The security issues surrounding the internet of things (IoT) devices range from tiny semiconductors to global supply chains.
We Need to Build Trust for each IoT Device
Wide-ranging security challenges threaten to slow down the adoption and growth of the IoT industry. Geopolitical and data sovereignty challenges drive the creation of trusted supply-chain ecosystems in Asia, Europe, and the Americas, according to Tom Katsioulas, Board Chair of GSA Trusted IoT Ecosystem Security (TIES) an industry group. Nowadays, more IoT devices need a root of trust (RoT) for secure boot, secure storage, secure data access and identity linked to such data. The COVID pandemic has resulted in accelerated digital transformation, chip demand, and supply chain shortages, increasing the risk of counterfeits with more people working remotely. (Read more: RoT: The Foundation of Security)
“We need to trust every aspect of the supply chain with respect to design and procurement of services,” Katsioulas said. “Digital transformation of the supply chain presents an opportunity to evolve the existing infrastructure in a way that enables trusted traceability of process and products to maximize the level of security.”
Many issues are related to the semiconductors that run IoT devices, according to PUFsecurity consultant Albert Jeng.
“The three keys to chip security are building trust into each device, verifying its security during the design stage, and maintaining records on the chip through its lifetime. These steps are critical for upholding semiconductor supply chain security,” said Jeng.
Without adequate protections, it becomes difficult to securely deploy IoT and other devices connected to the internet. The provisioning of security and identity for each device is important as a broader range of devices are under attack. Moreover, home networks are increasingly vulnerable through the wider use of edge devices. Because of the pandemic, people have left secure parameters and adopted easily penetrable devices and networks.
“More IoT devices used equals more holes to cover,” says Luis Ancajas, director of IoT solutions for memory chipmaker Micron. The best defense is assuming there will always be invasions. The question is how to trace violations and identify where breaches occurred. Until now, software-based protection was the most common. Unfortunately, this approach is only as strong as the device operating system. Such electronic devices typically store their secret key critical to system security within a visible eFuse device vulnerable to invasive attacks.
An Ideal Solution to Build Root-of-Trust inside Chips: PUF
An alternative secret key solution is the physically unclonable function (PUF) technology that functions as a chip’s inborn fingerprint and provides security-related advantages. PUF is an emerging solution used as a hardware root of trust (HRoT). The ideal PUF generates secret keys that are highly random, independent of each other, and reliable within all operating conditions. (Read more: Why a True Hardware PUF is more Reliable as RooT of Trust)
“A PUF can create a unique identity (UID) or an inborn fingerprint for each chip,” according to PUFsecurity R&D Director Meng-Yi Wu. “Therefore, it provides an immutable secret to derive public-private keys for many applications in the supply chain and field use. HRoT enables secure boot, secure storage for silicon lifecycle data, and secure access of the chip for secure read/write data.”
A PUF can also help remedy the vulnerabilities of the chip manufacturing process, according to Wu. PUF can prevent over-production in manufacturing or reverse-engineering post-manufacturing when coupled with appropriate software infrastructure. Unauthorized excess production or counterfeit chips raise costs, increase risk, and damage brand reputation. (Learn more on video: PUF-based Solutions for Supply Chain Protection)
According to Wu, chip inborn ID and key generation are more secure than an injection of random numbers and less costly since it does not require secure facility or complex infrastructure.
The registration of chip IDs happen automatically during “chip birth,” the first power-up during a probe test. When the testing process integrates with the manufacturing execution software (MES) of a chipmaker, counting the number of good dies or leveraging sign tools to activate legal devices further can prevent over-production. When the UID combines with chip-package markings, it can prevent counterfeits in the supply chain.
There are two kinds of RoT — injectable RoT, which requires a trusted and secure facility to create it — and inborn RoT, a newer solution creating opportunities to implement zero-trust and greater automation.
A chip HRoT can be created in two ways: a trusted manufacturer can inject it, or a PUF within the chip can generate a very random, unique, unclonable unpredictable secret key.
“The first and most crucial part is provenance,” says Ancajas. “Trust needs to begin somewhere.”
“When you enroll the PUF, something must prove that it was enrolled by the right company.”
An HRoT can provide a secure environment to create, store, and use keys within a chip on behalf of the client application running on the CPUs. The HRoT must be secured by design to perform security functions like data encryption, certificate verification, and basic key management to support secure boot and identity authentication.
The effort is a collaborative exercise within the ecosystem between the IP supplier, the chipmaker, and others in the supply chain.
RoT as the Foundation will Become the Future of the AIoT
Ultimately, over-the-air device onboarding, management, and updates of electronic devices are based on RoT.
“We’re talking about fleet applications right now,” says Katsioulas. “We’re going to have secure operation centers talking to millions of devices and possibly billions of chips. Chips will be in factories, planes, trains, automobiles, and smart infrastructure, generating data to be analyzed historically or in real-time. That data better be trusted; the only way to achieve this is creating a digital thread in the supply chain that ties to a Hardware RoT.”
A truly reliable and inborn PUF that doesn’t need additional calibration is the best secret key source candidate, according to eMemory Senior Marketing Manager Sean Wang. The inborn randomness derived from the chipmaking process is central to security because it is non-predictable.
There are many advantages to the use of PUF technology. Especially with an inborn PUF, the silicon life cycle management (SLM) for trillions of AIoT devices from the design phase to the field use stage can be more secure than ever.
PUFsecurity, a key provider of intellectual property (IP) that helps strengthen security at the chip level, hosted a forum IoT experts to discuss the industry’s challenges and outlook.