The Internet of Things is expected to change life as we know it – making our businesses, cities, and homes more efficient; our energy, industrial, and transportation systems safer; and our people healthier. But to enable IoT to meet its promise, and do no harm in the process, we need to make sure it is secure. Altair Semiconductor has designed its solutions with that in mind.
“People talk about IoT power consumption, and device cost and size, – these are all critical, and our solution certainly excels in all these areas,” says Eran Eshed, cofounder and vice president of marketing and business development at Altair Semiconductor. “But they sometimes forget to think about other aspects of these solutions – and one of them is security.”
It’s important to ensure personal privacy and security, and the integrity of large enterprise and public systems that, if attacked, could result in disaster. We obviously want to avoid the kind of situation depicted in the movie Live Free or Die Hard, notes Eshed, who uses a screenshot from the movie in some of his presentations to emphasize the importance of security.
IoT security involves securing the communications link, the device itself and the application it’s running. Securing a connection to the cloud entails making sure only authorized and trusted entities can register on, enter, and interact with the network. But security doesn’t stop there. You also need to make sure unauthorized entities can’t disguise themselves or their applications as being something they’re not so they can manipulate data and create unwanted situations.
The good news is that cellular technologies have always been secure because of their strong encryption schemes and the SIM-based authentication, which manages credentials for connectivity as a separate entity. This holds true for LTE, the latest implementation of cellular technology, and for IoT implementations that leverage cellular connectivity. A SIM card, of course, is the component inside a cell phone or other connected device that stores, among other things, credentials used for authentication. It works with the network to make sure the devices registering on the network are what they are supposed to be. This involves strong encryption, making it near impossible (even with supercomputers) to decrypt the information in a time period that would be relevant, says Eshed.
To address IoT, cellular equipment suppliers have taken added security steps such as soldering SIM chips to the boards within devices (this is called embedded SIM) to make sure they are not stolen or replaced. Over-the-air SIM provisioning is an added bonus for the customer, who now has the freedom to choose or change which network their device operates over, even post-deployment, adds Eshed.
A widely circulated story recently highlights the high level of security SIM technology provides. It is so secure, Eshed says, that when spies from the National Security Agency and its British counterpart, the Government Communications Headquarters, wanted to secretly monitor specific cellular calls, they allegedly had to physically break in to a manufacturing facility of SIM leader Gemalto to plant malware on its computers.
“This is what it takes to break a SIM card,” Eshed comments. “That’s how hard it is.”
Meanwhile, wireless technologies like SIGFOX or <1GHz that have positioned themselves as an IoT alternative to cellular connectivity have a much lower level of security, or no security included at all, he adds. Altair Semiconductor solutions provide all the security goodness already found in LTE today, and expand on that with unique application security features. Baked in to its LTE-only chipsets are microcontrollers with secure boot and virtualization functionality.
Here’s how secure boot works: In the process of waking up, an IoT device authenticates the code that exists on the memory and makes sure that code is trusted. If even a single bit in the software has been changed, the chip rejects the interaction. Altair’s virtualization feature, meanwhile, runs the application layer in a completely independent and isolated environment than that of the modem. As a result, application developers who build code running on the Altair chip are unable to access critical network infrastructure. That means cellular service providers can be 100 percent certain the network will not be hacked (with false messaging or signaling, or DDoS) through the application layer.
“These two layers provide excellent security and protection that people in the IoT space expect and didn’t expect in tablets or CPE in gateways,” says Eshed. For more information on Altair Semiconductor and its highly secure IoT solutions, visit www.altair-semi.com or see previous articles on the company’s offerings at www.iotevolutionmagazine.com.
Edited by Ken Briodagh