For the success of IoT solutions, software developers must pay special attention to protecting IoT devices from hacker attacks and other threats to data security. In doing so, they can fall back on methods and technologies that have already proven themselves in other applications.
While there will never be 100% security for wearable IoT devices, software developers and architects should do their part to mitigate threats from hacking and data breaches. However, in some cases, the mindset around developing security measures needs to change. In principle, security should never be considered secondary when designing embedded systems. Safety aspects must be taken into account from day one of the conceptions. The development of security measures should be viewed as design protection – as an investment and not as a cost factor.
Security begins with the conception of a device and extends through planning, development processes, and technology issues. This article focuses on key technologies that are helpful, if not critical, to the development of secure wearable devices.
A vital security technique is authentication measures. This includes, for example, code authentication, which essentially involves authenticating the binary operating system image. Developers can set up their system and verify that the incoming data is from the Original Equipment Manufacturer (OEM). They must also examine whether any part of the code has been modified.
Code authentication and secure boot authentication are essential steps to secure embedded IoT devices: Code authentication requires a public and private key. The public key is made available to everyone on the network through a public open-source or directory. The private key is confidential and intended only for the respective owner. Since the key pairs are mathematically linked, anything encrypted with a public key can only be decrypted by the corresponding private key – and vice versa. This type of authentication achieves a high level of confidentiality.
Secure boot authentication begins with executing a first-stage boot loader stored in fast flash memory and provided by Trusted Platform Module (TPM) hardware. This bootloader resides in protected memory, so hackers cannot replace it. The signature and the crypto key for the second-stage boot loader are also stored in this protected memory. The first stage boot loader calculates the signature of the second stage boot loader using the encryption hardware and the crypto key. If the computed signature for the second stage boot loader matches the stored signature, then the second stage boot loader is valid and allowed to run.
Separation Of Processes
Many IoT devices available today offer enhanced system performance to run robust applications. Since size, power consumption, and costs have to be further reduced; software developers must implement complex applications despite limited memory resources. A separation of processes is beneficial for such applications. While process separation using a system MMU or MPU alone does not guarantee security, it does ensure that faulty applications do not affect other applications or the kernel itself.
In this way, problems such as stack overflows that reside in application code can no longer affect or corrupt the operation of system software. The Nucleus process model partitions memory and creates protected areas without memory virtualization. This is particularly important for space-constrained applications where a minimal footprint is essential. Memory partitioning provides the framework for loading new applications with cloud services or splitting large algorithms into smaller components.
The security of IoT devices is a complex topic. Security features such as secure boot, code authentication, and chain of trust are now required in some form on every portable device. Mentor Graphics helps developers secure their IoT devices through tools, operating systems, platforms, and services.
Also Read: The Internet Of Things Confronts Security