© Cinterion Wireless Modules GmbH 2012, All rights reserved

francois.ennesser@gemalto.com

Security in Machine-to-Machine Communication: The role of the Telecommunication Operator

“Internet of Things” = Increasing need for M2M security

Threats in the internet today

M2M vulnerabilities

More devices & value

Increased Security Threats

Threats in M2M tomorrow=

Billions of targets online

Francois Ennesser, GemaltoPage 2 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

Weak embedded Devices OS

Connectivity/Availability

Security breaches in software

Decreasing cost of attacks

Internet as source of attacks

We need to prepare today …What will be the costs of failed / compromised systems?

Please adjust your paranoia level now! ☺

Internet connected devices

Lack of user authentication:Zoombak tracking device (GPS/GPRS): http://news.cnet.com/8301-27080_3-20056540-245.html

• Can be identified and tracked by non-authorized persons

• Can even be impersonated!

Luxury car stolen in 3 minutes using security loophole: http://www.networkworld.com/community/node/80983• No authentication required to duplicate electronic key!

Home automation: garage doors, etc.

SIM stolen from South Africa’s traffic lights: http://www.bbc.co.uk/news/world-africa-12135841• Not paired to the device, and usable for voice phone calls

Weak device security with Internet access:

Examples of M2M attacks

Francois Ennesser, GemaltoPage 3 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

Weak device security with Internet access:Discovergy Smart Meter: http://nakedsecurity.sophos.com/2012/01/08/28c3-smart-meter-hacking-can-

disclose-which-tv-shows-and-movies-you-watch/• Hacked to transmit meter readings (up to every 2 seconds) via HTTP, unencrypted, without authentication!

Internet exposure of dutch water pumps: http://www.cyberwarzone.com/cyberwarfare/dutch-bridges-vulnerable-hackers• Could be operated by anyone from a home computer!

Unprotected local wireless links:Jamming attacks e.g. preventing remote activation of alarm systems

Insulin pump hack Over The Air: http://www.theregister.co.uk/2011/10/27/fatal_insulin_pump_attack/• Uses unencrypted local radio link

• Could deliver fatal dosage!

Heart monitor hacking: http://www.theregister.co.uk/2008/03/12/heart_monitor_hacking/• Can be turned off or forced to deliver impulse!

Different types of M2M security risks

� Privacy (e.g. Discovergy Smart Meter Hack):

• Personal data, relating to an individual, should be accessible only to authorized parties (lawful purpose or user consent)

• Ensure identification and authentication of involved parties

• Local processing by devices reduces exposure (e.g. send anonymous data)

� Fraud (e.g. South African Traffic lights):

Francois Ennesser, GemaltoPage 4 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

• Unattended devices deployed in unsecured environments are open to attackers

• Restrict access and services to essential channels only, configure APN…

• Do not transmit ID, password or APN on unprotected channels

• Use physical or logical pairing between M2M device and SIM/MIM (cf. ETSI TS 102 671)

� Critical Infrastructure exposure (e.g. Dutch water pump)

• Resources of attackers can be commensurate to potential damages!

• Clearly assess liabilities with all actors

• Minimize risks with adequate security measures at organizational and technical levels

• Do not forget human factor, and remember that one weak link compromises the whole chain!

The network operator in the M2M security ecosystem

• The main M2M security risks rarely originate from the communication network:

Weak application design or unprotected device hardware are most common causes

• Most M2M applications come from industrial fields which still lack ICT expertize:

e.g. energy, automotive, healthcare…

• Yet Telecommunication Operators reputation may be at stake, as affected final

Francois Ennesser, GemaltoPage 5 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

• Yet Telecommunication Operators reputation may be at stake, as affected final

users may not make the difference!

• Play a role in developing the security awareness of M2M customers!

• Telecommunication Operators have opportunities and tools to assist M2M customers

in securing their applications:

• Monitor connections using keep-alive messages

• Correlate location data with e.g. GPS tracking

• Leverage on existing trust provisioning chain (SIM) to deploy applicative security credentials

� Enable applications to leverage on deployed authentication and identification infrastructures

� Use OTA remote management for secure deployment of applications, firmware upgrades, etc.

How to make a M2M system „secure enough“

• Physical device

Francois Ennesser, GemaltoPage 6 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

Defense AnalysisRisk Analysis

Cost of attack

Attack Probability

Potential Damage

Prevention possible?

Detection possible?

Cost of prevention?

• Physical device tamper-resistance

• Embedded Secure Element, e.g. SIM

• Modem security

• Application communication (e.g.

encryption)

• Network security

• Application backend server security

How secure are elements of M2M communication systems?

Communication Networks

Connected Devices Communication components

What makes an application “secure”?

Francois Ennesser, GemaltoPage 7 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

Security is a chain => all the links must be secured

How secure are the networks?

Cellular Networks? Internet?

No security by default!

