Issue 42

IoT: from device to cloud

Leonard Pitu
Senior Key Expert/Research Engineer @CT RTC ELE ELD-RO @ Siemens

Digital security has been and still is a controversial subject. Needed but extremely difficult to implement, digital security is a major challenge to both customers and manufacturers of IT equipment used in connecting industrial automation systems. Over the years, the evolution was tremendous, starting from a niche research field up to what we call a "mainstream" technology.

The IT domain has gone through a fast evolution cycle, starting a few decades ago from a simple transistor. This evolution had two main directions - easing of human activities and facilitating their communication. The appearance of the "Internet-of-Things" represents a major step in this evolution. The basic concept is very easy to grasp: each device, "thing", can be connected to the Internet and accessed remotely - regardless of it being a central heating system of an entire factory.

The potential is huge - all devices surrounding us are instantaneous becoming intelligent and can collaborate with each other or with other online services. A very simple example could be a central heating system. Currently the device is set-up by the manufacturer, in the factory. The user can set a few parameters such as the desired temperature during a certain time interval. A smart heating system introduces many more parameters such as weather forecast or the owner's calendar.

As such, if the owner is on vacation and the outside temperature is set to drop, the heating system will start on its own, in due time for the owner to have a pleasant room temperature upon arrival. Even more, the manufacturer can optimize the heating system also over the Internet, using software updates-like mechanisms. In this way the IoT is offering a complete new view over the human-machine interaction - everything becomes interconnected and as such reachable. Still this advantage brought by the IoT becomes a powerful weapon in the hands of digital attackers. With the same ease with which the heating system is configured an attacker is able to compromise it.

Figure 1: Number of attacks in dramatically rising (source: Data Breach Investigation Report 2014)

Even during the so-called concept phase of the IoT it became obvious that assuring security of digital systems that form the actual IoT is a must. Interconnecting systems which until lately were isolated opens new opportunities to attackers, regardless of their motivation, as one can see from the technical literature which almost weekly presents new vulnerabilities that were exploited in attacks more complex than ever. By their nature, isolated systems are easier to protect - the simple fact that these are inaccessible to the large public eases the task. These systems are protected by private security solutions, mostly developed by a single company, without a dedicated security evaluation program meant to identify breaches and/or development problems.

Reaching over physical barriers also meant that technical knowledge related to security, cryptography and cryptanalysis have become mainstream technologies and known to the public at large. This helped opening up, to both users and attackers, the until recently "closed source" domain called "security". These facts helped invalidate in a very short time many technologies used in securing isolated systems.

Attacks have revealed concept and implementation errors as well as security policies flaws. Modern digital viruses are getting more powerful with every generation having usually multiple data collection and self-replication mechanisms. For example, FLAME has a physical dimension of 20MB with a code base of a few million lines of code. FLAME has 5 independent data encryption mechanisms and a SQL database for collecting and storing structured data. FLAME is capable to infect a system without leaving any trace - there is no process running on the system, which can point to its existence, and the memory allocated by the malware is not visible from the user space.

Figure 1: Digital security - a multitude of technologies (source: www.microsemi.com)

Given this context, the necessity of developing new security concepts and models become necessary. Dedicated solutions, which were mostly very complex, have proven to be inefficient in the light of modern attacks. Given the scalable nature of the IoT very few "old" security concepts could be adapted to present day needs. By its nature, the IoT exposes private information related directly to human individuals and as such, privacy has become a primary concern. Implementing this assumes the utilization of modern cryptographic primitives as well as authentication and authorization techniques. The on-line data transfer, which lies at the basis of the Internet and even the modern society, also need to be secured. As such, the basic security needs of the IoT have crystallized.

In order to be able to develop long-term solutions, the trend is to apply simple yet scalable techniques. An example in this sense is a utility provider, which easily has millions of users. All these users need to be able to securely use the same service at the same time; all users must authenticate, must be authorized, must be able to view their balance, current bill and historic data and even pay their bills. In this context digital security has evolved to an integral part of the design process influencing both hardware and software architectures. Software solutions offer more flexibility, can be developed faster, and with less effort yet are prone to errors (a classic example would be the famous "buffer overflow" error, which is extremely easy to exploit. Hardware solutions on the other side are much more difficult to implement, require more human and financial effort but are less prone to errors and security vulnerabilities.

Finding the right balance between hardware and software solutions is the optimum approach for developing secure systems. Currently there is no standard or methodology to facilitate this - the only way to go is to rely on human experience. Over the course of a risk analysis developers can identify the major threats the system will probably encounter. This is followed by the identification and/or development of technologies needed to implement protection measures against these threats. The architecture of a digital system can be drastically influenced by the indentified risks. Still introducing supplementary security levels can reduce performance therefore more architectural changes are needed.

Usually just one protection method is not enough so a multitude is used. Systems need to be active and not just passive or reactive. As such, a system must be capable to detect, identify and react to security threats very much like our immune system. All these traits define the security level a system is capable to offer.

An important aspect of developing security solutions is the verification. Again, there is no standard to assist the developers in their activities - the only help consists of a few guidelines. This domain is currently shifting its focus from a weak, experience based verification to a formal one, based on mathematical models.

Figure 2: Top 10 security threats (source: Cloud Security Alliance)

IT systems, which lie at the foundation of the IoT are spread over a large geographical area splitting the security problem between the cloud and the multitude of things. Even more, a third party making security very difficult to implement usually represents the cloud. Besides the technological aspect, there is also the legal one, which needs to enable the usage of powerful cryptographic methods.

The race between attackers and "protectors" is far from over as one can see from the rising number of vulnerabilities being exploited in attacks therefore making security a living technology, which has yet to mature over the next few years. The transition to intrinsic security, which exploits the physical properties of a silicon device, will offer a root-of-trust to developers allowing them to implement more powerful protection methods. In the cloud, a major leap forward will be the usage of homomorphic cryptography, which will allow encrypted data to be processed without the need for decryption. This technology will assure users with the much-needed privacy without depriving them of the benefits of cloud-based solutions.

Organizations such as the "Cloud Security Alliance" or "European Cloud Partnership" are also announcing a better legal framework for the IoT.


  • comply advantage
  • ntt data
  • 3PillarGlobal
  • Betfair
  • Telenav
  • Accenture
  • Siemens
  • Bosch
  • FlowTraders
  • MHP
  • Connatix
  • MetroSystems
  • BoatyardX
  • Colors in projects