CONFIDENTIAL 1 How to Secure Devices in a Smart City IoT devices - - PowerPoint PPT Presentation

confidential 1
SMART_READER_LITE
LIVE PREVIEW

CONFIDENTIAL 1 How to Secure Devices in a Smart City IoT devices - - PowerPoint PPT Presentation

Jan 16, 2024 248 likes •330 views

CONFIDENTIAL 1 How to Secure Devices in a Smart City IoT devices in a Zero-Trust manufacturing and operational environment. CONFIDENTIAL 2 IoT market Gartner predicts: 20.4 billion connected things by 2020 7.4 billion of these are

slide-1
SLIDE 1

CONFIDENTIAL 1

slide-2
SLIDE 2

CONFIDENTIAL 2

IoT devices in a Zero-Trust manufacturing and operational environment.

How to Secure Devices in a Smart City

slide-3
SLIDE 3

CONFIDENTIAL 3

IoT market

Gartner predicts:

20.4 billion connected “things” by 2020 7.4 billion of these are business/industrial devices

Many IoT devices today are badly broken Managed IoT

Industrial & Central infrastructure Personal & National security

slide-4
SLIDE 4

CONFIDENTIAL 4

Threats

Smart City

Malicious attacks on e.g. water treatment could increase chemicals at dangerous levels

Smart Grid

Malicious attacks could lead to unstable energy flow and major blackouts.

Automation

Malicious attacks on service or surgical robots could lead to personal damages or even fatalities.

slide-5
SLIDE 5

CONFIDENTIAL 5

You can’t trust the data if you can’t trust the device!

The environments at contract manufacturer and in operation must be considered “Zero-Trust” The Goal:

Protect the device during the entire life-cycle from manufacturing to operations

At the Contract Manufacturer (CM) it must be ensured that

  • verproduction, cloning and counterfeit of devices cannot happen

rogue firmware and spy chips cannot be installed your company IP secrets cannot be stolen, firmware and secret keys are not compromised

And in the operational environment it must be ensured that

  • nly genuine firmware can execute

devices can be upgraded certificates and keys for authentication to cloud are protected

slide-6
SLIDE 6

CONFIDENTIAL 6

The seven properties of highly secure devices

  • Hardware-based Root of Trust: Does the device have a unique,

unforgeable identity that is inseparable from the hardware?

  • Small Trusted Computing Base: Is most of the device’s software
  • utside the device’s trusted computing base?
  • Defense in Depth: Is the device still protected if the security of one layer
  • f device software is breached?
  • Compartmentalization: Does a failure in one component of the device

require a reboot of the entire device to return to operation?

  • Certificate-based Authentication: Does the device use certificates

instead of passwords for authentication?

  • Renewable Security: Is the device’s software updated automatically?
  • Failure Reporting: Does the device report failures to its manufacturer?

Source: Microsoft

slide-7
SLIDE 7

CONFIDENTIAL 7

How to establish the security properties?

  • Protected design IP, and validated authentic

SW, update in the field (Over The Air)

SW application

  • Product configured features can be monetized

Product configuration

  • Unique & protected identity, trusted device

authentication and communication

Certificates

  • Protected keys for storage and secure

exchange of data

Cryptographic keys

  • Verifies the SW authenticity and integrity at

start up. Establishes Root of Trust

Secure Boot Loader

  • Secure boot capabilities and secure key storage

Security chip

FirmwareGuard+

Chip vendor Cryptera IoT device developer

slide-8
SLIDE 8

CONFIDENTIAL 8

Forward – How?

Currently

  • Many suppliers – many “standards”
  • Immature business in regards to security

Going forward

  • Do not wait for common standards – they might not come soon …..
  • Focus on secure chips so you can establish root of trust
  • Secure you own devices – do not trust others
  • Learn from other industries – e.g. payments