A Basis of Trust For the IoT
In the classic grandchild scam, a con artist poses as an elderly victim’s grandchild over the phone or even in person to get “financial support.” Such scams take advantage of the fact that human interaction in both private and professional settings is based on trust: Without trust, there would be no trade, no financial transactions, no effective communication and no social cohesion. In IT, trust plays an equally important role especially in the internet-of-things (IoT) and in networked production processes (smart factory).
A Need for Trust
Computers, machines, factories and other networked “things” need to be able to trust that the digital communication’s counterpart is exactly the device it appears to be. Furthermore, it must be guaranteed that the counterpart is in its original state; i.e., that it hasn’t been in any way compromised or manipulated. After all, such manipulation could be used to spy on data, encrypt data and demand a ransom or sabotage processes. Let’s not forget that, according to Bitkom, 88% of German businesses were the target of cyberattacks in 2020/2021, and the association estimated the cost to be €223 billion.
IT uses digital certificates to make it possible to verify the trustworthiness of systems. These are unalterable proofs generated by cryptographic processes which can be used to determine the authenticity and integrity of digital items. With the use of certificates, a device can verify that the person it is communicating with is truly the application, cloud service, end device, networked device or other component that is expected at this particular point. This facilitates trustworthy communication between endpoints and prevents abuse.
Manufacturers of networked devices, machines and systems can firmly embed such proofs into the device’s firmware. This, along with the continual status monitoring, creates a so-called root of trust or trust anchor for digital communication in IoT processes. This allows for the secure and unquestionably reliable interaction of networked industrial technology with other devices, systems and IT components.
Overcoming Barriers to Entry
Companies looking to enter into networked manufacturing face two challenges: First, they need to retrofit their existing machines with root-of-trust technology. Second, trusted machine communication on a factory floor alone is no longer enough in today’s world; secure machine control, maintenance and updates must also be possible via the cloud.
Up until now, retrofitting machines and systems has generally been done using appropriate software. However, purely software-based solutions run the risk of allowing savvy attackers to succeed in compromising the chain of trust. In some cases, attackers have managed to hack into pure software solutions; for instance, by obtaining administrator access rights. In light of this, the German Federal Cyber Security Authority (BSI: Bundesamt für Sicherheit in der Informationstechnologie) has ruled out pure software-based solutions in modern concepts like technical security equipment (TSE) in the cash register security act.
It makes more sense to retrofit with hardware-based root-of-trust technology, even when it is not already required. When using a hardware-based security solution, the trust anchor is based on storage hardware that is already embedded in the system, like a USB stick, SD card or soldered-on component, and that securely connects to an associated machine or system using a software connector. In this case, the trust anchor is cast in hardware, so to speak, therefore permanently protecting it against manipulation. Retailers in Germany, for example, benefited from this type of “retrofitting” last year when they were required by a new regulatory framework to add tamper-proof payment recording to their POS systems.
Trusted Communication Across the IoT Environment
The necessity of making devices and systems (and maybe also products) accessible via the cloud for remote control, upkeep and upgrades is removed by such a hardware-based notion. This is because communication with the cloud, for example with Amazon (AWS), in that case, takes place via hardware-encrypted channels with the AWS IoT Client in the AWS Greengrass OS (local instances of the AWS cloud infrastructure). This opens the door for trusted communication across the whole IoT environment, from networked devices and assets to the public cloud, including the cloud provider’s edge instances.
Installing a root-of-trust in new devices and retrofitting existing IoT components is possible for any Windows- and Linux-based system. A hardware-based security concept thus allows networking of machines and systems that can always be trusted—and prevents the unexpected appearance of digital “grandchildren” on the factory floor.
