Microcontroller IoT Security in 2020

IoT-Systeme brauchen funktionale Sicherheitskonzepte.

For a successful attack on a networked system it is sufficient to penetrate the weakest link. But uniform protection for all IoT components overshoots the mark. Ryan Cameron of On Semiconductor thinks it makes more sense to adapt security to individual functions.

When consumers’ credit card information and facilities’ HVAC systems are connected, edge and embedded processing security becomes a major contributor to system architecture. Many approaches can be taken to strengthen security within the data storage environment, but none are fool-proof. 

History has shown that security layering is the best approach to protecting valuable information or assets. Fortress and castle designs are great examples of security layering where security increases as you approach the valued item. In the case of the well-known 2013 data breach by a national US retail chain, hackers gained access to credit card information by hacking a web application in the HVAC system of one of the stores.

Microcontrollers are everywhere

In industrial systems, microcontrollers are instrumental to the Industrial IoT (I-IoT).  In the quest for higher factory outputs and efficiency, decision making is being pushed closer to the process point, also known as edge processing. Connectivity is inherent in this deployment. A connected device represents both a point of entry and the first line of defense for the virtual castle, or factory.

Finding the right protection concepts

After a breach occurs the common instant reaction is to over-fortify every layer of defense to ensure all points of entry are equally secure. In the case of a field-bus-powered microcontroller-enabled remote sensor, adding high levels of software security is not feasible due to processing limitations. Security must be architected to fit the sensor’s function as to avoid adding unnecessary cost and complexity.  

In the edge processor’s case, architecture optimization is key to adding defense without compromising the processor’s primary duty of process control. Architecting as a system-on-chip (SoC), multi-chip-module (MCM) or analog-enabled microcontroller comes with many decisions. Does one secure the data link or secure the processor?  Both accomplish the same task but present different impacts to the system.

Protection costs resources

Data link security requires software overhead and often impacts data speed and connection Quality of Service (QoS). A typical security protocol uses encryption that places a burden on processor resources. The added resource requirements is incongruent with the needs of remote sensors that perform a simple task. Data security encryption requires frequent updates and can impact factory output as sensors are taken offline for update patches.

Securing the processor is another method that has opportunity to scale as systems grow and threats increase. With very little added cost, a co-processor can be added to perform connectivity and security functions in the case of a multi-processor SoC or MCM. This approach isolates the process control processor (application processor) while its companion provides security and manages connectivity.

Improved protection with AI co-processor

With the advent of AI variants in the Neural Networking space, a small Neural Net (NN) can be utilized on the companion processor to present a security barrier to unwanted intruders. The small NN can act as remote sentry and present itself in different manners to different threat levels; a type of digital camouflage.

It can also be updated regularly without compromising the process controller so process control limits and standards are maintained. To optimize power management, the sentry/communication processor can be placed in a deep-sleep mode when not being utilized so the application processor can operate freely.

Combined protection in multi-chip module

Current packaging technologies provide options to deploy flexible MCMs that build-in security with a sentry/communication processor, maintain sensor precision with analog interfaces and application processors that keep factories running. Think of it as node that has analog and security + MCU. The MCM utilizes optimum technology for each job in the edge processor node and can be assembled from standard products.

Data security is paramount to customer trust. When done in a clever manner, it can defend against intrusion without costing the equivalent of a castle. 

 

The author

Ryan Cameron,

started his career as a mixed-signal design engineer for AMI Semiconductor where he designed analog and mixed-signal ASICs for military, communications and industrial customers.

In 1999, he established the company’s mixed-signal design center in Utah, growing the center from 3 to 21 employees over a three year period. He then served as a product line manager for System Level Integration and Senior Director of Industrial & Timing products, before moving into his current role.

With nearly 25 years of experience, he now he leads a global team of more than 600 professionals that research, define, develop, manufacture and market silicon based solutions for key industrial, consumer and communications customers.

Cameron obtained a Bachelor of Science degree in Electrical Engineering from the University of Idaho.

ryan.cameron@onsemi.com