The potential damage to people, possessions, businesses and national critical infrastructure from a successful attack on cyber-physical systems through the rapidly emerging Internet of Things (IoT), cannot be underestimated, according to a new study announced last week (10 September 2014) by Beecham Research.
To mark the announcement of the study, an initial Beecham report entitled ‘Evolving Secure Requirements for the Internet of Things’ warns that there are currently insufficient security capabilities within the emerging IoT standards to manage the long life-cycles expected of many IoT devices.
‘While we may have some visibility of potential attacks over a few months, we need to protect IoT devices in the field for 10 years or longer,’ said Professor Jon Howes, one of the authors of the report and technology director at Beecham Research (pictured below).
‘Devices must be securely managed over their entire lifecycle, to be reset if needed and to enable remote remediation to rebuild and extend security capabilities over time.’
Beecham believes the answer to these challenges lies at the architectural level for both devices and systems and stretches from semiconductors through to network operators and system integrators. This approach underlines the need for common security objectives across the industry and interoperability within broad systems.
Involving all IoT stakeholders
This first report is a significant component of a longer study that includes substantial industry collaboration – covering intellectual property providers, silicon device vendors, device OEM manufacturers, system integrators, application owner/end users and extending across all major industry stakeholders including standards and certification bodies and governments – followed by publication of frameworks for an array of use cases.
The report also highlights potential future attacks on IoT systems and how these may ultimately impact users, from home owners losing control of white goods, door locks being disengaged or security alarms being monitored.
‘The attack surface of an Internet of Things system may be substantially larger than traditional PCs, as the complexity of ensuring multiple vendors’ systems working together will lead to a greater probability of exploits being available,’ said Professor Howes.
‘We have all become familiar with computer malware but the impact of equivalent IoT attacks could be to turn off a heating system in the middle of winter or take control of other critical IoT systems, which could be potentially life threatening.’
Security in the Internet of Things is significantly more complex than many system designers have previously experienced, says the report. Some areas highlighted include where data must remain trusted and private, whether within the system, in flight or at rest, and the reliance on robust cryptography schemes.
At a briefing on the report, Professor Howes said: ‘We are trying to help our clients take IoT security seriously. Clients tell us we can’t kill our business model by applying too much security, but we also cannot kill it by applying too little. The problem is finding the right amount of security at the right price.’
He added that industry needs to change the way it sees security from the perception of it being a costly bolt-on to something that brings value and protects value. A security solution that enables a customer to protect, correct and re-set devices in the field for 10 years or more breeds added value and engenders trust.
‘This attitude of “I want cost-free security is wrong”,’ said Professor Howes, who warned: ‘We need to move faster than the standards though, as this security needs putting in place rapidly. Security breaches are already an issue.’
Identification, authentication and authorisation
Additionally, significant evolution is required in the identification, authentication and authorisation of devices and people into IoT systems. Systems designers must also presume that all devices will become compromised at some point and ensure that it is possible to regain control.
These devices will require quarantining inside the system while updates are being created and need to remain operational throughout the process. Professor Howes noted that this will require devices to be flexible enough in their design to be upgradable in the field and re-set if compromised. The silicon must have enough capacity and memory to enable this.
However, this will also require interoperability issues to be solved as well. We need to find ways to ensure different systems such as Bluetooth, Weightless and cellular have the same roles and can identify devices in the same way. The issues of long-term lifecycle management and system creation also need addressing.
The IoT systems must be upgradable and fixable if they go wrong. Security is therefore vital to ensuring this and value creating, as businesses can only add new services throughout the lifecycle of their products if they are adequately protected. If they are compromised so badly by a security breach and have to be replaced at the businesses expense, that isn’t good business.
Government leadership needed
The authors of the Beecham report welcome the work of industry organisations such as the AllSeen Alliance and the Open Interconnect Consortium looking at aspects of security within the IoT, but various government organisations including the UK’s Centre for the Protection of National Infrastructure (CPNI) and the US Department for Homeland Security (DHS) have made it clear that IoT security must evolve more rapidly to meet the threats from hacktivism, terrorism and cyber warfare.
Haydn Povey, technical associate and former director of secure products at ARM Holdings (pictured below), said: ‘While many technologies such as advanced cryptography are being introduced in current IoT devices, governments around the world are concerned about the acceleration of IoT and agree that there is significantly more work needed to meet the demands of future threats as outlined in the ‘20 Critical Security Controls’, originally developed by the Council for Cybersecurity for mainstream IT security.’
Povey added: ‘There is an urgent need to deliver cost effective solutions that enable robust security, but also to retain the flexibility to deliver real benefits in the face of expected threats. This requires well-architected and interoperable frameworks across vendors and technologies, integrated at an IP and silicon level to enable the evolution of security services the whole industry can leverage.’
He said: ‘We need to apply security more deeply and more broadly than before. Too often security is just bolted on afterwards. We need to get it in at the ground up if IoT is to function as we expect. But there are a lot of stakeholders that need to be involved.’
Povey noted that governments do not like interfering with industry, but he said they need to create a legislative framework or guidance within which the industry can come up with IoT security solutions that protect not just individual applications but the fabric of society, such as food chains.
‘Government cannot define what goes out on the silicon chip, but they’ll get blamed if things go wrong,’ said Povey. ‘We need to try and take the security requirements set by governments and give them to the intellectual property organisations at the other end of the chain.’
Beecham Research hopes that by doing so this will close the gap between the OEMs and system integrators who tell clients that they cannot provide end-to-end security at the moment because it isn’t embedded in the IoT chipsets, and the chipset providers saying, we cannot put they security you are asking for into the chips until you define the requirements for us.
The Beecham ‘Evolving Secure Requirements for the Internet of Things’ study is targeted at organisations across industry and government focused on the rapidly evolving IoT and Machine-to-Machine (M2M) markets.
‘While the industry has learnt many lessons from the traditional IT domain, the initial steps in security for IoT are sufficient only for the near term and pressure must be applied to drive greater system robustness, ensure that interoperability is applied across the industry, and deliver standards that can be measured and certified,’ concluded Robin Duke-Woolley, founder of Beecham Research.
To find out more about the report or get involved in the longer term study, please visit www.beechamresearch.com or email firstname.lastname@example.org
About Beecham Research
Beecham Research, Ltd. is a leading technology market research, analysis and consulting firm based in Cambridge, UK with offices in North America and mainland Europe.
The company is the only global consulting and research firm focused solely on the worldwide and rapidly growing M2M (machine-to-machine), Internet of Things and Embedded Mobile markets. Beecham has specialised in M2M and related markets since 2001.