How to network industrial IoT devices to cloud applications securely & at scale
Author : Chris Jones | Security Solutions Specialist | Crypto Quantique
01 June 2021
Crypto Quantique_Figure 1_IIoT security process overview from silicon-to-server
Security worries are still holding back industrial IoT (IIoT) deployment. Fear of sending data over the internet sees companies ringfence their assets and hang onto outdated systems & processes that compromise efficiency & productivity. Whichever way you look at it, security is complicated – but so are cars, yet most of us have figured out how to drive them...
This article was originally featured in EPDT's H1 2021 IoT & Industry 4.0 supplement, included in the June 2021 issue of EPDT magazine [read the digital issue]. And sign up to receive your own copy each month.
In this plain English guide to IoT connectivity & device management, Chris Jones, Security Solutions Specialist at quantum-driven end-to-end IoT cybersecurity firm, Crypto Quantique aims to show you how to drive IoT security, while explaining a little of what’s going on under the hood – but not so much that it over-complicates the issue...
Sensors and actuators are the most common IoT devices. They are sometimes described as ‘edge devices’ or ‘endpoints’. The devices communicate over networks with applications running on computer servers. The servers may be on-premises or in the cloud. Amazon (AWS) and Microsoft (Azure) are two of the biggest cloud providers. Two conditions need to exist for the devices themselves and the messages passing through the network to be secure:
1. The endpoints and servers need to know who they’re talking to. There’s no room for doubt. This means that IoT devices, most of which are designed around microcontrollers, must have unique, immutable, and unforgeable identities.
2. The messages must be encrypted and decrypted, so that only the intended recipients can understand them. Clever cryptography and signable digital certificates are used for this purpose.
Cryptography is complicated, creating a barrier to IIoT deployment. The only way to address this challenge is with software that presents a simple, easy-to-understand user interface while doing all the complicated stuff in the background.
This article describes the building blocks of a secure IoT infrastructure, and the process that needs to be followed to create one. While it references Crypto Quantique’s QDID hardware IP integrated into microcontrollers and the company’s QuarkLink cloud-based security platform to illustrate the process, the fundamental steps are similar for other roots of trust (RoTs) and platforms.
An overview of the process is shown in the graphic above.
It all starts with a root-of-trust
A root-of-trust, or RoT, comprises a device’s identity and its cryptographic keys. It’s the most fundamental requirement for a secure IoT network. Identities and keys are random numbers – and the more random the better, because that makes them harder to hack.
Many IoT devices rely on these random numbers being injected into their microcontrollers, after which the numbers are stored in non-volatile memory. It’s expensive to do and third-party involvement presents a security risk in itself. Stored keys are vulnerable to theft or leakage too, so this common process is fraught with difficulties.
Using hardware IP embedded into the fabric of microcontrollers to internally generate identities and keys is more secure and more flexible. QDID, developed by Crypto Quantique, is an example of such IP. It enables multiple random identities and related keys to be created on-demand throughout the operating life of IoT devices, eliminating key injection and storage.
Here’s how it works:
Chip manufacturing ‘imperfections’ are random – and quantum effects even more so
During CMOS chip manufacturing, the thickness of the oxide layer exhibits random variations. At these microscopic geometries, quantum tunnelling means that some electrons will pass through the layer.
How many do so cannot be predicted, it’s only possible to predict the probability of it happening because it’s random. In short, we have randomness upon randomness. QDID measures the tiny currents generated by quantum tunnelling to produce the random numbers that become the device identities and cryptographic keys. These random numbers are fixed at the time of manufacture and can be read out at any time by the QDID.
After chip manufacture, QDID firmware is programmed into each microcontroller and the chips’ identification number is read and registered with Crypto Quantique’s Global Inventory platform, hosted on a secure server.
How the QuarkLink user platform works
The QuarkLink user platform has a simple graphical user interface that is used to provision, onboard and manage the IoT devices built around the microcontrollers.
This is the four-part process:
1. The pre-defined server policy is chosen from a drop-down menu. It’s usually AWS, Azure or Mosquito, but QuarkLink can be adapted for others.
2. A batch of chip identity keys is uploaded and checked against the identification numbers on the Global Inventory for a match.
3. When a device needs to onboard, it makes a request to QuarkLink, which sets up a secure communications link using the industry-standard Transport Layer Security (TLS) protocol. Through this secure link, the devices are asked to prove their identities.
4. With that done, securely encrypted connections are established, then the devices communicate with the server-hosted applications.
This QuarkLink platform makes it easy to manage security throughout the operating life of IoT devices. It manages certificates and security policies, facilitates firmware signing and encryption for secure over-the-air (OTA) updates, and manages key and certificate renewal. Certificate renewal is sometimes needed after a system fault or external interruption. Devices are easily removed from the network if they fail or if their security is compromised. The onboarding process can be repeated if the owner of the devices happens to change for any reason.
The QuarkLink platform doesn’t only work with the QDID root-of-trust. It is also part of the Renesas RA Series secure microcontroller ecosystem and it supports Silex Insight’s eSecure RoT module. It is currently being adapted to work with microcontrollers and ASICs from several other semiconductor vendors.
Complex security is an IIoT nightmare – but the dawn is breaking
The main reason for the slow adoption of IIoT is the complexity of IoT security. Companies have tried to manage the tasks described above in-house, but the fact that the most recent Amazon guide to security in the AWS cloud is 27 chapters and 365 pages long serves to illustrate the scale of the challenge.
Implementation can take months and many projects fail altogether. Software that automates all this complexity is the only way forward, reducing tasks to a simple user interface that embedded engineers and IoT network operators can learn quickly and use with confidence. With the right platform, no cryptographic skills or knowledge are needed, and quantum mechanics can be left to the physicists. QuarkLink users become competent with the platform in under an hour and QDID semiconductor IP makes quantum-driven security an economically and technically viable option for any microcontroller or ASIC manufacturer using standard CMOS processes.
Contact Details and Archive...