Scaling IoT Security

Scaling Security for IoT

A presentation givenby Bill Harpley to the Brighton IoT Forum on March 23rd, 2016

23/03/2016 Bill Harpley 2

02/03/2016 Bill Harpley3

Linux | Cloud |Wireless | IoT

www.astius.co.uk

Overview

• IoT is all about scalability

• In this presentation we will look at two contrasting views of IoT security:

– Macro level: security of complex physical systems

– Micro level: how to start with a product idea and scale it up in a secure fashion


SECURING BASIC SOCIAL AND ECONOMIC INFRASTRUCTURE



Security of large-scale infrastructure

• The diagram shows how traditional vertical market sectors are embracing IoT connectivity solutions.

• Cyber-Physical systems – large scale connected infrastructure which spans multiple vertical sectors. So how do you make these secure?

• Significant security challenges in terms of:• Different industry standards• Regulatory regimes• Legacy infrastructure• Timing of signals• Communications protocols• Proprietary technologies• System complexity• Understanding of risks• Security monitoring• Co-ordinating multiple agencies

• Many legacy systems were never intended to be connected to the Internet and so lack essential security mechanisms (e.g. SCADA) .

SCADA (Supervisory Control & Data Acquisition) systems are used to monitor and control industrial processes and buildings. They were first deployed in the 1960s and some have an expected working life of up to 20 years.


Protecting critical infrastructure• As more ‘things’ become connected to the Internet,

the threat of large-scale cyber attacks increases.

• Attackers may try to:

– Gain unauthorised access to information.

– Disrupt communication networks and IT services.

– Cause breakdown of physical infrastructure (e.g. energy distribution grids, major transport hubs).

• Let’s have a look at a topical example!


Example: connected cars (1 of 3)

• Cars are evolving from Assisted Driving mode (ADAS) to fully Autonomous mode (driverless).

• Car makers are cramming their new vehicles with electronics and software.– Turning them into mobile data centers.– Many potential security vulnerabilities.

• Recent report in Information Age that 75% of cars stolen in France during 2014 were electronically hacked.

• ‘Jeep Hack’ of July 2015 in which vehicle forced off the road by hackers ( Chrysler recalled 1.4 million cars).

– Rising concern about vulnerability of cars tocyber-attacks.


Example: connected cars (2 of 3)

Source: Cisco


Example: connected cars ( 3 of 3)• Kerbside

infrastructure is vulnerable to cyber-attacks.

• Need to protect a complex “system of systems”.

• Requires strategy to be developed at both local and national level.

Artist’s visualisation of connected vehicles control point.Source: US Department of Transport


UK Cybersecurity strategy• Cyber-security features very prominently in Government

thinking.• Many policy initiatives announced over the last 5 years

– First UK Cyber Security Strategy created in 2009.– Office of Cyber Security & Information Assurance (OCSIA)

founded in 2010 (located in Cabinet Office)– National Cyber Security Programme (NSCP) launched in 2010– CERT-UK began operations in March 2014 (formal incident

reporting).– 2015 National Cyber Security Plan launched with great fanfare

( budget of £1.9 billion in spending between 2016-2020 )– Creation of National Centre for Cybersecurity (NCSC) announced

& will open in October 2016.

• Main take-away is that cyber-security is very complexbusiness which needs leadership at the highest level.


NIST notional framework

“Cyber-Physical Systems or ‘smart’ systems are co-engineered interacting networks of physical and computational components. These systems will provide the foundation of our critical infrastructure, form the basis of emerging and future smart services, and improve our quality of life in many areas. Cyber-physical systems will bring advances in personalized health care, emergency response, traffic flow management, and electric power generation and delivery, as well as in many other areas now just being envisioned.” – NIST (http://www.nist.gov/cps/)


SECURITY SCALING FOR YOUR GREAT PRODUCT IDEA



It’s a great idea (but is it secure?)• Let’s suppose you have a great idea

for a new portable music ‘widget’

• Your aim is to provide people with a great ‘connected’ user experience

• You build a prototype and show it to potential customers who are very enthusiastic

• So you then launch a Kickstartercampaign with a view to making 100 units

• What security management problems might you run into?


Scaling from 1 to 100• Let’s say you have manufactured and shipped 100

units to your Kickstarter customers• Your music widget gets rave reviews … but then 3

customers claim to have found a security flaw– It could be a flaw in your own design or a fault in a 3rd

party module– You do the right thing and notify all 100 customers but

they don’t seem too inconvenienced by it– The three customers that complained return their

widget to you, the problem is “fixed” and the unit is shipped back to them

– Everyone is happy!


Scaling from 100 to 1000• Congratulations! You have attracted some outside investors

and plan a further production run of 1000 units.• But now things start to go wrong:

– You never had a plan to manage ‘unique’ items such as MAC addresses and security keys.

– You did not design the product for high-volume manufacture.– If customers complain about security faults, manual returns and

upgrades are not an option at this scale.– You need to design a process of remotely upgrading firmware

on each unit.

• Make sure you fix these problems before committing to the manufacturing run:– It will take more effort and extend your ‘time to market’– But should save money in the long run


Scaling from 1000 to 10000• Your music widget is now very popular! You have built and shipped

10,000 units:– But the product has attracted the attention of malicious hackers– You need to routinely issue security patches– Get this one wrong and it will affect profits and brand image

• At this scale, you will begin to see customers raise many more “marginal” support issues (including obscure security bugs)– Fixing these can consume a large proportion of your development and

support budget– Unsold items in stock will also need to be patched with new firmware

to fix security and other problems– If you have not planned for these issues you will end up losing money

on each new item sold

• Now try scaling up to 100,000 units …


Scale your product• At each stage of production scaling, you should also plan for the next stage• Implement the principle of ‘security by design’, starting with your first

production batch• Design your product for high volume manufacturing runs in order to lower

production costs• Design for the complete security lifecycle of the product

– If a product stores a lot of personal data at end-of-life (or whenre-sold), can this be easily erased?

– Use your management of security & privacy processes as a way to differentiate yourself from the competition

• Embrace security ‘best practice’ and certification for products and processes (e.g. ISO 27000)

• Be aware of regulatory requirements in overseas markets• Can you afford to design, build and support a secure product at your

intended price point?


Conclusions• We have seen that protecting critical social and economic

infrastructure from cyber-attacks is a major priority for the UK• We have examined how developing secure IoT products can

present startup businesses with many challenges• What do these two ends of the scale have in common?

– You need to plan ahead and ask ‘What if …?’– You need to try and understand the risks– You need to invest adequate resources to meet your goals– You need to monitor how well your security strategy is

performing – Put effective processes in place to manage and contain any

security problems• Whether working at the micro-scale or the macro-scale,

it’s crucial to develop a security mindset


Any [email protected]


Scaling IoT Security

Technology

Transcript of Scaling IoT Security