The Ugly Truth - NMI · The Ugly Truth You must find All the flaws The attacker Only One And you Will Fail ! Security is a top 3 issue for IoT ! Deployments will not scale without

The Ugly Truth

You must find All the flaws The attacker Only One

And you Will Fail

!  Security is a top 3 issue for IoT !  Deployments will not scale without trust

!  With large deployments !  Must limit attack surface of each device

!  Applies to even simple sensors !  Even if there is no secure data/privacy issues

!  Security must be architected from the beginning and must not be made an option

You Can’t Trust Big Data Unless You Can Trust the Little Data

RTOS Bespoke Software Stack

and Application

Secure OS Application

!  Historically closed systems

!  Very few developers have strong experience in creating secure systems

!  Need a platform with built-in security and strong guidance on best practices !  Increased productivity: “Common denominator” security functionality ready to go

Bringing Security to Traditional Embedded Development

!  Too easy to declare developers of compromised products as incompetent !  As product security can’t be reliably measured, security suffers first on tight product schedules. !  Massively parallelized security researchers vs. limited product development budgets and time frames

!  The security of a system is dynamic over its lifetime. !  The likelihood of an attack often wrongly assessed or undervalued in the chain

!  New Denial-of-Service power attacks a problem for battery/scavenging devices. !  Structural sensors often inaccessible and battery replacement is expensive

!  If your product is successful, it will be hacked. !  Often the deployment costs of firmware updates surpass the costs of a new device !  As a result even known-broken systems are kept in use !  This is not the PC world, no reset, no reinstall

!  The assumption of being hacked at some point requires a solid mitigation strategy !  Developers must ensure secure, reliable and affordable firmware updates

Security Design Challenges

Lifecycle Security

Communication Security

Device Security

mbed TLS

IPv6, 6LoWPAN IPv4

Cryptobox

Device Management: LWM2M

mbed OS

mbed Device Interface – Open Web Standards

Directory and Subscription

Application Transfer Protocols – CoAP, HTTP, MQTT

mbed TLS

Security, Admin and Multi-tenancy

Data Flow Management – RESTful and Publish/Subscribe

Device Management – Lightweight M2M (LWM2M)

mbed Device Server Open

Standards

Open Source

Device Security

!  IoT devices include significant software complexity !  Secure and privacy enabled server communication !  Unclonable device identity !  Cryptography and random number generation !  Protection of keys/certificates and server API tokens !  Secure firmware update over the air

!  Flat security all code/data lives in a shared address space !  Large attack surface makes hard to verify device security

!  Bugs in any code can lead to a security flaw !  Code base is too large for exhaustive validation !  If malicious code updates Flash it may become impossible to remotely recover a device

Traditional MCU Flat Security Model

Application Protocol

SSL Library Diagnose

Secure Storage

Crypto Keys

Secure ID

Crypto API

WiFi Stack

BLE Stack

Device Management

Firmware Update

RNG

Application Protocol

SSL Library Diagnose

Secure Storage

Crypto Keys

Secure ID

Crypto API

WiFi Stack

BLE Stack

Device Management

Firmware Update

Server

!  Split memory into private critical and public uncritical !  Small private footprint enables exhaustive verification !  Public code operates on cryptographic secrets using defined API’s

but never allow access to raw keys !  Protect key material and system integrity using hardware

memory protection (v7M MPU, TrustZone-M, TrustZone-A)

!  Vulnerabilities on public side can’t affect private side !  Public code can’t write code directly to Flash !  Private side can reliably recover device to clean state !  Private side can verify integrity of the public side image

Device Security: Secure Partitioning for MCUs

Application Protocol

SSL Library

Diagnose

WiFi Stack

BLE Stack

Device Management

Secure Storage

Crypto Keys

Secure ID

Crypto API

Firmware Update

RN

G

Public Private

Server

!  Private modules build with strong security and rarely change !  Software is never finished

!  New features, bug fixes, patching vulnerabilities and tracking standards

!  Code in the public state is developed rapidly !  Fast time to market !  Quick innovation cycles for public side !  Still a secure product

!  When bugs are discovered after deployment a firmware update can be reliably enforced

!  Flash update security layer prevents storage of unsigned code !  Managed via mbed Device Server !  Fully secured and integrity checked within device

Enable Fast Innovation

Application Protocol

SSL Library

Diagnose

WiFi Stack

BLE Stack

Device Management

Secure Storage

Crypto Keys

Secure ID

Crypto API

Firmware Update

RN

G

Public Private

Fast Slow

Security Profiles

Lab Attacks •  Local attack on an end node device

Network Attacks •  Remote attacks across the network •  May scale to many devices; accounts; services

Minimum Cost/Effort To Attack

Per-device HW Cost/Effort to Secure

•  Where possible devices should not store valuable secrets •  Local attacks must not enable network attacks on other devices

•  Some applications require tamper resistant devices •  ARM SecureCore and related technology

360 View

Secure But is it Safe?

