Micron Column | A stronger, simpler way to keep IoT devices up and running using in-memory security features

By Jeff Shiner , Director of IoT Solutions, Micron Technology

On June 27 this year, a ransomware variant called Petya began to wreak havoc again. The virus spread rapidly, and the world's largest communications group WPP was unfortunately infected, and many of its companies were forced to cut off work to prevent electronic devices from being infected by the virus.

The attack, which hit companies including Telefonica and Britain's National Health System (NHS), infected not only computers but also potentially affected other networked devices in the NHS, such as MRI scanners, blood storage refrigerators and operating theatre equipment.

Unfortunately, this is not an isolated incident. Consider this:

• Last fall, a malware strain called Mirai infiltrated DVRs, IP cameras and other devices around the world, launching a major malware campaign that included a distributed denial of service (DDoS) attack that first hit Domain Name System (DNS) provider Dyn and then targeted Twitter, Reddit and other major websites, causing outages.

• Earlier this year, hackers attacked the city of Dallas' emergency siren system, sounding alarms across the city and poking holes in the cyber defenses of municipal infrastructure.

With the advent of the Internet of Things, a whole host of more important targets have become the focus of cybercriminals, so we need to be proactive in dealing with this situation and plan accordingly.

According to Sage Business Researcher, the number of connected devices is expected to reach 50 billion by 2020. That number has been growing at an alarming rate: there were less than 25 billion in 2016 and less than 10 billion in 2012. Manufacturers have been scrambling to get IoT devices to market, sometimes without making security a priority.

To make matters worse, the IoT is not standardized, especially compared to the uniformity of the PC and smartphone markets. IoT designs are constrained by fragmented security implementations dictated by a variety of system, semiconductor, and software-level options that combine to create a significant increase in complexity. The bottom line is that improving the security of one group of IoT devices does not translate into improved security for billions of other devices.

There are efforts underway to establish security frameworks to guide OEMs in designing in the appropriate level of security. Groups advancing these initiatives advocate integrating key security components in hardware and software, setting up defense-in-depth security, and implementing other strategies to leverage many of the latest known solutions. A good example in this space is a document written by the Industrial Internet Consortium (IIC) called the Industrial Internet Security Framework (IISF). Additionally, the Federal Trade Commission (FTC) has been working to address threats, such as in 2015, when it urged IoT companies to adopt best practices for security protection.

Despite all this work, vulnerabilities remain a serious problem, especially for companies outside the Fortune 100 that cannot afford strong cybersecurity staff or budgets and are hampered by a lack of uniformity in off-the-shelf IoT security solutions.

Surprisingly, an easy-to-implement, potentially more secure approach to this challenge may be found in one of the biggest vulnerabilities of current IoT systems: code storage memory. By leveraging storage technology in new and innovative ways and combining it with cloud-based capabilities, it is possible to create stronger security.

In more advanced security attacks, malicious code is written to non-volatile storage. This often happens on devices located at or near the edge of the network, which is the endpoint or "thing" in the Internet of Things. Once these devices are infected, attackers can use them to form a larger botnet with other devices or act alone on the target system. Many of these attacks are taking advantage of known security vulnerabilities that have been published today, and are always looking for new "zero-day" vulnerabilities to exploit.

Among other common attack tactics that emerged in late 2016 was the Mirai -based botnet attack, which exploited IoT devices such as DVRs , IP cameras, and home routers that were shipped with insecure default settings. At its peak, these devices launched DDoS attacks against a variety of websites, including Twitter , Amazon , Reddit , and, ironically, KrebsOnSecurity .

In both attack strategies above, device OEMs can adopt the following long-term solutions: redesign major hardware and software, and deploy device and cloud solutions to monitor the integrity of the device and repair it when the device is compromised.

However, where there is weakness, there is opportunity. If critical code can be cryptographically authenticated in storage and made part of the corresponding IoT device, then combining that code with the best capabilities in the cloud can greatly limit the ability of hackers to plant malware on the device through end-to-end authentication and encrypted firmware management.

For many years, a set of capabilities called “ root of trust ” (RoT) has been used to improve network security. RoT provides security services that typically reside in a trusted computing module and can be securely used by the operating system to verify the identity and health of a device, essentially confirming that the device is part of the network and has not been infected.

Until now, the burden of providing this security has been borne by the CPU , SoC , and Hardware Security Module (HSM) . Unfortunately, even with these components and the security protections they provide, hackers can still launch attacks at various levels below the logical components in IoT devices and damage or stop the system. Advanced persistent threats (APTs) are becoming a more serious problem as attacks become more sophisticated, as hackers focus on bypassing the logic of IoT devices and implanting code into the device's storage.

Security can be improved by improving security in more parts of the solution (i.e. “defense in depth”) and ensuring storage is taken into account. Additionally, this approach is bound to be relatively simple, low-cost, and low-impact, and can be more widely applied to IoT devices that are subject to a variety of attacks today.

Micron Technology is looking for a way to put two elements, device ID and small cryptographic processing capabilities, directly into the storage. These elements combined will generate some information that allows cloud computing resources to confirm the identity and health of the storage and the data it contains. In this way, security can be strengthened at the lowest boot level and offloaded through the CPU , SoC and HSM .

This approach is exemplified in the security partnership recently announced by Microsoft and Micron. The two companies are focusing on two key areas to simplify how customers implement security protections to ensure the proper functioning of IoT devices and enable device identity. The first step is to create an end-to-end secure connection built into standard hardware, allowing customers to enhance system capabilities with just a software development kit (SDK) . By leveraging a new standard from the Trusted Computing Group (TCG) called Device Identity Composition Engine (DICE) , Microsoft Azure IoT Cloud and Micron Authenta™ technology can help ensure that only trusted hardware can access the IoT cloud.

The solution can verify the identity and health of hardware that is often used to store critical code, and is expected to provide new security advantages for IoT devices. With this identity capability, Azure IoT Hub can verify whether the state of the device is "good" or "bad" and take appropriate follow-up actions, such as enabling more advanced features such as device health attestation and configuration, and allowing administrators to safely repair compromised devices in the field.

This approach not only provides a unique level of protection at the lowest boot level, but also leverages standard flash slots that are already in billions of IoT devices. Companies can take advantage of Authenta -enabled Micron flash in current and legacy designs by modifying software to enable new security features. Both Microsoft and Micron provide core middleware with software development kits (SDKs) to enable these solutions on the host, at the gateway, and even at the endpoint in Azure , which further simplifies software resource requirements. This solution is designed to make it easier to provide secure IoT cloud management and connectivity for new platforms and devices, as well as to make it easier to retrofit legacy systems.

No security mechanism is perfect, but security can be improved by adding important defense-in-depth capabilities. This is especially true as the Internet of Things emerges and the number of vulnerable devices at the edge of the network continues to increase. With new solutions like those created by Microsoft and Micron, end-to-end device management will be more secure and less expensive. Monitoring and managing the health of IoT devices is one of the most complex decisions an enterprise can make. At the same time, it is very difficult to quickly close known security vulnerabilities and make the costs to hackers exceed their benefits. By leveraging best cybersecurity protection practices and the emerging ecosystem, many companies' security implementations should begin to become more effective and less expensive.