Securing the Internet of Things



Similar documents
Thanks, But No Thanks

Secure software updates for ITS communications devices

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

What Do We Really Mean By Security for RFID

Musings on IOT. Tim Grance Jeff Voas. Computer Security Division Information Technology Laboratory National Institute of Standards and Technology

IoT Security Platform

IoT & INFOSEC: A REPORT FROM THE TRENCHES - AGC IT Conference- July 2015 MIKE.ZUSMAN@CARVESYSTEMS.COM

NXP & Security Innovation Encryption for ARM MCUs

Vehicular On-board Security: EVITA Project

Better Safe Than Sorry

Computer and Network Security

Developing software for Autonomous Vehicle Applications; a Look Into the Software Development Process

W ith an estimated 14 billion devices connected to

True Identity solution

Secure by design: taking a strategic approach to cybersecurity

1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services

Standardizing the Internet of Things; Boiling the Ocean

Automated Profile Vehicle Using GSM Modem, GPS and Media Processor DM642

CYBER SECURITY: A REPORT FROM THE TRENCHES 2015 AGC NATIONAL & CHAPTER LEADERSHIP CONFERENCE MIKE.ZUSMAN@CARVESYSTEMS.COM

Security in ST : From Company to Products

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

Brief self-introduction

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

Microsemi Security Center of Excellence

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

The Internet of Things: 4 security dimensions of smart devices

The Changing Threat Surface in. Embedded Computing. Riley Repko. Vice President, Global Cyber Security Strategy

Roles of Smart TV in Internet of Things

Securing the Internet of Things WHITEPAPER

End-to-End Security in Wireless Sensor Networks (WSNs) Talk by Claudio Anliker Supervised by Dr. Corinna Schmitt University of Zurich

Applying Cryptography as a Service to Mobile Applications

cars4colorado TRADE-IN EVALUATION FORM

Embedded Java & Secure Element for high security in IoT systems

Client Server Registration Protocol

The Impact of IoT on Semiconductor Companies

Threat Model for Software Reconfigurable Communications Systems

Security for the Internet of Things (IoT) John Yeoh, IoT Working Group

Building Resilient Systems: The Secure Software Development Lifecycle

Connected Intelligence

IoT Security Concerns and Renesas Synergy Solutions

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

Making model-based development a reality: The development of NEC Electronics' automotive system development environment in conjunction with MATLAB

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

Internet of Things Driving a Revolutionary Business Model For the Next Generation Embedded Market

Sentrollers and The Internet of Things

What is Really Needed to Secure the Internet of Things?

Introduction to RACE FUELS Hans-Christian von der Wense Munich, Germany

M2M & Cybersecurity Workshop TIA 2013 M2M Standards and Security. Mihai Voicu CIO/CSO ILS Technology LLC

MEPTEC. Ecosystem for MCU, Sensors and MEMS for IoT Tony Massimini Chief of Technology Semico Research Corp. May 20, 2015

Secure Cloud Hosting for Healthcare Organizations

There is a better way to market the Smart Home and Consumer Internet of Things

Authentication Methods for USIM-based Mobile Banking Service

The State-of-the-State of Control System Cyber Security

PCI Compliance for Healthcare

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Simplify rich applications & hard real-time

CRYPTOGRAPHY IN NETWORK SECURITY

Cryptography & Network Security. Introduction. Chester Rebeiro IIT Madras

DesignWare IP for IoT SoC Designs

NVM memory: A Critical Design Consideration for IoT Applications

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015

Künftige Cyber-Attacken: Risiken und Techniken. Future Cyber attacks: Risks and techniques. Prof. Dr. T. Nouri sd&m

The Reduced Address Space (RAS) for Application Memory Authentication

Internet of Things and Embedded Software Security.

Technical Article. NFiC: a new, economical way to make a device NFC-compliant. Prashant Dekate

Secure Data Exchange Solution

Security in Near Field Communication (NFC)

Server-Assisted Generation of a Strong Secret from a Password

Content Teaching Academy at James Madison University

Better secure IT equipment and systems

Selecting the Right MCU Can Squeeze Nanoamps out of Your Next Internet of Things Application

How Java Software Solutions Outperform Hardware Accelerators

Which ARM Cortex Core Is Right for Your Application: A, R or M?

