1 / 38

Industry developments for enhanced security

Jan Newmarch Director, Faculty of ICT and Business Box Hill Institute Adjunct Professor University of Canberra. Industry developments for enhanced security. Messages from this talk. There are issues at all levels of the IoT stack

cofielda
Télécharger la présentation

Industry developments for enhanced security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Jan Newmarch Director, Faculty of ICT and Business Box Hill Institute Adjunct Professor University of Canberra Industry developments for enhanced security

  2. Messages from this talk • There are issues at all levels of the IoT stack • H/W & S/W vendors, standards bodies, open source groups, industry consortia are all working to solve them • Guidelines are being created by groups such as the IoT-AA. Join them!

  3. Risks • Defending against all possible attacks is an impossible task; there is always someone willing to spend a significant amount of time and money to break any security scheme using very complex attacks.

  4. The security requirements for a design ... should be described in value terms: “attack A on asset B should take at least Y days and Z dollars”. If a set of countermeasures mean that a successful attack will take too long or will cost too much, then the defense is a success. Risks vs costs

  5. Hack attack the hacker is only capable of executing a software attack Shack attack A shack attack is a low-budget hardware attack Lab attack the attacker has access to laboratory equipment and can perform unlimited reverse engineering of the device Types of attack

  6. Mark Pesce: “33 billion connected devices means 33 billion attack surfaces, each with their own exploits, zero day attacks, weaknesses and vulnerabilities” Galen Gruman “wait until [hackers] can access building boilers and turn them into bombs, disable our door locks, open our garage doors, turn on sprinkler systems in data centers, and set self-driving cars to crash or simply stay put.” In 2016 145,607 webcams etc were used in a DoS attack on Dyn Scale of vulnerabilities

  7. SCADA (Supervisory control and data acquisition) SCADA systems are used to control and monitor physical processes, examples of which are transmission of electricity, transportation of gas and oil in pipelines, water distribution, traffic lights, … [Wikipedia] SCADA was neither designed with security in mind, nor with networking Attacks include Stuxnet in Iran SCADA

  8. Risk assessment Design against risks Implement Building for security

  9. Risk assessment must include Financial risk Reputational risk Physical risk Risk assessment

  10. Flaws by omission Flaws in design Flaws in implementation How security flaws happen

  11. Parrot drones were discovered to have Open telnet port No WiFi security Open ftp server It never occurred to Parrot that security might be an issue until people started crashing or stealing their drones Flaws by omission

  12. SSL was discovered to have multiple design weaknesses and has been replaced by TLS RFIDs need small keys for power reasons; NIST has minimum size recommendations based on “cryptoperiods” Flaws by design

  13. GOTO bug discovered in Apple’s implementation of SSL/TLS – broken for one year Followed by discovery of similar bug in GnuTLS – broken for 10 years Flaws by implementation

  14. Components of the IoT

  15. Components of the IoT

  16. Flash memory has its own processing power: Google announced Vault – a secure microSD with ARM chip Go-Trust claim they got there first GlobalPlatform have a secure specification for Java card multi-application processing Secure Memory

  17. ARM cpus can run in two modes: secure and normal, using TrustZone Intel's Software Guard Extensions extend the instruction set to enforce data security Priceton University's Bastion system gives h/w protection to software hypervisors Instruction sets

  18. The Freescale i.MX6 UltraLite has Secure boot Hardware cryptographic cipher engines Random number generator Tamper detection “enabling hardware-verified peripheral and memory access requests for secure isolation and prevention of tainted system resources” Uses ARM TrustZone environment Secure SoCs

  19. Wireless WiFi Bluetooth Zigbee Z-wave Powerline X10, LonTalk Network protocols • Internet • IPv4 • IPv6 • TCP • UDP Wired • 1-wire, 2-wire

  20. Bluetooth low energy 6LoWPAN (IPv6 over low power PAN) Zigbee Z-Wave LoRaWAN NB-IoT ... Wireless protocols for IoT

  21. Low power wireless: IEEE 802.15.4 Integrate to network: 6LoWPAN Application layer: CoAP Case study

  22. IEEE 802.15.4 is designed for PANs with a range of upto 10m It can have point-to-point encrypted data using AES (upto 128 bit keys) It can have 128 bit MAC integrity checking They both reduce payload size Keys may be pair-wise or network In hardware, the power consumption is negligible It is the link layer for Zigbee, Z-Wave and 6LoWPAN 802.15.4 security

  23. 6LoWPAN is a special form of IPv6 (small packet sizes, etc) IPSec can be used IPSec is done in s/w and may be too expensive It reduces payload size Key distribution to IEEE 802.15.4 is not part of 6LoWPAN (it is part of Zigbee) 6LoWPAN security

  24. CoAP (Constrained Application Protocol) combines REST over UDP to give something like HTTP There are coap: and coaps: schemes coaps: uses DTLS (Datagram Transport Layer Security) CoAP security

  25. A device will need to boot It will need to be updated from a recognised source It will need an identity to verify itself to that source It will need to manage keys The Apple iOS 9.0 Security model is an exemplar Bootstrapping, identity and updating

  26. The devices will run s/w If complex enough, will require an operating system Nearly all current hacks are failures in s/w or o/s Languages and systems

  27. Microcontrollers: C, Assembly, Forth, Basic Microprocessors: C, Java, Python, C#, C++, … Web: Javascript, PHP, Java, … Big data: R, Python, Java Programming languages

  28. Newer programming languages are safer than old ones – no pointers, better type checking, etc Some are designed for systems programming: Go Rust Programming languages

  29. Most O/S's are large and insecure There are many micro-O/S’es at < 10k Redox is a micro-kernel O/S written in Rust The NICTA seL4 microkernel has been Proven to be functionally correct Proven to be secure for access control Operating systems

  30. TinyOS (from SmartDust) 1kB RAM RIOT 1.5kB RAM Contiki 2kB RAM Huawei LiteOS 10kB RAM ... Operating systems

  31. Containers discard the O/S from the contained system Examples include Docker, Ubuntu LXD Containerised applications are protected from dependency upgrades Containers

  32. Unikernels discard the O/S completely Examples include Rumprun, Mirage O/S, bare metal apps on RPi Unikernels

  33. Block chains are used by Bitcoin to validate transactions: only accepted if a majority of blocks in a chain accept it Several groups are exploring these for IoT, with a majority of devices needing to accept a command as valid Block chains?

  34. The only real solution is for every stage of design of an IoT system to mandate security as a design issue OWASP (Open Web Application Security Project) includes a Top Ten of security issues to be addressed in design and implementation of IoT Security by design

  35. For an overview of security issues, see IoT Alliance “Internet of Things Security Handbook” and NIST and GSMA architectures For privacy, see Office of the Australian Information Commisioner For trust, see Online Trust Alliance For specific market niches (SCADA, automobiles, health) see relevant groups For programming issues, see OWASP For industrial systems, see IIoT Recommendations

  36. Including Open Connectivity Foundation Cloud Security Alliance And multiple vendors Apple Alphabet IBM Samsung, ... Other industry groups

  37. IoT Insurance is a rapidly growing area... Most systems will have multiple components and multiple interest groups. Who is responsible (legally and morally) for failure? Will government regulation help or hinder? Legal and Insurance

  38. The IoT covers huge areas Technology Legal Financial Ethical While there are many unresolved issues, there are also many answers – but you may have to dig deeply for them. Joining a group such as IoT-AA can help you and everyone else! Conclusion

More Related