SSG Platform Security Division & IOTG Jan Krueger | Product Manager

SSG Platform Security Division & IOTG Jan Krueger | Product Manager | IoT Security Solutions THIS SLIDE MUST BE USED WITH ANY SLIDES REMOVED FROM THIS PRESENTATION Legal Disclaimers

. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at www.intel.com. . Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. . For more information go to http://www.Intel.Com/performance. . All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps.

Copyright © 2017 Intel Corporation. All rights reserved. Intel, the Intel logo, Intel Inside, the Intel Inside logo, and Intel Xeon are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others.

2 Security Breaches - How they Happen

Default Poor, Manual Delayed Lack of Passwords Device Image Security provisioning updates Designed in to HW IoT Security Is Essential to Scale IoT Deployments

HW Security is an IOT Priority Best practice guidelines Customer Requirement

Barrier to IoT Adoption* Most Important Items for IOT Platform* RFP

Hackers exploiting poor device security

Isolation & added protections of Requirements to secure HW based security moving HW security has recognized role YOUR platforms and from shadows to key RFP solutions. requests

Security solutions Designed-in to HW are keys to accelerating adoption and scale

*35% of respondents Gartner 2016 IoT Backbone Survey 4 Intel® Security Strategy and Solutions On-Demand Lifecycle Services accelerating IIoT / IoT Solutions

. Intel© Secure Device Onboard - Provisioning of Device Trust and Credentials . Remote Device “Health” Attestation

Customer / Eco System Unified Application security API

• Authentication and • Device Hardware and • Device Application • Encryption and Key Management (Hardware) IOT sf Authorization Physical Security Integrity and Authenticity requirements • Privacy

Security • HW & SW platform • Ensure HW & SW image • Enables trusted apps to • Protected memory for data • On chip Trusted Platform authentication; are in expected known- run sensitive code, data, at rest and in use Module cryptographic Usages local and remote good, non-compromised and store credentials in functions configuration HW isolated enclaves

Designed-in foundation HW/SW Identity Platform Integrity Trusted Execution Crypto / Protect Storage # Base Platform- Security Accelerators Offload Crypto to Main CPU Surface Area . Crypto - Intel® Data Protection Technology with AES-NI, SHA-NI, SHA256, RDRAND, Protected RDSEED, ECC. vPro=FIPS 140-2 L1 Crypto Block. Data/Keys Apps FPGA -Security Assist OS/VMM . Intel® SoC FPGA Crypto Accelerators – Maximize CPU performance with crypto offload. BIOS/FW Extend the life of MCUs that may risk running out of performance as security needs change. Intel SoC FPGAs allow security protocols to move from software to custom hardware even after deployment-extending product lifetime.

. Intel® Stratix® 10 Secure Device Manager - Fully configurable & Security Performance authenticated boot, configuration schemes, secure key mgt/storage, and tamper resistance to create an isolated co-processor

Min Max

10 OS Hardening-Memory, Virtualization

Surface Area Protected . Malware Protection- Intel® Platform Protection Technology with OS Guard Data/Keys (privilege-escalation attacks), SMEP, SMAP Apps

OS/VMM . Virtualization & VM Isolation - Intel® VTx (CPU), Intel® VTd (I/O), VmFunc BIOS/FW (Hypervisor)

8 Base Platform Identity- Intel® Enhanced Privacy ID

Prevents Attack Mapping - Protects device data vs PKI that reveals data to hack device Surface Area Protected . TCG/ISO standard with open source SDK EPID vs. PKI Data/Keys . Remotely attests device HW ID as part of Intel® EPID Traditional PKI Apps valid group without revealing identity OS/VMM . Removes Intel from directly authenticating BIOS/FW the device during the provisioning process . Unique, In-demand, Proven - 2.7 billion keys distributed with IA & non-IA 1-to-many key match, 1-to-1 key match, platforms. Simplifies key management & unique signature every standard signature distribution time, ANONYMOUS every time . Enables zero touch device provisioning with onboarding services Pvt-Key 1 Pvt-Key 2 … Pvt-Key X Pvt-Key

