Don't Save Your Security Until the End
July 01, 2019
Security needs to be front of mind at this early juncture (emphasis on ?needs?). This discussion must occur before your actual design starts, which is a common mistake in the embedded sector.
Now that you’ve scoped out your system (Chart the Right Course for Your IoT System Development) and got the low-down on AI and machine learning (With Map in Hand, Machine Learning Is the Next Stop), your thoughts should turn to security.
While in the very early design stages, developers are typically thinking about which processor and chipsets should be employed. And they’re thinking about which ODM to work with. However, security needs to be front of mind at this early juncture (emphasis on “needs”). This discussion must occur before your actual design starts, which is a common mistake in the embedded sector. Far too often, developers attempt to do a security “bolt on” that sometimes works, but far too often it does not.
When it comes to security, open source can be your best friend, as most of what you’re looking to accomplish has likely been developed and is available. Take the SUSE Linux Enterprise Operating System for example. The operating system provides a secure, adaptable Linux platform for equipment manufacturers deploying networking and security applications, and products such as firewalls and VPNs. Developers can get access to a secure, stable operating system that helps streamline their design and development efforts and allows flexibility in the choice of hardware platform and peripherals.
While the embedded, industrial, automation and manufacturing industries have been aware of the need for security for quite some time, that hasn’t made securing their equipment any easier. With today’s critical industrial assets now interfacing with more open IoT networks, the requirement for securing electronic systems becomes far more difficult.
A host of hardware/IP security solutions are available. They include the Trusted Platform Module (TPM), which hails from the Trusted Computing Group (TCG), an industry consortium. The TPM can be implemented in firmware or in an SoC. Arm’s TrustZone technology offers a memory protection unit-based scheme to provide secure boot and data protection functionality. And Intel’s Software Guard Extensions (Intel SGX) improve the integrity of application code and data. Each of these alternatives is available to developers at varying levels of cost, ease of use and protection.
While hardware-based security is essential, it doesn’t necessarily address the ever-changing software needs and challenges. As fixes and patches and other software is loaded onto the system, the potential for breeches/hacks grows. Time-to-market pressures can make this process even more difficult, as vetting time is not always sufficient. Finally, developers need to consider longer-term security. This is more difficult when you’re not exactly sure what the customer’s long-term plans are.
If this system is connected to the internet, then the issue is a fairly simple one. The system gets connected to the appropriate repositories and patches and updates are pushed out when they're available.
If the OEM wants to have more control over the situation, like in the medical space where regulatory bodies are involved, they would have to control those updates. In this instance, the OEM could set up a mirroring repository behind their firewall or elsewhere on their site, and then they can cherry pick the updates that they want to roll out. They can also build their own update that they would then go through and re-certify and deploy.
Air-gapped networks can also be used and they can reside behind the customer’s firewall. Air gapping means that the network is physically isolated from unsecured networks, such as the public internet or an unsecured local area network, using a physical or conceptual air gap. In this case, they’d go to a system that's outside the firewall, grab the packages/patches that they need, and have them reside on the system behind the firewall.
The bottom line is that when determining your Linux vendor, understand that not all commercial Linux vendors are created equally. SUSE, world’s first provider of an Enterprise Linux distribution, is committed to delivering reliable, best-in-class security to its customers and to the entire open-source community.