Solving IoT Security With PUF-Based Root of Trust
September 07, 2021
The security issues surrounding internet of things (IoT) devices range from tiny semiconductors to global supply chains. PUFsecurity, a provider of intellectual property (IP) that helps strengthen security at the chip level, hosted a forum of IoT experts to discuss the industry’s challenges and future outlook.
We Need to Build Trust for each IoT Device
Wide-ranging security challenges threaten to slow down the adoption and growth of the IoT industry. Geopolitical and data sovereignty challenges drive the creation of trusted supply-chain ecosystems in Asia, Europe, and the Americas, according to Tom Katsioulas, Board Chair of GSA Trusted IoT Ecosystem Security (TIES), an industry group. Nowadays, more IoT devices need a root of trust (RoT) for secure boot, secure storage, secure data access, and identity linked to such data. The COVID pandemic has resulted in accelerated digital transformation and chip demand plus supply chain shortages, increasing the risk of counterfeits with more of us working from home. (Read more: RoT: The Foundation of Security)
“We need to trust every aspect of the supply chain with respect to design and procurement of services,” Katsioulas said. “Digital transformation of the supply chain presents an opportunity to evolve the existing infrastructure in a way that enables trusted traceability of process and products to maximize the level of security.”
Many of the issues are related to the semiconductors that run IoT devices, according to PUFsecurity consultant Albert Jeng.
“The three keys to chip security are building trust into each device, verifying its security during the design stage, and maintaining records on the chip through its lifetime. These steps are critical for upholding semiconductor supply chain security,” according to Jeng.
Without adequate security protections, it becomes increasingly difficult to securely deploy IoT and other devices that are connected to the internet. The provisioning of security and identity for each device is becoming more important as a broader range of devices are under attack. Moreover, home networks are increasingly exposed to attack through the wider use of personal and other edge devices. Because of the pandemic, people have left secure parameters and increasingly use devices and networks that hackers easily penetrate.
“More IoT devices used equals more holes to cover,” says Luis Ancajas, director of IoT solutions for memory chipmaker Micron. The best defense is to assume there will always be invasions. The question is how to trace violations and identify where breaches occurred. Up to now, software-based protection has been the most common method used. Unfortunately, this approach is only as strong as the device operating system. Such electronic devices typically store their secret key critical to system security within a visible eFuse device that’s vulnerable to invasive attacks.
An Ideal Solution to Build Root of Trust inside Chips: PUF
An alternative secret key solution is the physically unclonable function (PUF) technology that functions as a chip's inborn fingerprint and provides other security-related advantages. PUF technology is an emerging solution that’s used as a hardware root of trust (HRoT). The ideal PUF should generate secret keys that are highly random, genuinely independent of each other, and reliable within all operating conditions. (Read more: Why a True Hardware PUF is more Reliable as RooT of Trust)
“A PUF can create a unique identity (UID) or an inborn fingerprint for each chip,” according to PUFsecurity R&D Director Meng-Yi Wu. “Therefore, it provides an immutable secret to derive public-private keys for many applications in the supply chain and field use. HRoT enables secure boot, secure storage for silicon lifecycle data, and secure access of the chip for secure read/write data.”
A PUF can also help remedy the vulnerabilities of the chip manufacturing process, according to Wu. A PUF can help prevent over-production in manufacturing or reverse-engineering post-manufacturing when coupled with appropriate software infrastructure. Unauthorized excess production or counterfeit chips can raise costs, increase risk, and damage brand and reputation. (Learn more on video: PUF-based Solutions for Supply Chain Protection)
According to Wu, chip inborn ID and key generation are much more secure than an injection of random numbers and much less costly since it does not require a secure facility or complex infrastructure.
The registration of chip IDs can happen automatically during "chip birth," the first power-up during a probe test. When the testing process integrates with the manufacturing execution software (MES) of a chipmaker, counting the number of good dies or leveraging sign tools to activate legal devices further, this can prevent over-production. When the UID combines with chip-package markings, it can help to prevent counterfeits in the supply chain.
There are two kinds of RoT — injectable RoT, which requires a trusted and secure facility to create it — and inborn RoT, a newer solution that creates opportunities to implement zero-trust and greater automation.
A chip HRoT can be created in two ways: a trusted manufacturer can inject it, or a PUF within the chip can generate a random, unique, unclonable, and unpredictable secret key.
“The first and most crucial part is provenance,” says Ancajas. “Trust needs to begin somewhere.”
“When you enroll the PUF, something must prove that it was enrolled by the right company.”
An HRoT can provide a secure environment to create, store, and use keys within a chip on behalf of the client application running on the CPUs. The HRoT must be secured by design to perform security functions like data encryption, certificate verification, and basic key management to support secure boot and secure identity authentication.
The effort is a collaborative exercise within the ecosystem between the IP supplier, the chipmaker, and other companies in the supply chain.
RoT as the Foundation will Become the Future of the AIoT
Ultimately, over-the-air device onboarding, management, and updates of electronic devices are based on RoT.
“We're talking about fleet applications right now,” says Katsioulas. “We're going to have secure operation centers talking to millions of devices and possibly billions of chips. Chips will be in factories, planes, trains, automobiles, and smart infrastructure, generating data that you want to analyze historically or in real-time. That data better be trusted, and the only way to achieve this is to create a digital thread in the supply chain that ties to a Hardware RoT.”
A truly reliable and inborn PUF that doesn't need additional calibration, such as NeoPUF, is the best candidate for a secret key source, according to eMemory Senior Marketing Manager Sean Wang. The inborn randomness derived from the chipmaking process is central to security because it is non-predictable. (Read more: NeoPUF, A Reliable and Non-traceable Quantum Tunneling PUF )
There are many advantages to the use of PUF technology. Especially with an inborn PUF, the silicon life cycle management (SLM) for trillions of AIoT devices from the design phase to the field use stage can be more cost-effective and secure than ever.
For more information, visit: PUFsecurity.