Right-sized security for IoT - ARM
-
Upload
phil-hughes -
Category
Technology
-
view
95 -
download
0
Transcript of Right-sized security for IoT - ARM
Right-sized Security for IoTMike Eftimakis
IoT Product Manager, ARM
Case study – Tape-out a secure IoT chip in 3 months!
Selecting the “Right Size” for IoT security
HW Attacks Physical access to device – JTAG, Bus, IO Pins Well resourced and funded Time, money & equipmentSoftware Attacks
Buffer overflows Interrupts Malware
Communication Attacks Man In The Middle Weak RNG Code vulnerabilities
Cost/Effort To Attack
Cost/Effort to Secure
Non scalable
IoT Subsystem
for Cortex-M
eFlash
Interconnect
Flash Cache
eFlash
Flash Cntl
SRAM Controller
APBPeripheralsSRAM SRAM SRAM SRAM
ProcessorCortex-M
Cor
eSig
ht S
oC
mbed OSDevice Drivers
Application
BeetleTest chip
Power Management
TRNG
APBBridge
Cordio Radio
ARM® mbed™ OS(including mbed TLS, mbed uVisor)
TRNG(from ARM TrustZone® CryptoCell)
ARM IoT Subsystem for Cortex®-M
ARM Cortex-M3
ARM Cordio® Radio
Device management Support for bootstrapping /
provisioning / refurbishing / decommissioning
Behaviour monitoring
Device integrity Protect from untrusted software Allow recovery from attack
Asset protection Prevent access to certain
resources
Data Security Keep data confidential Prevent data alteration
Physical Security Anti-tampering protection
Future-proofing Keep firmware up-to-date
Device security
Communications security
Lifecycle security
Link encryption Prevent eavesdroppers to listen
Authentication Guarantee identity of endpoint / server
Anonymity/Confidentiality Keep identity unknown to eavesdroppers Prevent traceability
Implement OMA LWM2M
Implement TLS
Root of Trust + Chain of Trust
HW backed partitioning
(MPU)
Implement Dual Flash bank + Secure FoTA
HW backed partitioning
(MPU)
Partition SW Resource
IoT node Cloud
Disrupt device
Observe / corrupt data
Access protected network
Damage cost = value of lost dataor side information (presence…)
Damage cost = value of lost cloud dataor value of the network infrastructure
Damage cost = value of disabled nodeor value of lost node data
× Scaleof network!!!
Estimate threats for your application
“Security” has different meanings
Device managementSupport for bootstrapping / provisioning / refurbishing / decommissioningBehaviour monitoring
Device integrityProtect from untrusted softwareAllow recovery from attack
Asset protectionPrevent access to certain resources
Data SecurityKeep data confidentialPrevent data alteration
Physical SecurityAnti-tampering protection
Future-proofingKeep firmware up-to-date
Device security
Communications security
Lifecycle security
Link encryptionPrevent eavesdroppers to listen
AuthenticationGuarantee identity of endpoint / server
Anonymity/ConfidentialityKeep identity unknown to eavesdroppersPrevent traceability
Select the“right-sized” security!
Security is expensive
Need to understand the threats
Use threat model adapted to IoT