Continuing to Secure the Internet of Things
Total Page:16
File Type:pdf, Size:1020Kb
Safety & Security for the Connected World Continuing to secure the Internet of Things Connected embedded devices l Everything in our embedded world is becoming connected to – The Internet – Other connected devices – Personal devices l The information provided by these devices and the control of the devices is still vulnerable to cyber attacks – Cloud exploits – Embedded device compromise (e.g. Target attack) 2 Securing connected embedded devices l Security as an afterthought will have the same result as anti-virus and network security for protecting PCs l In the embedded world we have the opportunity to build security into our connected devices l Lynx Software Technologies continues to provide real-time products with built-in security 3 Security Technologies l LynxOS 7.0 offers military-grade security built into the RTOS Process 1 Process 2 l Connected embedded devices CPU CPU can be protected from Quota 1 Quota 2 Identification & Roles & traditional cyber attacks Authentication Capabilities Access Control Lists Residual – Network infiltration Information File System Audit Log Protection – Denial of Service attacks Device Hardware – Memory scraping – Password and authentication attacks • e.g. Root Escalation or “Rooting” the system 4 Security Technologies l LynxSecure offers isolation, separation and virtualization for multi-domain systems – Real-time performance and small footprint for real embedded deployments – Consolidation of hardware for efficient use of multi-core systems – Secure separation of networks, devices, operating systems and applications l LynxSecure can securely enable the convergence of IT and OT networks in IoT deployments (e.g. IoT Gateways) 5 Total Security for the IoT Network Secure IoT Gateway/Router Secure IoT Intelligent Sensor Internet Proprietary Process 1 Process 2 Communications Network Applications Applications CPU CPU Quota 1 Quota 2 General Identification & Roles & IT NetworkInternet Purpose OS OT Network Authentication Capabilities Access Control Lists Residual Information File System Audit Log Protection Gateway Hardware Device Hardware Combination of LynxOS 7.0 and LynxSecure offers the most security for the IoT network See EW conference paper – “architecting and developing an industrial IoT gateway for safety and security ” 6 Observations on the IoT l We see ARM as the most prevalent architecture in the IoT sensors – Utilizing low power, but with increasing performance and functionality – Scaling from simple sensor nodes using M to R ARM cores, to intelligent sensors using A series – Scalability allows for growth in functionality without changing architecture l Intel and Power Architecture have been traditionally used in the IoT gateways – More customers are now looking at ARM, especially multi-core A series 7 Lynx Software Technologies Bringing Security to New ARM Designs l Lynx is migrating both LynxOS 7 and LynxSecure to ARM l Cortex A series (especially multi-core implementations) will be able to take advantage of key LynxOS 7 features for real-time IoT designs – POSIX API – Built-in security – Advanced multi-core support l Initial support will target processors from Freescale, TI and Xilinx and boards from Freescale, GE Intelligent Systems and Curtiss Wright 8 Lynx Software Technologies Bringing Security to New ARM Designs l LynxSecure is being ported to new Cortex-A multi-core processors that support hardware virtualization – Cortex A15/A7 (32 Bit) – Cortex A53/57/72 (64 Bit) l The unique characteristics of LynxSecure will enable developers of new ARM based connected designs to : – Build in the strongest security to protect connected devices – Efficiently use multi-core ARM processors to build secure multi- domain systems with both real-time OS and GP OSes on the same hardware – Allow legacy systems, OSes and applications to easily migrate to the new generation of high performance multi-core ARM processors l LynxSecure will initially target the Xilinx Zynq UltraScale Plus MPSoC and Freescale QorIQ processors 9 Summary l IoT and connected embedded systems are becoming more widely deployed l Security is still a big issue as the OT and IT networks are being connected together – Gateway is a critically vulnerable piece of the IoT network l Lynx products (LynxOS and LynxSecure) allow the best built-in security for IoT sensors and gateways l Lynx products are being migrated to new ARM-based processors to allow for the move to low-power, high performance and secure IoT connected systems – Factory Automation, Automotive, Industrial Control 10 Safety & Security for the Connected World.