Immutable hardware root of trust for IoT networks to Identify devices & secure their communications

9 Protected Boot Solutions for Platform Integrity

. Ecosystem Firmware - Partner & TianoCore.org UEFI open source implementations

Surface Area . Intel® Platform Protection Technology with Boot Guard – Cryptographically verifies first portion of Protected OEM bios code executing out of reset. Data/Keys . Intel® Platform Protection Technology with BIOS Guard-protection against BIOS recovery attacks. Apps . Ecosystem Values - OEMs & ISV’s like as Boot Guard adds robustness to chain of trust process where OS/VMM UEFI boot process cryptographically verifies and/or measures each software module before executing it. BIOS/FW . Enabling - Requires BIOS enabling and OEM support in signing of the policy manifests, hashing of BIOS boot block module, programming the hash of OEM public key and boot policies in field programmable fuses. Supports both TPM families TPM 1.2 and TPM2.0 and also PTT as part of measured boot SW Stack

Reset

Boot Guard Component and Sequence

Scope of Coreboot

Payload: Initial UEFI Boot Coreboot OS Loader OS Boot Guard uboot Block direct IBB Scope Boot Guard

Platform Trust Technology, firmware Trusted Platform Module (TPM) 2.0 Firmware TPM - Intel® Platform Trust Technology

. Intel® Platform Trust Technology (Intel® PTT)- Surface Area HW TPM 2.0 implementation integrated in Intel® Device Stack Protected ME/CSME/TXE security engines for credential Applications Data/Keys storage and key management. Apps . Secure trust element to meet requirements for Operating System TPM 2.0 OS/VMM Kernel BIOS/FW . Measured Boot for remote attestation Boot Loader

. Systems boot block is measured by HW/FW TransitiveTrust Chain

and successfully attests if unaltered

Hardware RoT Intel

. No protection for applications 0011000101 ® 1100010100 PTT CPU & Boot Fuses/ Trusted Code Sequence ROM Key Trusted Storage for Measurements Measured Boot to TPM Flow

12 Trusted Execution Environment

Protected App Enclave

Surface Area . Intel® Software Guard Extensions (Intel® SGX) – CO TEE DA Protected memory-architecture extension designed to protect select DE TA Data/Keys code or data from disclosure or modification. Enables trusted in-app “enclaves”, which are protected areas of Apps execution in memory. OS/VMM . Intel® Dynamic Application Loader - Intel signed & BIOS/FW verified 3rd party java applets run in separate VM sand box within ME/Intel® TXE security co-processor. Trusted apps given controlled access to security resources and services. Apollo Lake specific.

SNOOP

SGX=on over 70 Ecosystem Platforms, Major CSP Blockchain Announcements-Azure, Alibaba, Fortranix

9 E-to-e Edge to cloud “IOT Security Channel” software Solutions”

# Wind River Helix* Device Cloud

Device Management – Connect, Operate, Protect Security Specific Capabilities Rest API Management Customer’s IOT . Secure Signed Update - OTA/FOTA integrity checked software or kernel Console Platform & update over encrypted channel. Reconfigure anything to respond to Apps vulnerabilities . Security Monitoring - alerts, secure logs, & ability to remotely decommission device . Management Server - DDOS, anti spoofing, script & forgery protection

Secure Update Package Deploy

Device Decommission Monitor Cloud Agent Full Device Device OS Lifecycle

Update Service

Manage

14 On-demand Platform Trust Services Intel® Secure Device Onboard

. Automation - Takes seconds at power on

. Security - Unique HW protected onboarding w/privacy

. Dynamic – Provisioning to customer’s IoT platform of choice INTEL® SECURE DEVICE ONBOARD . Scale - 1-to-many enablement for device makers

Device Zero-touch

Hardware IoT Security Platform Provider

Intel®Ecosystem Secure wants Device automated Onboard drives“SIM” scalabilitylike” approach to move that POCs ties identity to production to platform. Increases initiated devices activation. in use. No -one is solving.

