By Dr. Stefan Hofschen, Division President Chip Card & Security, Infineon Technologies AG
The real and virtual worlds are growing together even further to become the Internet of Things through the networking of machines, people and businesses. More and more devices and machines interact independently in networked systems and applications such as Industry 4.0, autonomous driving or smart home.
Especially in the context of Industry 4.0 and the automotive industry, the increasing connectivity renders a great number of opportunities for the economy. Yet, it also presents great challenges for businesses, foremost in questions of data security. How can business secrets and intellectual property be protected on the open internet? How is data protection and confidentiality ensured? How secure is the communication between the different devices or components? And how can attacks be recognized and potential damage prevented? In short, data security and system integrity are essential for the success of new business models, because they protect the availability and reliability of products and services.
Security controllers protect networked IoT systems from unauthorized access and manipulation
Industry has come to understand that connected systems cannot be adequately protected with software alone. The combination of software and hardware offers significantly more efficient protection against attacks and manipulation. Depending on the application scenario, there are special security chips that take the required security standard and the application’s efficiency optimally into account.
Internet of Things in the example of Industry 4.0
The next revolution in industrial production, the so-called smart factory or Industrie 4.0, presupposes a secure data exchange. Intelligent machines, storage systems, production facilities and intelligent products are connected globally. This networking increasingly also takes place between supplier and customer, especially for large or mid-sized companies. Figuratively speaking, Industrie 4.0 opens the doors to the factories. This openness increases the need to prevent manipulation and sabotage of networked production systems and avert related financial losses. After all, smart factories can only be put into practice and accepted when they can be implemented in a stable and efficient manner, and when the process know-how and intellectual property (IP) is protected reliably.
At the IT Summit 2014 in Hamburg, Infineon, Deutsche Telekom, Fraunhofer SIT, TRUMPF, WIBU-SYSTEMS and Hirschmann (a Belden Company) demonstrated how a “security solution made in Germany” can be implemented in industrial applications. The demonstration shows how seamless communication security works beyond the boundaries of sites or businesses. An employee at the Munich site starts a production order on his tablet PC and transmits it via a secured communication channel to the production site in Hamburg. The order is then automatically executed by a production machine there.
To secure the communication from one end of the value chain to the other (Figure 1), security controllers – in this case Trusted Platform Modules (TPMs) – are integrated in all devices of the IT network (tablet PC, wireless access point, router, production machine). They function as data resource, and as encryption and authentication components. They fulfill multiple functions at the same time:
- Similar to electronic identity verification, they securely identify the individual system components. Only authorized persons and devices obtain access to the network.
- At the device level, they are the basis for detecting manipulation or attacks on components or on the device itself. This way, both logical as well as physical attacks can be detected and corresponding pre-defined measures can be initiated.
- As a Secure storage location, they secure secret information that is needed to encrypt a secure communication channel.
The solution fulfills particularly high security requirements because the security controllers are evaluated and certified by the BSI (Federal Agency for Security in Information Technology) as well as according to “Common Criteria”, an international standard. The certification meanwhile is not only granted at the product level, but also includes the complete production and supply chain. This affords the greatest possible security to the users and increases flexibility in the users’ own production.
A secured complete system was presented as the first prototype at the IT Summit and the solution is to be marketed as soon as in 2015. The hardware components already exist today, so that further scalable solutions can be developed for every other application case.
Trusted Platform Module as security anchor for end-to-end communication
Thus far, communication within company networks is primarily secured by means of pure software solutions. However, these harbor a few drawbacks compared to hardware-based security such as a TPM and they are only inadequately secure over the long term. Software in principle always consists of written code that can usually be read, copied or overwritten relatively easily, which enables attackers to bypass the security functions programmed by it. The TPM in contrast can serve as a security anchor for components and software: keys that are stored in the TPM are protected from leaving the security chip and are used in combination with authorization only.
At the same time, the TPM that is installed on the motherboard uses international standardized cryptographic algorithms. Integration is provided via standard interfaces like I2C or LPC. The module also permits for example, that keys, data and digital signatures are stored securely, verified and transmitted. The TPM is equipped with a special internal processor for the purpose of the aforementioned authentication and encoding, which enables it to generate keys in a trustworthy environment. At the same time, a specialized crypto processor system allows the quick calculation of RSA cryptography at up to 2048 bits and thus permits the secured execution of complex cryptographic operations. A non-volatile memory with its own encryption preserves important data and keys stay on shut-down.
The integrity of the software structures and the executed programs on the system can be checked in that the boot process of the system is logged and confirmed against stored cryptographic checksums. Any manipulation of the software can thereby be recorded and stopped by shutting down the affected components or disconnecting them from the network. This way, also the execution of malware like viruses, Trojans and worms can be detected and their spread stopped. Otherwise, this malware can execute unnoticed in the boot process and even spread throughout an enterprise without detection.
Long-term planning reliability – the Trusted Computing Group (TCG) sets standards for industry and consumers
TPMs are based on the open standards of the Trusted Computing Group (TCG) and have already been used for many years in PCs and notebooks. New applications benefit from this experience of many years. In its certification program, the TCG documents all those TPM products that officially meet the standard and thereby provides better orientation in the market for all users. The standard furthermore presents additional benefits: the detailed specifications of the TCG improve the compatibility of the multitude of different operating systems and customer applications. Users can combine different solutions at any time in the design of the system architecture and thus they also have long-term planning reliability.
More and more networking, however, also raises the security requirements in other areas. The TCG already reacted early on to this development and designed the new TPM 2.0 Standard in such a way that a multitude of applications can be covered. Special attention has been given to security in embedded systems for everything from routers to automobiles and medical devices.
In the Internet of Things, individual devices and components must no longer be viewed in isolation. A forged spare part or manipulated firmware updates on a production machine are sufficient to already cause damage to the entire production chain. By means of specific security chips, networked systems can be optimally protected to a vast extent. Meanwhile the fields of application are manifold: be it Industry 4.0, automotive connectivity, building automation, smart home or eHealth applications. Regardless if a clinic doctor is checking her patient’s medication or a 3D printer producing a component, data security and system integrity are prerequisites for the success of the Internet of Things and the related products and services.