for IoT
• Processing power• Networking infrastructure and connectivity• Low cost, secure devices• Storage• Loads and loads of secure, portable software• A way to make money
IoT & Security: presented by Amit Rohatgi at CIE-SF 29Thursday, September 4th, 2014
Standardization Challenge
• Fragmentation!– Connectivity Standards– Operating Systems– Topologies– Security
• Expect diverse solutions, so– Software abstraction (APIs) needed at
each node– Multi-tenant environment needed for
security
IoT & Security: presented by Amit Rohatgi at CIE-SF 30Thursday, September 4th, 2014
PORTABILITY AND VIRTUALIZATIONprpl foundation
IoT & Security: presented by Amit Rohatgi at CIE-SF 31Thursday, September 4th, 2014
Mission
‘prpl’ is an open-source, community-driven, collaborative, non-profit consortium focusing on the MIPS architecture and ecosystem, and open to all
- with a focus on enabling next-generation datacenter-to-device portable
software and virtualized architectures
IoT & Security: presented by Amit Rohatgi at CIE-SF 32Thursday, September 4th, 2014
Scalable Processor Architecture Needed, e.g. MIPS
1GHz+ CPU Solution mobile and home
entertainment
32-bit microcontrollers for embedded storage,
automotive and IoT
64-bit multicore advanced networking,
datacenter and infrastructure
Efficient solutions for a broad range of
networking & storage applications
IoT & Security: presented by Amit Rohatgi at CIE-SF 33Thursday, September 4th, 2014
Key Domains
Embedded& IoT
Buildroot, RTOS
Networking
openWrt, yoctoMontavista
Datacenter
RHEL, Fedora, Ubuntu, CentOS
Digital Home & Mobile
openWrt, Linux, Android
IoT & Security: presented by Amit Rohatgi at CIE-SF 34Thursday, September 4th, 2014
Work-flowUpstream projects:
gnu.org, kernel.org, llvm.org
prpl: Domains and Engineering
Groups
supported kernels and projects
projects pulled from upstream
❖ Optimized Linux Kernels regardless of architecture
❖ SDKs and Tools➢ license free versions
❖ launchpad to upstream
❖ advanced future work➢ SDN➢ heterogeneous
compute➢ LLVM➢ vision
IoT & Security: presented by Amit Rohatgi at CIE-SF 35Thursday, September 4th, 2014
prpl Engineering Groups (PEGs)
▪ VZ Ecosystem▪ Hypervisors (eg KVM, Fiasco.oc)
▪ OS▪ Data Center – Redhat, Ubuntu, Debian, CentOS▪ Networking –Montavista, OpenWrt▪ Embedded/IoT & Mobile - Android, Chromium,
Tizen, WebOS, RTOSs, Yocto▪ Kernel (device tree, power mgmt, multi-threading)▪ Portability
▪ JITs (V8, openJDK, etc)▪ Emulation (QEMU)
▪ Tools (SDK, IDE)
▪ Platform▪ UEFI and boot loaders
▪ Optimization▪ Intrinsics (eg SIMD) and libraries (eg memcpy) –
■Multimedia - video, audio, speech■Networking■Security
■Networking (multi-core friendly and aynchronous)■e.g. BGP, OVS, snort, routing protocols, DPI
IoT & Security: presented by Amit Rohatgi at CIE-SF 36Thursday, September 4th, 2014
Low Cost Hardware
❖ MIPS CI20
➢ dual core MIPS32 CPU @1.2GHz, PowerVR SGX540 GPU, HDMI, 1GB RAM, 8GB Flash, 2 usb, audio, WiFi, BT
➢ Linux and Android 4.4 - community supported, rasbpi header
➢ Available now - http://elinux.org/MIPS_Creator_CI20
➢ Price: $40
❖ prpl stamp #2
➢ dual core MIPS32 interAptiv @600MHz, PowerVR SGX520, HDMI, 512MB RAM, 4 GB Flash, usb, audio, WiFi, BT, aggressive power savings modes enabling 30-day battery life
➢ Android Wear (smartwatch and IoT platform)
➢ ETA: Dec 2014
➢ Price: $35 (est.)
❖ Interface Masters MIPS64 Niagara3218
➢ MIPS64 network system
❖ Interface Masters MIPS64 Niagara804-BP
➢ MIPS64 network adapter
IoT & Security: presented by Amit Rohatgi at CIE-SF 37Thursday, September 4th, 2014
Summary: what will prpl do?
• Focus on the software “glue” necessary to carry secure structured and unstructured data from the device to the datacenter
• Example:– Secure hypervisors for multiple tenants– Portable software, such as JITs– SaaS, PaaS, IaaS OTA secure– Programming models to enable big data processing (eg hadoop) over
heterogenous processors
Embedded nodes
OpenWrt hub
Networking backbone
Datacenter
IoT & Security: presented by Amit Rohatgi at CIE-SF 38Thursday, September 4th, 2014
E.g. Develop Software Enabling Security and Multiple Contexts• Multiple contexts are required
– Shared resource– Protected resource– Energy conservation
• Heterogenous programming models are required– Close working relationship with leading
industry consortia, leading semiconductor companies, OEMs and ISVs MemoryMemory
CPUCluster
Coherent FabricSoC
Network layersOffloads (Crypto, IP, etc)
I/O
GPUCluster
Secure Hypervisor (R/G MMU)
H/W
TPM-------BootROM
XX
GuestUser
--------GuestKernel
GuestUser
--------GuestKernel
GuestUser
--------GuestKernel
GuestUser
--------GuestKernel
vGPU1
vGPU2S/W
VM1VM2VM3VMn
Incr
ease
Priv
ilege
Secure DomainsProtected Partitions
IoT & Security: presented by Amit Rohatgi at CIE-SF 39Thursday, September 4th, 2014
IoT & Security: presented by Amit Rohatgi at CIE-SF 40Thursday, September 4th, 2014
IoT & Security: presented by Amit Rohatgi at CIE-SF 41Thursday, September 4th, 2014 41
IoT & Security: presented by Amit Rohatgi at CIE-SF 42Thursday, September 4th, 2014
Resources
• http://prplfoundation.org• http://www.cisco.com/web/about/ac79/docs/
innov/IoE_Economy.pdf• http://theinstitute.ieee.org/benefits/standards/s
etting-the-stage-for-the-internet-of-things• FTC Workshop on IoT and Security (Nov ‘13)• amit (at) prplfoundation (dot) org
(thanks!)
Thanks!
IoT & Security: presented by Amit Rohatgi at CIE-SF 44Thursday, September 4th, 2014
How to Get Involved in prpl
Mailing list lists.prplfoundation.orgWiki wiki.prplfoundation.orgForums forum.prplfoundation.orgCode github.com/prplfoundation