As recently as 10 years ago, protecting Internet of Things (IoT) data was largely an afterthought. Engineers designing IoT and industrial IoT (IIoT) networks were more concerned with ensuring their applications functioned according to design specifications, not with the unintended consequences of releasing potentially sensitive information into the cloud.
Today, with billions of sensors and IIoT-enabled microcontrollers (MCUs) collecting, processing, storing and sharing data, the threat surface continues to expand. This demands a dedicated approach to security that many companies are only just coming to realize. Indeed, the trend of sending everything to the cloud has reversed to some extent as more processing tasks are returning to the IIoT end point and shifting the data bottleneck away from the communications path.
Historically, a big reason for this disconnect was the lack of data security expertise available to augment the skills of the embedded engineering team. This blind spot can lead to unfortunate outcomes. In one instance, several years ago, a North American casino was sabotaged by hackers who broke into a “smart” fish tank that was connected to a desktop computer. In other cases, disgruntled former employees have stolen data because their passwords were never disabled. It’s the equivalent of locking the windows to your house but leaving the door open.
The temptation to raid data stores is only growing as more of our daily interactions involve some form of information sharing. Even apparently mundane applications, such as smart home utility meters, are targets of opportunity for thieves looking to steal power from the grid.
Thankfully, data breaches have appeared in the headlines often enough that customers are awakening to the need for security as a core component of their technology solutions. Increasingly, my group is engaging earlier in the design process to help customers better understand how to adequately provision and scale their devices with a combination of hardware-accelerated cryptography, secure key storage and some form of physical protection.
In educating our customers, we find the need to remind them of some important operating parameters. One is to acknowledge that MCUs are resource – and security – constrained. In many cases, the entire application, including all security functions, must fit in 256KB of flash, because the majority of today’s IIoT end-point applications are battery operated and have extremely limited power overhead.
Secondly, we need to show customers how to properly manage their security layers, which often involves some form of security certification. In one case last August, for example, a software developer was able to hack into and take over the infotainment system of his Hyundai, because the firmware protection keys were freely available on the internet. It’s like using 1-2-3-4 as the firmware password.
At Renesas, we ensure a transport layer security (TLS) and chain of trust is able to accurately and distinctly identify whoever is sending and receiving data. We also have a Product Security Incident Response Team, which includes a dedicated person in each of our groups who is contacted when a security vulnerability is detected, assesses the nature and severity of the threat and generates a vulnerability report as needed. If the report comes from a customer, we make sure we are communicating back to the customer how that specific vulnerability will be addressed and in what time frame. It’s a detailed, sophisticated process with multiple databases behind it.
A big part of the security services we provide entails helping customers understand which tools to use and when, starting with the basic building blocks and moving on to complete solutions. It’s the equivalent of buying a four-digit combination lock from the hardware store. They all come set to “zero,” and we help customers find the best way to program the lock. As the world’s devices, systems, appliances and IIoT networks adopt more technology layers, it’s crucial to ensure that, as these building blocks are assembled, their attack surface is as small as possible. Customers are beginning to realize this. We are having many discussions weekly to better understand our customers’ target markets and end applications to determine what sort of security measures they should consider implementing.
In the end, we have moved as an industry from engineers disregarding data security – or at best considering it a nuisance – to a step they realize they need to consider early in the design process. And if we’re doing our jobs well, you’ll never know we were there. It’s the next level beyond zero-touch – if you don’t see us, you know it’s working.