Posted by Stefan Eberhardt | February 7, 2019
Welcome back to the second episode of my security blog series!
So when we combine the ‘old unconnected industry’ with IT-connectivity stuff (I will not explicitly call it ‘IoT’ because it is much, much more) we have to understand several side effects and their consequences.
5 side effects of IT-connectivity:
1.) Things that do real-time stuff would need updates! This is called the Brownfield problem. The term ‘Brownfield’ is usually used for control computer systems that are not networked and run with old software that can not be updated but still serve their purpose. In addition, they mostly fulfill real-time tasks. The problem is, that normally no one has the ability to write an update for old software. And even if someone is able to do so, the update will change the speed of the system and it's not real-time anymore. Even your normal computer is slowed down by updates over time ...
2.) When you split functionalities into the device and the cloud, maybe it´s better to shift functionalities that require protection to the cloud.
3.) Ask yourself the question: Do I just need security or do I want to restrict my products? This is especially important when you want to sell your product as a service. In this case, you want to know, if your product is working, or not and if and when servicing is due. And you also want to turn off your service if the customer is not paying. For this, you will need a working, secure internet connection.
4.) Has my product ever been copied in the past or is your ‘security approach’ more about keeping control of your own organization (e.g. service technician).
5.) New devices: If you plan a new product, the foundation for all security stuff is basically a unique ID that cannot directly be extracted (so it cannot be copied). This is typically hidden on a chip, a TPM (Trusted Platform Module).
Before we slice and dice this down, one word of warning:
Encryption and hashing is a topic that is sensitive to export regulations. This implies 3 things:
- Yes, you can do everything on your own, but be aware that it makes sense to use a proven solution here that is already securing other peoples stuff. Homebrew security has also the problem, that you have a hard time explaining to officials what encryption you are using. And believe me, you will be “lost in translation” between RD guys and officials regularly. Government employees simply like it when there is a secure hash algorithm like ‘SHA256’ and they know it
- Although you are just using state of the art stuff, you would need to declare your product in accordance with that and you would need to stick to the processes behind this. If your company does not have experience here, ask somebody who does and be aware of it
- State of the art encryption is typically no problem, only if you want to ship to certain countries like Iran or Pakistan. The issues here are more the free trade zones because they are treated in the same way.
Approaches for the “connectivity side effects”:
1.) Brownfield Real-Time: This is maybe the easiest one, just put a Box in front of that machine that receives updates (therefore is allowed to be connected to the network). But of course, you should weigh all options before making your decision and think about how much it will cost and whether it is worth doing from a business management perspective. We have inexpensive BoxPCs too, so just ask ;-). Maybe a bigger BoxPC with virtualization is also an option
2.) Cloud VS Device: Finding the right balance here is essential. Although your solution should provide value if it is not connected or the connection is down, it makes sense to keep your core IP in the cloud where you can better control access to it.
3.) Security because of monetization and different business model: Maybe a good way to get funding in your organization for security is to offer different business models based upon security. Like activating additional options remotely when the customer ordered them later on. Here just be aware that there are several established providers out there. S&T can provide all of them to you or integrate them into your product.
4.) Lightweight security: There are also “only software-based” solutions out there. You can try out a little bit of security by obscurity without encryption (think of the export topic), but you should be aware: As soon as you need security for a different purpose reconsider your decision here.
5.) Security Anchor: For a new product this is quite easy. Just ensure that your security chip can be reprogrammed in case you want to export to China. Provisioning and all that stuff happen on that basis.
After reading this article a second time I must admit that this text is more about exports restrictions than what the headline promises. But actually it´s a good transition over to the next chapter because it explains very well that it all depends on border conditions - so let´s take a look at this more closely in the next part.