Front Camera

Interior Camera

Long-range Radar

Mid-range Radar

Ultrasonic Sensors

*NHTSA’s definition Level of Vehicle Automation

Level 1- Function-specific automation one or more control functions such as ACC, braking and lane keeping are automated but driver has control.

Level 2 - Combined function automation Two or more control functions automated. E.g. ACC with lane lane centering. Hand off the steering wheel and foot pedal but still responsible to monitoring and expected to control the vehicle

Level 3 - Limited self-driving automation Vehicle takes control all safety critical functions mostly. Driver is expected to be available for occasional control without constant monitoring.

Level 4 - Full self-driving automation Vehicles takes control all safety critical driving function and monitor roadway all the time. Driver is NOT expected to be available for control at any time.

Development processes Fault detection and control features Failure mode and effects analysis FMEA Compiler qualification & Maintenance

ASIL B support for Cortex-A*

ASIL D support for Cortex-M* and R*

* selected processors

ISO 26262

IEC 61508

Assessment Automotive Today IOT Tomorrow

Communication Security

!  Non-standard approaches are a risk

!  Don’t repeat past mistakes

!  Use Internet Security !  Widely deployed and proven !  Firewalls and Local Routers

!  32-bit MCUs can handle IP stacks !  <1$ trust Moore’s law

Internet Protocol to the Edge

Binary | JSON – IPSO Objects

IPv4 | IPv6 | 6LoWPAN

UDP | TCP

DTLS | TLS

CoAP | HTTP

REST APIs

IoT Application Device Management

!  Split mbed.TLS into three function blocks to allow secure effective key protection and maximum re-use:

!  SSL protocol handling !  Runs in main application !  Continued investment

!  Raw encryption functions !  Common crypto features across all mbed platforms !  Crypto functions run in µvisor enforced box (CryptoBox)

!  Certificate Management and optimisations !  Used for firmware updates !  Client certificates

TLS Protecting SSL Session Keys and Secure Identities

Cryptobox Security Services [Private code/data]

mbed OS and User Application [Public code/data]

µvisor [Privileged]

ARM Cortex-M CPU [privilege enforcement]

ARM Cortex-M MPU [partition enforcement]

Memory/Peripherals (SRAM; Flash; DMA; Crypto HW)

Softw

are

Har

dwar

e

Lifecycle Security

Lifecycle Security and OMA LWM2M

Manufacturing Support

Bootstrap Support

Device Support (for a specific IoT service vendor)

Device Identity and config. for

Bootstrap

Assign devices to a particular

owner and service vendor

Device requests credentials and

configuration for service

Registered with service and ready to

use

FOTA update extends device

lifetime

Can choose to reassign device to new service

or owner

Factory

Distribution

Delivery

Setup

Usage Recovery Usage

Update Reprovision?

Deployment Wafer sort Package test ODM OEM

!  Security Administration !  Provides management of security material via a User

Interface or API !  Population of endpoint X.509 certificates !  Management of black list

!  Web Interface Security

!  TLS-based HTTPs transport with certificates

!  Device Interface Security !  DTLS-based CoAP transport !  X.509 certificate mode (TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8)

!  Public key and pre-shared symmetric

Lifecycle Security: Enabled with mbed Device Server

mbed OS Device

!  IoT deployments will not scale without trust !  Very few developers have strong security experience

!  Flat security model !  Remote code execution allows full access and key extraction

!  Compromised communications protocols !  Man in the middle attacks and compromised class keys !  Flawed proprietary algorithms

!  Insecure firmware updates !  Updates become the malware infection vector !  Compromised through ineffective or no use of cryptograph

!  Poor random number generation !  Negates strong cryptograph

The Common Problems We Need to Solve