In-Vehicle Networking

How to Hack Your Mini Cooper: Reverse Engineering CAN Messages on Passenger Automobiles

Information Security

IoT Security: Problems, Challenges and Solutions

Development of enhanced Third party Auditing Scheme for Secure Cloud Storage

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

SHE Secure Hardware Extension

M2M For industrial and automotive

Cloud Security and Managing Use Risks

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications

The relevance of cyber-security to functional safety of connected and automated vehicles

Transcription:

Securing the Internet of Things Challenges & Opportunities Licensing Executive Society December 15, 2015 World s first Linear in Time Asymmetric Security Addressing Authentication and Data Protection For the Smallest Internet of Things Cool Vendors in Mobile Security and IoT Security, 2015 Gartner, Inc. 10 Most Influential Internet of Things Companies Forbes Article/Appinions Survey July 8, 2014 Top Emerging Cybersecurity Companies SINET 16 2014 SecureRF Securing the Internet of Things 1

The Internet of Things (IoT) is the network of physical objects or "things" embedded with electronics, software, sensors, and network connectivity, which enables these objects to collect and exchange data. Large and Small SecureRF Securing the Internet of Things 2

IoT Big! SecureRF Securing the Internet of Things 3

Security is a collection of mechanisms, procedures and controls that can be implemented to reduce the risk of specific threats. Examples include: Authentication Data Integrity Confidentiality Non-Repudiation Security Primer SecureRF Securing the Internet of Things 4

Private Key One Private or Secret Key Key Management Challenge Challenge: - Securely distribute Keys - Secure all databases - Single breach System compromised SecureRF Securing the Internet of Things 5

RSA Public Key Diffie Hellman Public Key SecureRF Securing the Internet of Things 6

Public Key Method Exchange Public Keys Public Alice 16 Bob 9 Private X Y Public Key Method Calculate Shared Secret Public Alice 9 Bob 16 Private X = 34#D82 Y = 34#D82 SecureRF Securing the Internet of Things 7

Is it really Alice? Alice Bob Public Key 9 X& X& 9 Certificate Authority Signs Public Key 9 Certificate Authority Verifies Public Key 9 Challenges in Securing IoT IoT represents broad range of technology Little or no power Small computing platform Time to compute No common computing environment SecureRF Securing the Internet of Things 8

IoT and Security? good security tools developed over the last 35 years won t fit into the hardware that s (now) available Burt Kaliski Founding Scientist RSA Laboratories Director, EMC Innovations Network Microcontrollers (MCUs) IoT Building Blocks Small Computer on a single IC Processor core Memory Programmable Input/Output Designed for embedded applications SecureRF Securing the Internet of Things 9

Real World Example Today s Vehicles 30 to 50+ Microcontrollers (MCUs) per vehicle Vehicle Controls 16 Bit MCU Power Train 16 to 32 Bit MCU Driver Information 8 Bit Examples: Brakes, steering, air bags, wipers, climate control SecureRF Securing the Internet of Things 10

So What Could Go Wrong? 2014 Jeep Cherokee The Hack Access car via Sprint Network Connected to Uconnect in vehicle communications systems Re wrote firmware to chip in Head Unit Controlled other areas and systems via Controller Area Network (CAN) Estimated Vehicles Vulnerable: 471,000 SecureRF Securing the Internet of Things 11

The Hack Applied Controlled: Sound System Climate Control Windshield Wipers Brakes & Acceleration Engine Head Unit Display And more Is it really Chrysler? Public Key 9 Chrysler X& Jeep Cherokee X& 9 Certificate Authority Signs Public Key 9 Certificate Authority Verifies Public Key 9 SecureRF Securing the Internet of Things 12

Other IoT Hacks Webcams/cameras Refrigerators Medical Devices Printers Light Bulbs Thermostats Door Locks How bad is it? SecureRF Securing the Internet of Things 13

Who is working on This? (Or should be) ISO/IEC JTC1/SC31 WG7 ISO/IEC JTC1/SC27 Industrial Internet Consortium AllSeen Alliance Thread Group Open Interconnect Consortium IEEE P2413 Summary Securing small Things is a challenge Looking for a solution to secure a lot of different Things a BIGGER challenge Understand your solutions security needs E.g. Authentication? Confidentiality? Integrity? Current solutions may not come from existing protocols/tools Performance, Strength & Time vs. Platform SecureRF Securing the Internet of Things 14

SecureRF Corporation 100 Beard Sawmill Road, Suite 350, Shelton, CT 06484 www.securerf.com Twitter: @SecureRF Louis Parks Voice: (203) 227-3151 X1301 Mobile: 203-451-3920 Email: LParks@SecureRF.com SecureRF Securing the Internet of Things 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information