Understanding and Mitigating IoT Security Hazards

Mark Benson, CTO @markbenson IoT Developers Conference, 7 May 2015

The IoT threat and opportunity Recent Economist survey:

Expect their company to be using IoT within 3 years

“IoT is our single biggest

threat AND biggest opportunity over the next 10 years” – Brand-name fortune

500 board of directors *Source:  ABI  Research,  Cisco,  Craig  Hallum  Es9mates  

0  

2  

4  

6  

8  

10  

12  

14  

16  

18  

20  

$0    

$50    

$100    

$150    

$200    

$250    

Devices  

Billion

s  

Market  S

ize  

Billion

s  

Big  Data  Analy4cs  (53%  CAGR)  

Connected  Device  PlaCorms  (33%  CAGR)  

PlaCorms  (33%  CAGR)  

Applica4on  Enablement  PlaCorms  (32%  CAGR)  

Value  Added  Services  (26%  CAGR)  

System  Integra4on  Services  (24%  CAGR)  

Hardware  (23%  CAGR)  

Connec4vity  (12%  CAGR)  

Internet-­‐connected  devices  (Cisco  Es4mate)  

95%

The Internet of Things? More like the Internet of Attack Vectors •  Attack surfaces are expanding rapidly •  Physical access to systems is becoming easier •  Consumer privacy concerns are rising •  Consequences of a breach are becoming more severe (critical

infrastructure, brand deterioration, data privacy issues, etc.) •  Product companies are being forced outside of their comfort zones •  Three dimensions that make IoT security challenging…

1. Resource constraints

MAC/PHY

IP

TLS/TCP

HTTP

App Data

MAC/PHY

IP

TLS/TCP

HTTP

App Data

MAC/PHY

IP

TLS/TCP

HTTP

App Data

MAC/PHYIP

DTLS/UDPCoAP

Binary Data

MAC/PHYIP

DTLS/UDPCoAP

Binary Data

SensorMAC/PHY

Binary DataRest

Use Motion

Motion

Motion

Use

Use

Use

Rest Rest

Enterprise Web Services IoT Data Platform Gateway or Aggregator Sensing Node

Has moderate resource constraints Has severe resource constraintsDeals with resource constraintsHas virtually no resource constraints

Network

MAC/PHY

Binary Data

Network

2. Deployment topologies

Gateway IoT Cloud

Gateway On-prem

Gateway IoT CloudOn-prem

Gateway IoT CloudOn-prem Analytics

Analytics

Sensors Short RF Gateways On-prem SW Long-haul Cloud Platform Analytics platform

A. No cloud

D. Closed network

C. Multi-site

E. Comprehensive

B. Standard

LocalDisplay

3. Usage modes

• Device cloud registration* Secure authentication* Secure API transports* Secure storage

Initialization Operation Modification Retirement1 2 3 4

• Secure flash* OTP parts* Secure boot* Secure provisioning

• Secure firmware updates* Disable test/debug interfaces* Factory defaults fallback* Disable test interfaces

• Secure change of ownership• Device de-registration process• Optionally reenable retired devices• Secure encryption key deletion

Things  to  note  about  IoT  usage  modes  that  affect  security:  1.  Some  modes  are  normal  and  standard  solu5ons  exist  2.  Some  modes  are  new  and  standards  are  s5ll  emerging  3.  Some  modes  are  becoming  more  vulnerable  due  to  resource  constraints  

Usage Modes

Simple

NovelStandard

Deploym

ent T

opologies

Comp

lex

Resource Constraints

High

Low

The  IoT  security  problem  area  A.  High  resource  constraints  B.  Complex  deployment  topologies  C.  Novel  usage  modes  

Mo’ IoT, mo’ problems

The 4th dimension: time Now we have a Tesseract

The  difficulty  with  IoT  security  is  that  the  landscape  is  constantly  changing,  even  aYer  products  are  deployed    Security  should  be  designed  for  from  the  beginning  and  embraced  as  a  journey  throughout    It  starts  with  a  process…  Modes

Topologies

Constraints

Time

The web you should be weaving Secure processes => secure products => secure brand integrity

Security Requirements

Planning Design Implementation Verification Validation Deployment Operations

Risk Analysis Threat Modeling

Secure Design Practices

Security-Focused Design Reviews

Secure Coding Practices

Third Party Security Audit

Security-Focused Testing

User Testing to Expose Weakpoints

Penetration Testing Secure Deployment Practices

Operational Risk Assessment

Incident Response Preparedness

Vulnerability Management

Training and awareness

Information Security Management System (ISMS) policies, procedures, and compliance audits

Corporate strategy, governance, metrics, and optimization

Conclusion Takeaways: 1.  Security processes. Have a security architecture from the beginning and evolve throughout

(constraints, topologies, modes) 2.  Technology selection. Make informed technology selections from the beginning that are

aligned with security goals for the company and product 3.  Operations planning. Plan and prepare for how you will respond if and when a security

incident occurs in the field

Checklists •  http://owasp.org/ •  http://builditsecure.ly/

Embrace the journey

Thank you Mark Benson @markbenson