Develop a root of trust.

We are seeing a digital transformation of all industries; new cybersecurity challenges are on the horizon. With that, comes the opportunity to act now and build resilience against cyber threats, so we can welcome the next chapter of our digital ecosystem with more trust than before.

As technology plays an ever-increasing role in our lives, it brings with it a whole host of security challenges. The need to make our devices secure couldn’t be more important, from smart fridges to doorbells, from phones to tablets to the Metaverse; for the world we now live and work in, it is essential that cybersecurity is a priority for the Internet of Things (IoT). In fact, the need has never been greater, and manufacturers and the end-user all need to ensure it is a priority.

Rising Threat

Billions of connected devices have been adopted within our personal eco-systems, rising two-fold during the pandemic. This means there are even more devices in our lives which can be attacked. This is particularly true for the smaller, embedded devices. These can often be overlooked, making them an easy target. Adopting a security protocol for these devices is an essential step in securing the supply chain and avoiding more critical attacks.

An average of four IoT devices are owned which communicate with the cloud in any given network. With this huge number of devices being connected, it brings a wave of potential security risks that must be protected. This is where Root of Trust (RoT) must be considered and actioned. As manufacturers make an increasing variety of IoT devices at a rapid rate to be the fi rst to offer the best capabilities at the cheapest price, security is often the last consideration. This needs to change.

The reason being, that there is more to lose than ever before. The current threat landscape presents a wide field of opportunities for hackers. However, it is encouraging to see some businesses and individuals becoming more aware of the risks ahead and starting to change their priorities by adopting proper security strategies for protection. They are spending and putting security at the forefront of their development programmes. This is encouraging as every product put into service has the potential to be attacked within its product lifecycle, especially from remote threats.

Security First

As security standardizations become a priority for manufacturers, engineers should also look to resilience technologies and build on the protection offered by TPM and DICE.

A RoT is a component that is always trusted to act in an expected manner and should be provided by embedded systems manufacturers within the device. These security-fi rst manufacturers are ensuring they embed a RoT as a set of functions in the trusted computing module; serving as a separate computting engine controlling the trusted computing platform cryptographic processor on the PC or mobile device it is embedded in.

To ensure standardization of the adoption of RoT, millions of devices are working with the Trusted Platform Module (TPM) which provides the standardized hardware RoT to help measure integrity and provide health checks and authentication services. We should remember that vital to the security of any device, is the ability to determine its integrity.

The TPM is a computer chip that can be implemented in a variety of systems with varying security levels, providing technicians with secure storage of boot and runtime integrity measurements, as well as private encryption keys and cryptographic secrets. These TPM capabilities can be used to prevent hackers from being able to replace code on devices and access encrypted data by isolating keys, so data remains protected from unauthorized users.

For devices lacking a TPM, developers can instead use Device Identifier Composition Engine (DICE) based architecture. DICE uses a combination of a small hardware engine and security code embedded in boot code and later software layers to provide device identity, integrity reporting, and data protection capabilities. Similar to TPM, the DICE capabilities help perform measurement, attestation, authentication, and certification of software.

As these security standardizations become a priority for manufacturers, engineers should also look to resilience technologies and build on the protection offered by TPM and DICE on IoT and other systems. As consumer IoT continues to rapidly outnumber people, it is key to ensure their devices have security capabilities which have an automatic way to recover a device to a trusted state in an automated way and without the need for manual intervention. Resilience encompasses better protection and detection of compromises with a reliable recovery to a trusted state.

Where to Start

Securing devices and components across all connected industries starts under the operating system. A Zero Trust approach to the system is needed whereby the integrity of each device and its movement of data can be determined.

Adopting trusted computing standards can help create the pervasive security validation needed in this kind of approach. With the complexity of devices, environments, applications, and use cases, there is not a one-size fits all approach when it comes to cybersecurity. Rather, a diverse approach is needed to address unique needs.

To establish a foundation of security for every device in the system, a RoT must be planted in the device to begin. The TPM is the standard hardware RoT that can provide integrity measurements, health checks, and authentication services to protect embedded systems. Depending on the requirements of each unique system, the chip can be implemented at different security levels and is equipped to protect against even the most sophisticated attacks.

The TPM is a computer chip that can be implemented in a variety of systems with varying security levels, providing technicians with secure storage of boot and runtime integrity measurements, as well as private encryption keys and cryptographic secrets.

For low-cost, low power endpoints, DICE provides cryptographically strong device identities which forms the foundation for attestation for software updates, patches and so on. It helps to provide viable security and privacy foundations for systems without a TPM and enhances the security and privacy of systems with a TPM. In both cases it creates a strong device identity, attestation of device firmware, and security policy with verification of software updates and safe deployment.

The DICE model offers strong attestation of device identity, firmware, and security along with the secure deployment of software updates. All these features make it a great tool for manufacturers and developers who can recover the device securely following a compromise, attest device firmware and security policy, and allow for secure software updates. Suitable for low-cost, low power endpoints, DICE provides strong security and privacy foundations for systems without a TPM, but it also enhances the existing protection and privacy on those with a TPM.

Let’s Work Together

Good IoT security practices and strategies still have a long way to go. There is a great need for more businesses and individuals to get on board. As the deployment of IoT heightens in popularity, it is crucial there are a variety of measures available for system developers and product manufacturers to ensure devices remain safe and secure throughout their lifetime.

The first nine months of 2021 saw 40 percent more cyberattacks compared to the same period in 2020 with 2022 expected to see a further increase. One of the biggest, and arguably the most important, challenges in the realm of hardware supply chain security and integrity is the number of different organizations or groups involved; everyone implements different processes and methods to varying levels of success.

To truly ensure end-to-end protection and integrity, we need industry standards that provide guidance for all stages of the supply chain and device lifecycle. Implementing a hardware RoT is a fundamental place to start.

By encouraging a security first approach through the continued prevention of malware and viruses along with resilience to recover a device once compromised, the ecosystem remains secure and safeguarded through futureproof measures and tools. As cyberthreats grow in sophistication and IoT applications become complex, the industry can be assured there is a safe, secure future for all where information remains protected, and systems remain online.

The Trusted Computing Group (TCG) has developed a wealth of security standards and trusted computing technologies which address the security challenges of today and the future.

This article was written by Dennis Mattoon, Board Director, Trusted Computing Group (Beaverton, OR). For more information, visit here .



Magazine cover
Tech Briefs Magazine

This article first appeared in the September, 2022 issue of Tech Briefs Magazine.

Read more articles from this issue here.

Read more articles from the archives here.