Implementing Improved Security and Connectivity for the Smart Home

By Steve Hanna

Distinguished Engineer, Connected Secure Systems Div.

Infineon

September 27, 2021

Blog

Implementing Improved Security and Connectivity for the Smart Home

The smart home continues to evolve in available functions and complexity as several different connectivity protocols from numerous suppliers target a variety of products for use in smart homes.

However, many consumers (71% according to incontrol) acknowledge fear of their personal information being stolen while using smart home products. At the same time, ease of use for user-installed products has often been elusive. As the Internet of Things (IoT) grows, these issues are increasingly important.

Working collectively, many leading suppliers and potential suppliers have taken the next step to provide improved interoperability and security to smart home products using the internet protocol (IP). The effort, named “Matter”, provides standards for smart home devices and a certification program so that consumers can identify and trust compliant devices.

The Matter Standard                                                                           

To bring the many diverse networking factions together and solve interconnectivity as well as security issues, the Connectivity Standards Alliance (formerly the Zigbee Alliance) created the Matter Working Group. The Working Group consists of experts from more than 200 major players, including names like Apple, Amazon, Google, Johnson Controls, Schneider Electric, LG Electronics, and many others.

The goal of Matter is that if a user buys two Matter-certified devices, they will work together easily and well. By meeting this goal, consumers will have confidence in their purchases and manufacturers will not have to integrate the different capabilities for each of the other major and even minor players. With this confidence, consumers could increase the estimated 54.6 million connected major home appliances shipped globally in 2020 to about 175 million annual shipments in 2025, as projected by market research firm Omdia.

 

Figure 1. With 8% of all major home appliances globally connected today, the number of connected appliances could increase dramatically by 2025, according to Omdia.

Typical Matter User Experience

In a typical Matter scenario, a user can bring a new product home (refer to Figure 2) and use a smartphone to scan the Quick Response (QR) code attached to the back of the product. This QR code, which is unique to that device, establishes the identity of the device and enables secured communication. Pressing a pairing button on the device tells it to start installation. With this prompt, the smartphone establishes a secured connection to the device using the cryptographic information included in the scanned QR code, verifies the device to determine that it really is Matter certified, determines what kind of device it is (in this case a coffeemaker) and then sends the device all the necessary information (Wi-Fi passwords and more) needed for the coffeemaker to join the network. This includes providing a new set of credentials for the coffeemaker so it can communicate securely with anything else in the smart home. The coffeemaker can now securely communicate with a smart speaker so the smart speaker can initiate a specific brewing process, making the coffeemaker an accepted and well-secured member of the smart home.

 

Figure 2. The process for connecting a new smart home device.

Unlike many standards, Matter does not just provide an interoperability specification. Matter also includes an open source software reference implementation and a certification program.

Certification

Matter’s promise of broad interoperability depends on an open certification program. To deliver on this promise, products will have to be certified through a testing regimen to use the Matter branding. Similar approaches have worked well in solving interoperability problems in other domains, such as HDTV.

Creating reliable interoperability will enable smart homes to make the transition from today’s early adopters, who are willing to deal with technical issues, to middle and late adopters whose capabilities and persistence are much lower and who do not know the difference between a Connectivity Standards Alliance network and a Z-Wave network and do not want to find out. They just want to remove a product from a box, plug it in and have it work. To realize this vision of easy interoperability, many details must be solved, such as security.

Matter Security

In a smart home, security is essential to prevent adversaries from initiating IoT attacks such as the Mirai attack. Consumers are aware of the potential for these unauthorized access attacks and realize that smart home devices have had security problems. These concerns are a significant impediment to widespread consumer adoption.

To address security concerns, Matter includes many protection features. The first step is knowing that a real device, from a qualified supplier and not a fake, is being connected to the network. Since consumers often use wireless networks in the smart home, protection from eavesdropping is required. Protection from manipulation of data over the air or on the device itself is another threat. Access control prevents unauthorized access to security cameras and other sensitive devices. Finally, firmware updates are essential to keep systems well-secured so these need to be securely installed while avoiding illegal updates with malware.

Security measures in Matter to protect against these threats include:

  • Device attestation
  • Mutual authentication of all parties
  • Secured communication among devices using secured protocols
  • Secured storage, especially of private keys
  • Secured firmware updates
  • Device integrity to prevent and detect compromise

Hardware-based security is especially important for Matter. Instead of using passwords, Matter uses cryptographic keys stored in hardware security to provide a more secure approach keeping the key out of unauthorized hands. Since the key is a very large random number, it is nearly impossible to determine what it is.

Infineon provides hardware security products with cryptographic functions, unique identity credentials, and a highly protected trust anchor using a secured and Common Criteria certified manufacturing facility. These hardware security chips make Matter work. They include products such as PSoC™ (programmable system on a chip) and OPTIGA™ family products that enable smaller, more power efficient and less expensive designs for use in very small IoT applications, yet still provide secured identity credential and cryptographic functions required for IoT networks including random number generators, encryption/decryption, signing and verification.

Secure Interconnectivity

The development of the Matter specification by the Connectivity Standards Alliance and 100s of key suppliers enables the smart home to provide unprecedented connectivity and security and overcome the concerns of yet-to-be-convinced buyers. With open source software and products that ease implementation available from companies like Infineon Technologies, smart home products and other smart (factory, city and more) concepts can be easily and securely added to users’ networks to improve their lives.

OPTIGA and PSoC are trademarks of Infineon Technologies AG.


Steve Hanna, Distinguished Engineer, Connected Secure Systems Div. at Infineon Technologies Americas, will be speaking about "Smart Home Security in the Age of Matter," at the fourth-annual IoT Device Security Virtual Conference (IoTDSC). The conference and will be held on November 9, 2021. Register for individual live sessions or all sessions that can be watched on-demand here

Featured Companies

Infineon

101 N Pacific Coast Highway
El Segundo, CA 90245

Senior architect. Visionary leader in networking and security. Expert at catalyzing industry-wide change. Frequent speaker at leading conferences such as RSA and Interop. Author of numerous technical papers and standards including IETF RFCs 2730 and 5793 and Trusted Computing Group IF-IMC and IF-IMV. Member of IETF's Security Area Directorate. Holder of 43 U.S. patents.

More from Steve