Co-authored By: Harsha Vachher
With the coming of IoT, billions of sensors and devices are rapidly gaining connectivity. However, in spite of creating huge business opportunities and offering several consumer benefits, IoT introduces serious security threats into the digital ecosystem. Securing an individual device has its own unique challenges – such as limited hardware and software resources, as well as the associated bandwidth requirements.
Here are some of the questions associated with IoT device security:
Secure Boot, or device tamper detection, uses digital signatures to validate and authenticate the device software each time it is turned on. This prevents unknown or malicious software from running on the device.
Similar to the way a person signs a legal document or check – a digital signature is linked to the device image to verify that only the software image approved for execution, and digitally signed by an authorized entity, is loaded on the device.
This establishes a “Root of Trust”— a key element for IoT device security.
A Bottom-up Approach: Booting into a secure state
A ground-up approach builds a Root of Trust from platform layer to application layer – creating a secure ecosystem. The first step is to ensure that when a device starts from reset, it is in the ‘expected’ state, its firmware is unscathed, and that there has been no tampering. Using code signing, the device runs self-test processes to check the authenticity and integrity of firmware – prior to further execution. Once the test is passed at one layer, it can move to the next layer to validate additional device subsystems code.
After ‘power-up’, the device starts executing the Root of Trust code from a secure location – like ROM or internal flash. The primary task of this code is successfully verifying the signature, before software execution. The verification process is carried out using a public key – previously loaded on the device via multiple certification methods.
Figure 1: Root of Trust
The Secure Boot process is vital to implementing a Root of Trust.
Secure Boot improves security and reduces boot time by leveraging the platform’s hardware capabilities – including hardware cryptographic accelerator, secure signature storage, and secure key storage. It helps create a trusted module – the first step to validating the integrity and authenticity of other device components. The stage-one bootloader becomes part of the trusted platform module, and serves as Root. Next, the device OS, applications on the execution queue, and other systems are validated in succession – creating a chain of secure entities that originates at Root.
Why is it better to build security into IoT devices from the beginning?
Role of HCL in enabling Device Security
HCL is recognized as a global Internet of Things (IoT) leader – we believe security is an integral part of IoT adoption. HCL offers a comprehensive range of security services and solutions for embedded IoT devices across multiple industry verticals – defining and implementing an end-to-end security blueprint while integrating COTS and open source security components.
In-built device protection is a critical security layer – the device becomes autonomous, working independent of the network firewall or infrastructure security. It also allows customization based on individual device requirements.
Since many embedded devices are deployed outside the standard enterprise perimeter, it is critical that security be integrated into the device core itself. However, implementing secure boot requires specific hardware capabilities – device security, therefore, must be a critical factor in the design phase itself.
The bottom line is - Secure Boot is a key technology for creating the Internet of Secure Things.