Building Smarter, More Secure Cities from the Ground up with Open Standards

April 29, 2021

Story

Internet of Things (IoT) technologies are finding their way into every corner of our lives. They monitor how we drive, make factory production lines more efficient, and keep utilities running smoothly. They are also at risk of compromise from adversaries who may be financially motivated cyber criminals, nation-state operatives, or even disgruntled employees.

There is no silver bullet to help us fix this challenge. But security-by-design and open standards should be your guiding principles when designing products and building IoT systems. These will not only help to minimize cyber risk but can also speed time-to-market and drive cost efficiencies.

The Worst-Case Scenario

We are at the beginning of a new era of smart cities. Yet as connectivity and computing power is distributed more widely across large-scale outdoor networks, threat actors will continue to scale-up their own campaigns to monetize attacks. At the moment, there are plenty of security gaps to target. One 2020 report claims that IoT devices now comprise one-third (33 percent) of all infected devices on global networks, up from 16 percent in 2019[1]. Another report claims that more than half (57 percent) are exposed to medium- or high-severity attacks[2].

Weak passwords, firmware vulnerabilities, and insecure networks continue to blight deployments. They offer attackers an opportunity to hijack devices, to sabotage critical infrastructure, hold organizations to ransom, and steal sensitive data from connected networks. It is a threat identified long ago in the 1960s classic film, The Italian Job, where traffic in a prototypical Italian “smart city” is brought to a standstill by hackers. Unfortunately, much worse could happen today. A foiled cyber-attack on a water plant in Oldsmar, Florida earlier this year was designed to poison residents’ drinking water[3].

Security Starts Here

In this context, engineers and developers should be laser-focused on developing a robust security architecture. This will include two key elements as part of the device: device authentication and message encryption.

First, each device must be uniquely identifiable so that it can be authenticated effectively when joining a network, and able to prove that it has not been tampered with or hijacked with rogue code. Digital certificates embedded in each device are an ideal way to achieve this, as they can be embedded during manufacturing or prior to commissioning and are not vulnerable to compromise in the way that passwords are.

All secure devices will contain a private key, which must be protected. There is more than one approach to this: consider a hardware secure element, a chip that is designed to specifically protect against unauthorized access, even if the attacker has physical access to the device (as is often the case with IoT)[4]. Another technique to prevent tampering is the physically unclonable function (PUF)[5]. Here, a “fingerprint” is derived from the unique characteristics of a piece of silicon (transistor threshold voltages, gain factor, etc). This can then be turned into a unique cryptographic key and used as the chip’s root key. The advantage here is that no additional hardware is needed to store the key securely, and that it becomes invisible to hackers when the device is powered off.

Device authentication is just part of the protection needed. Equally important is message encryption. Encryption ensures the message contents are private and prevents alteration of messages, for example, from a “man-in-the-middle” attack. Radio standards, such as IEEE 802.15.4, include AES message encryption, which is built into RF silicon to encrypt messages on-the-fly. AES provides a lightweight method to secure over-the-air frames while maintaining low power consumption and processor overhead.

An inherent concern for RF technology is the susceptibility to interference. Interference may be unintentional (such as co-located networks), caused by interferers (such as welding equipment), or may be intentional (like from a jamming device). Wi-SUN FAN networks, for example, use a number of techniques to mitigate these types of interference:

• First, devices use decentralized frequency hopping that makes it difficult for an attacker to deny service by jamming signals.

• Additionally, the mesh network topology has a major effect of network resilience, offering several advantages over star (or “hub-and-spoke”) networks. They are more reliable, as data can be re-routed if devices lose contact with each other. And, device-to-device transmissions are typically made over shorter distances, so there’s improved power efficiency, performance, and channel utilization.

The Power of Open Standards

The use of open, interoperable standards is another important consideration. Why does this matter from a security perspective? The answer is that open standards will be mature and reliable, stress-tested and verified by many stakeholders, both developers and users of the technology. Therefore, vulnerabilities are quickly detected and remediated.

Wi-SUN Alliance profiles use a wide range of IEEE and IETF standards, including the IEEE 802.15.4 RF and link layers, secure device identity from 802.1AR, IETF EAP-TLS-based network authentication, and IEEE 802.15.9 key management.

A Better Security Scenario

From a product perspective, following open standards can speed time-to-market, keep costs down, and ensure your products can be optimized with a variety of manufacturers’ processors and radios. Typically, there will be a range of publicly available protocol stacks, design information, and reference implementations to help you build and future-proof secure products.

As smart cities, smart utilities, and large-scale corporate IoT networks continue to grow, so will the attention of cyber criminals looking for new ways to make money. That is why security-by-design is a prerequisite for all connected devices.

Resources:

1. Help Net Security October 28, Help Net Security, & 28, O. (2020, October 22). Attacks on iot devices continue to escalate. Retrieved April 28, 2021, from https://www.helpnetsecurity.com/2020/10/28/attacks-on-iot-devices-continue-to-escalate.

2. Manager, A. (2021, February 18). OT/IoT Security Report: Rising IoT Botnets and Shifting Ransomware Escalate Enterprise Risk. Retrieved April 28, 2021, from https://www.nozominetworks.com/blog/what-it-needs-to-know-about-ot-io-security-threats-in-2020.

3. Robles, F., & Perlroth, N. (2021, February 09). 'Dangerous stuff': Hackers tried to poison water supply of Florida Town. Retrieved April 28, 2021, from https://www.nytimes.com/2021/02/08/us/oldsmar-florida-water-supply-hack.html.

4. Watchdog. (n.d.). What is an IoT Hardware Secure Element? Retrieved April 28, 2021, from https://cerberus-laboratories.com/blog/iot_hsms.

5. Physical Unclonable Function - Intrinsic ID: Home of PUF Technology. (2021, February 25). Retrieved April 28, 2021, from https://www.intrinsic-id.com/physical-unclonable-function.