� Use e.g. TLS encryption

There are numerous security measures built within

cellular networks:

� User identity is obscured

Francois Ennesser, GemaltoPage 8 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

> Depends on MNO settings (some 2G algorithms are weak)

> Beware of SMS in particular !!! (use encryption and signature)

encryption

� Credentials must be

adequately protected

(tamper resistance / security certification)

� User identity is obscured

� Traffic is encrypted

� Use of SIM as “secure element” protecting

secrets used for authentication

Yes, but ...

How secure are connected devices?

Cost of

Attack

☺

Francois Ennesser, GemaltoPage 9 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

�

Security demand

�

Security demand = Attack probability * Potential damage

Cost of Attack

Examples of device security improvements

Security Measures

Tamper-resistant enclosure $ € £ ¥ $ € £ ¥ $ € £ ¥

Goal: increase cost of attacks that are most likely to happen

Francois Ennesser, GemaltoPage 10 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

Authenticate SMS

Tamper-resistant enclosure

Authenticate via certificates

SSL/TLS* encryption

Protocol & data encryption $ € £ ¥ $ € £ ¥ $ € £ ¥

$ € £ ¥ $ € £ ¥ $ € £ ¥

$ € £ ¥ $ € £ ¥$ € £ ¥

$ € £ ¥ $ € £ ¥ $ € £ ¥

$ € £ ¥ $ € £ ¥ $ € £ ¥

*SSL = Secure Socket Layer

TLS = Transport Layer Security

What is “modem security” ?

Modem must be secured

� against manipulation (e.g. firmware reflashing)

� against reverse engineering (e.g. through diagnostics port)

Secure communication between modem and application

� external interfaces (serial, USB) are vulnerable against tracing / reverse

Francois Ennesser, GemaltoPage 11 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

� external interfaces (serial, USB) are vulnerable against tracing / reverse engineering

� encryption may be an option (but key must be stored securely)

Internal application (e.g. Java)

� Java midlet must be protected against manipulation & reverse engineering

� Midlet update must be secured

� File system access must be protected as well

� Rely on tamper-resistant storage/execution environment, e.g. in SIM/MIM

How does a GSM module contribute to application security?

Cinterion Module

Transport Layer Security

Java Security API

Francois Ennesser, GemaltoPage 12 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

Jamming Detection

3GPP Security

Firmware & IMEI protection

Lock SIM, Module, Cell

Some frequent M2M threats

Attack

complexity

Attack

likelihood

Attack

Impact

Characteristics Countermeasure

Application snooping

low med/high med Application-level encryption

AT Command encryption

Lawful interception

N/A med med Legal implications

Impossible to detect or prevent

Application-level encryption

Jamming low high med Easy to detect, impossible to prevent

Jamming status detection (radio link monitoring)

Francois Ennesser, GemaltoPage 13 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

Air interface Interception and decryption

med med high Mostly on 2G networks Application-level encryption

Encryption status display/check

Fake networks („IMSI Catcher“ fake BTS)

med med high Works in 2G mode only

Equipment now affordable

Possible to detect & evade

Scan frequency spectrum to detect

Encryption status display/check

Fake networks

GSM Layer 3 attacks

high low high Device stack dependent

May enable code injection!

Protocol stack hardening

Fake network avoidance

Malformed SMS

„SMS-of-death“

low med med May crash some devices! SMS application hardening

The contribution of standards• M2M security is addressed in standardization at several levels

• Communication Network: • “eUICC” work in ETSI SCP for remote change of subscriptions

• 3GPP SA3 “Machine Type Communication” enhancements

• ETSI TISPAN (E2NA) work on Privacy protection

• M2M Service/Application level: Deployed standards today are by verticals• Smart Metering: IEC 61850 (consolidation under EC M/441 standardization mandate),

• Smart Grids: IEC 62351 (extensions under EC M/490 mandate)

• Electric vehicle to Grid communication: ISO 15118 (developments under EC M/468 mandate)

• Industrial Control Systems: IEC 62443

Francois Ennesser, GemaltoPage 14 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

• Industrial Control Systems: IEC 62443

• Tomorrow vision: Horizontal service platform for M2M application deployments• Transport network agnostic concept, developed by ETSI TC M2M since 2009

• Requirements (TS 102 689), Architecture (TS 102 690) and Protocols (TS 102 921)

• Release 1 & 2 provide security on the Gateway to Infrastructure interface• Credential Bootstrapping (provisioning or PKI-based)

• Authentication, Confidentiality, Integrity of M2M connections

• Diversity of M2M applications (security/cost trade off, possibility to leverage on Access Network features) results in multiple security options (GBA, EAP, TLS based)

• Now migrating into worldwide “oneM2M” partnership (3GPP partners+ TIA)• Will provide bootstrapping and end-to-end security services for M2M applications?

Remember…

Security is about prevention, not cure.

� Number of attacks on M2M systems will increase,Secure communication design is the insurance

Francois Ennesser, GemaltoPage 15 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013

� M2M Application owners should use existing expertise and proper consulting

� M2M operators should educate M2M customers about security risks, as their reputation is at stake

� M2M device suppliers should raise cost of attacksby simple and cost effective measures.

Francois Ennesser, GemaltoPage 16 8th ETSI Security Workshop, Sophia Antipolis, 16-17/01/2013