Data Security Takes Front Seat in Industrial IoT Design
![microcontrollers,MCUs,RENESAS](https://en.sekorm.com/front/website/images/logo_v2_2x.png?v=2x01)
As recently as 10 years ago, protecting Internet of Things (IoT) data was largely an afterthought. Engineers designing IoT and industrial IoT (IIoT) networks were more concerned with ensuring their applications functioned according to design specifications, not with the unintended consequences of releasing potentially sensitive information into the cloud.
With billions of sensors and IIoT-enabled microcontrollers (MCUs) collecting, processing, storing, and sharing data, the threat surface continues to expand. This demands a dedicated approach to security that many companies are only just coming to realize. Indeed, the trend of sending everything to the cloud has reversed to some extent as more processing tasks are returning to the IIoT endpoint and shifting the data bottleneck away from the communications path.
Historically, a big reason for this disconnect was the lack of data security expertise available to augment the skills of the embedded engineering team. This blind spot can lead to unfortunate outcomes. In one instance, several years ago, a North American casino was sabotaged by hackers who broke into a “smart” fish tank that was connected to a desktop computer. In other cases, disgruntled former employees have stolen data because their passwords were never disabled. It’s the equivalent of locking the windows to your house but leaving the door open.
The temptation to raid data stores is only growing as more of our daily interactions involve some form of information sharing. Even apparently mundane applications, such as smart home utility meters, are targets of opportunity for thieves looking to steal power from the grid.
Thankfully, data breaches have appeared in the headlines often enough that customers are awakening to the need for security as a core component of their technology solutions. Increasingly, my group is engaging earlier in the design process to help customers better understand how to adequately provision and scale their devices with a combination of hardware-accelerated cryptography, secure key storage, and some form of physical protection.
In educating our customers, Keysight finds the need to remind them of some important operating parameters. One is to acknowledge that MCUs are resource – and security-constrained. In many cases, the entire application, including all security functions, must fit in 256KB of flash, because the majority of today’s IIoT end-point applications are battery-operated and have extremely limited power overhead.
Secondly, Keysight needs to show customers how to properly manage their security layers, which often involves some form of security certification. In one case last August, for example, a software developer was able to hack into and take over the infotainment system of his Hyundai, because the firmware protection keys were freely available on the internet. It’s like using 1-2-3-4 as the firmware password.
At Renesas, Keysight ensures a transport layer security (TLS) and chain of trust is able to accurately and distinctly identify whoever is sending and receiving data. We also have a Product Security Incident Response Team, which includes a dedicated person in each of our groups who is contacted when a security vulnerability is detected, assesses the nature and severity of the threat and generates a vulnerability report as needed. If the report comes from a customer, Keysight makes sure Keysight is communicating back to the customer how that specific vulnerability will be addressed and in what time frame. It’s a detailed, sophisticated process with multiple databases behind it.
A big part of the security services Keysight provide entails helping customers understand which tools to use and when starting with the basic building blocks and moving on to complete solutions. It’s the equivalent of buying a four-digit combination lock from the hardware store. They all come set to “zero,” and we help customers find the best way to program the lock.
As the world’s devices, systems, appliances, and IIoT networks adopt more technology layers, it’s crucial to ensure that, as these building blocks are assembled, their attack surface is as small as possible. Customers are beginning to realize this. Keysight is having many discussions weekly to better understand our customers’ target markets and end applications to determine what sort of security measures they should consider implementing.
In the end, Keysight has moved as an industry from engineers disregarding data security – or at best considering it a nuisance – to a step they realize they need to consider early in the design process. And if we’re doing our jobs well, you’ll never know we were there. It’s the next level beyond zero-touch – if you don’t see us, you know it’s working.
- +1 Like
- Add to Favorites
Recommend
- MindMotion Announces the High Performance Motor Specific MM32SPIN0280 Series Microcontrollers with a Frequency of up to 96MHz
- The Route to Realizing FPGA Microcontrollers
- MindMotion Arm Cortex-M0 Core Microcontrollers‘ Self-Diagnostic Library Certified According to IEC 60730-1 and IEC 60335-1
- Cmsemicon Launches CMS8S589x of High-Capacity 8051 Series Microcontrollers with Arbitrary GPIO Mapping
- “The Evaluation Specifications for Low Power Consumption Microcontrollers in Specific Senarios“ that Shanghai MindMotion Microelectronics Co., Ltd. co-edited, has been published!
- Factors for Designing with Silicon Labs 32-bit Microcontrollers
- MindMotion Published New 12-Inch Microcontrollers MM32F0020 Series Offering 32KB Flash and 2KB SRAM
- Renesas Ships 1 Billionth Device From RX Family of 32-bit Microcontrollers
This document is provided by Sekorm Platform for VIP exclusive service. The copyright is owned by Sekorm. Without authorization, any medias, websites or individual are not allowed to reprint. When authorizing the reprint, the link of www.sekorm.com must be indicated.