16 Enabling Tools Supply Chain - traceability signing tool

Intel® Secure Device Supplier Silicon Providers Onboard – EPID SDK Initial Device IoT Platform Identification Service Provider (EPID ONBOARD SDO Service Ownership Attestation) Identification Platform Registration Proxy Device Service 2 1 TEE Onboard API ATTEST 3 Intel® Onboard New Owner EPID SDK Client Take Ownership CSP/ISV Toolkit - integrate onboard API into their IoT Platform Mgr Agent 4 Device Mgt Service OEM Credential Device securely on-boarded  Toolkit - board and under Normal Platform Control gateways - integrate client software into their platfrom

17 # 1 Intel® Boot Guard Secure IoT Smart Camera – Mitigated Attacks Enforced secure boot allowing only signed & untampered firmware to run 5 Weak P2P (Cloud) Link 2 Default Credential Weakness may grant remote 2 Intel® secure device onboard Leave device vulnerable to cyber- hacker access to the local network attacks. In 2014-73,011 security from any remote location Provides service that uses HW cameras were “secured” only by key to secure the rendezvous default credentials (i.e User: admin, of device to its owner Password: admin) Insecure data-in-transit 3 Sending unencrypted video 3 Intel® AES-NI Enable AES computation without 7 streams in the clear increases data privacy risks compromising performance 6 Missed FW/SW Update Not updated or Camera Web CGI P2P older FW leaves (Cloud) Intel® Platform Trust Technology plugin 4 device vulnerable to App process Agent App fTPM enables cryptographic known exploits. Services (telnet, httpd, sshd, etc) Services keys to be securely stored in Linux Kernel Kernel tampered-resistant keys vault Bootloader FW eMMC/ SOC SRAM COMMS SDXC HW 5 Intel® Enhanced Privacy ID Utilize unique HW based key for secure channel establishment

Wind River® Helix device cloud Network Video 6 Recorder Automate FW/SW over-the-air 1 Unsigned firmware update & full device lifecycle Allows hacker to easily break the integrity 4 Insecure key storage management ? of the boot firmware and OS image. Leaves the cryptographic keys used to protect platform Intel© Security Essentials API Hacker infiltrates the system by 7 and owner secrets easily recovered by hacker 7 subverting execution flow. Abstracted, simplified HW security development # # Internet of Things Group Intel Confidential IoT Security Ecosystem

HWROT Silicon Equipment IoT Platforms & Providers Providers Solution Providers

Intel EPID Intel SDO Intel SDO Devices Platforms

. Telit - HDC FPGA Crypto Device. Oracle Cloud - HDC Providers Partners • Proven open-source Device • Firmware based Trusted Platform Model Identity with (TPM 2.0) – Intel© Platform Trust Technology © Intel© Enhanced Privacy ID • BSP/FSP enabling UEFI • Intel Software Guard Extensions (SGX) (PTT) © (Intel© EPID) Secure Boot, Protected • Intel Dynamic Application Loader applets • Secure and Accelerated Cryptographic Boot or Measured Boot on • Protected Execution and Encrypted operations – AES-NI, SHA-NI, TrueKey® • Mature Technology for all supported platforms Storage multiple applications

Portfolio Solutions to Secure Entire Device Lifecycle

Manufacture Configure Onboard Provision Operate Decommission FAB/OEM/ODM OEM/ODM Installer System Integrator IT & OT Admin/End User

Develop, Attest, Onboard Operational Security Management

ONBOA RD

ATTE Root of Trust Ecosystem Platform Trust Gateway/Fog Edge Device Technologies Enabling Tools ServicesST Security Management IA-enabled Intel® Security Essentials Intel® Security Essentials API Intel® Secure Device Enhanced Security for Wind River* IoT Security ISVs core security capabilities/ Intel® Platform Protection Onboard Services Gateways Helix* Device Cloud technologies Technology TianoCore UEFI Firmware Coreboot and FSP Intel® EPID Identity SDK

5 Intel SGX Ecosystem

Cloud Solution IoT Platforms & Identity/Security Providers Solution Providers

Blockchain Payments

. Telit - HDC . Oracle - HDC