Skip to main content
Loading ...

Your Country

Your Country

Change your address
Search

You are here

Securing industrial IoT applications

December 08, 2016
IIoT Chain of Trust

For any industrial IoT application, ensuring signal integrity is crucial for safety and operational reliability. However, even the most robust system has many attack surfaces that are vulnerable to would‑be hackers’ intent on compromising a system. This is unacceptable for high‑reliability systems in general, but as more contextual information gets added, including time and position, the level of compromise increasing dramatically, so gaps in security must be identified and closed at every opportunity.

In the case of an IoT sensor, a chain of trust must be established from the sensor to the microcontroller and wireless module, and all the way through to the end application.

In industrial applications for the IoT, every attack surface must be secured in order to establish a chain of trust; which u‑blox has added to its five pillars of security design.

The five pillars of secure IoT are as follows:
•    Device firmware and Secure Boot
•    Communications to the server
•    Interface security
•    Enforcing API control
•    Robustness that includes handling spoofing/jamming.

Secure Boot ensures that a device is executing the intended firmware by authenticating at each stage before booting the next process. Also, while over‑the‑air updates are useful for mass‑uploads of many widely deployed IoT devices, they create an attack surface that can vulnerable so all firmware must be first validated before being installed. A good implementation will include a back up of a previously authenticated image to allow backtracking if there is a problem.

At the communications or transport layer, a device needs to be able to authenticate itself with the server and all exchanged data should be encrypted, with no possibility of a “man‑in‑the‑middle” attack. Secure key management will allow for this, even on a per‑session basis.

The defined APIs that provide access to device functionality are also a vulnerability that must be addressed, though they are often overlooked. This particularly insidious as hackers usually have a lot of time to look for open APIs and explore there relationship to device functionality and features, which sometimes might include access to paid services. Also, developers often undocumented APIs for their own test and configuration purposes, so these must be protected too, using the same formal authentication and authorization processes as used for all APIs.

The fifth link in securing IoT devices involves ensuring robustness, such as when facing jamming or spoofing attempts that might undermine the device’s ability to get accurate position data from a GNSS. The design must be able to detect that the reported information is not accurate and report the situation to the user or IoT network operator.

For more about security, watch the video (especially 17:46‑27:30):

Simon Glassman
Senior Principal Strategic Partnerships, u-blox
Mats Andersson
Senior Director Technology, Product Center Short Range Radio, u-blox
NB-IoT

New

by Patty Felts

u‑blox has partnered with T‑Mobile US, the first operator to roll out a commercial Narrowband IoT (NB‑IoT or LTE Cat NB1) network in the US.

January 09, 2018
Boosting GNSS performance with sensor fusion

New

by Alexander Somieski

Has your car’s GPS ever led you astray? After following it blindly for an hour, it suddenly dawns on you that you’re heading in the wrong direction.

December 07, 2017

by Patrick Mannion

The Security Manifesto and accompanying Digital Social Contract are an industry‑wide call to action from Arm’s CEO at the recent Arm TechCon, but developers have to act now, using available tools and pushing back to ge

November 17, 2017
Galileo Satellite Constellation by Lukas Rohr: https://commons.wikimedia.org/wiki/File:Galileo_sat_constallation.gif

New

by Clemens Buergi

Two decades after it was first conceived, the Galileo global navigation satellite system is raining down its signals across the globe.

November 14, 2017
Connecting cars for over 12 years

by Thomas Nigg

The automotive industry found u‑blox sometime around 2005. It was neither anticipated nor planned, but looking back, it’s been a fantastic adventure. Since, we’ve sold dozens of millions of positioning and communication devices to automotive Tier Ones and OEMs.

November 07, 2017
dog tracker

by Florian Bousquet

GPS trackers – small, wearable devices used to track people, pets and animals – have made life easier for parents, pet owners, wildlife researchers, farmers, and businesses alike.

November 02, 2017
Arm TechCon

There’s a lot that goes into making IoT applications run smoothly and securely. From designing the hardware to ensuring robust connectivity, security, privacy, and data collection, the success of a prototype or of an end product hinges on cleanly clearing all of these hurdles. Sound daunting?

October 25, 2017

by Florian Bousquet

From the Apple Watch, to the Samsung Gear and Huawei 2, more and more smartwatches are popping up every day on people’s wrists. What started as a luxurious fashion accessory is becoming increasingly respected as a useful wearable.

October 18, 2017

u‑blox is demoing the long range connectivity of its newly launched, full‑featured Bluetooth 5 wireless MCU (microcontroller unit) module, NINA‑B3, at booth #1G44 of the

October 04, 2017