This is the first part of a two-part publication by Sudip Saha, chief operating officer at Future Market Insights. Here, he discusses how to prevent side-channel attacks (SCAs) on the internet of things (IoT) devices with low-energy architecture chips and the role of memory chips in helping secure and manage these devices.
IoT solutions provide valuable data and insights that enhance how we live and work. This includes improving the safety of roads, cars, and homes, to fundamentally refine the way we manufacture and consume products. The benefits of IoT are undeniable, but high-profile attacks, coupled with uncertainty about security best practices and associated costs have prevented many businesses from embracing the technology. IoT security breaches have also caused concern among users.Â
According to a recently published report by Future Market InsightsOpens a new window , the global IoT chip market is expected to increase at a CAGR of 5.3% from 2022 to 2032. Low-energy chip architecture has turned out to be of significant use for enhanced security in IoT devices. The latest technologies have been incorporated into these chips to prevent cyberattacks and strengthen the security of the devices.Â
Hardware security is viewed as the cornerstone of IoT devices and network security. Semiconductors are at the heart of most of these devices, including sensors, actuators, and human-machine interfaces.Â
See More: Under Threat: The Security Conundrum Facing IoT
Preventing SCAs on IoT Devices
The electrocardiogram signals of a heart attack patient recently discharged from the hospital are monitored by a smartwatch. The smartwatch may appear secure, but a malicious agent could still steal this information through side-channel attacks on the neural networks that process health data.
Indirectly exploiting a system or hardware is a side-channel attack that seeks to gather secret information. For example, an expert hacker could monitor various fluctuations in an IoT device’s power consumption while the neural network is running to extract protected data and information that “leaks†out of the IoT device. Many of the current methods for preventing side-channel attacks are power-intensive, so they tend not to be suitable for internet-of-things (IoT) devices like smartwatches, which require less power to operate.
For instance, MIT researchers have developed a low-energy security chip that prevents side-channel attacks (SCAs) on Internet of Things (IoT) devices. Power side-channel attacks can be thwarted using a lot less energy than a common security technique. The device, which is about the size of a thumbnail, could be incorporated into a smartwatch, smartphone, or tablet for secure machine learning calculations. They developed a chip based on a special type of computation called threshold computing. In this method, information leaks from the device are random every time, so there is no evidence of side-channel information. This method leaks information from an IoT device through measurements of power consumption improperly, and an SCA would reveal only gibberish codes and data.Â
Aside from optimizing for power, performance, and energy consumption, security adds dimension to the design of IoT nodes. In this case, the ASIC [application-specific integrated circuit] shows that designing for protection and a masking scheme does not have to be an expensive add-on. Researchers plan to apply their approach to electromagnetic side-channel attacks in the future. Because the hacker does not need access to the actual device to collect confidential information, these attacks are harder to defend.
Memory Chips to Secure IoT Devices
Security is vital for IoT devices such as actuators, sensors, and human-machine interfaces. To prevent the loss of sensitive data, securing the semiconductors in these devices is essential. As a result, semiconductor chips are identified by binary numbers, typically 128 bits long. Over IoT networks, cryptographic keys are used to encrypt data. These keys are made up of random numbers. The more random the numbers, the more difficult to guess them. Therefore, the more difficult it is to hack into the IoT devices and chipsets.Â
ASICs and MCUs store binary numbers as part of their memories, where they are used to identify identities and generate cryptographic keys. To inject the key, a random number generator (RNG) is incorporated into the hardware security module (HSM). Due to the risks associated with injecting and storing keys – both the process and the storage medium must be protected against attack – there has been a growing trend toward generating random numbers within the silicon fabric by exploiting a capability known as Physical Unclonable Functions (PUFs).
In addition, the PUF will be used for cryptographic key injections to create an immutable, unique, and unclonable device identity. It is also possible to use PUFs as a protection mechanism for cryptographic keys, preventing them from being read by malicious actors. Therefore, they are capable of encrypting the encryption keys.
ArmorFlash, for instance, is PUF-based in terms of security. For automotive and industrial IoT applications, data privacy and protection are built into ArmorFlash. Through standard SPI, QSPI, and OctaBus interfaces, the memories can secure data encryption and decryption, identification, and authentication, including AES 256-bit encryption and easy interfacing with other system components. The ArmorFlash MX75 series has been PSA Certified Level 1, which means that it has been tested independently in a lab to ensure it meets security best practices for IoT devices. ArmorFlash’s cryptographic algorithms have been evaluated and certified by the National Institute of Standards and Technology (NIST) in the US.
ArmorFlash supplies a unique ID, authentication, and encrypted links for an IoT device and serves as a secure memory for data and code. The QuarkLink platform also facilitates managing ArmorFlash-based security throughout the lifetime of IoT devices. Certificates and security policies are managed, firmware is signed and encrypted for secure over-the-air (OTA) updates, and key and certificate renewals are handled through this platform effectively.
See More: 5G, IoT, Edge and Cloud: The Winning Combination
Smart, Secure, Successful Architecture
In addition to being a part of our daily lives, IoT devices are also transforming our cities, offices, and homes into smart environments. It will be imperative that the electronic items of the future are intelligent and secure to connect all the devices. Thousands of hackers target IoT devices every day, so any company that uses or manufactures an IoT device needs to focus on and prioritize top-notch security.
This problem can be effectively fixed with low-energy chip architecture incorporated into IoT devices. The chips also feature trusted platform modules (TPM). The artifacts necessary to validate a device can be stored securely by a Trusted Platform Module (TPM). They may include passwords, encryption keys, or certificates to enable smarter, more secure access and protection.
Do you think low-energy chips are the way forward with IoT device protection? Tell us on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . Stay tuned for Part 2!
MORE ON IOT
- Top 10 Applications of IoT in 2022
- Beyond an IoTa of Doubt: 9 Essentials for IoT Security
- AI Adoption Will Grow Ten-fold by 2030, Dominated by Use in IoT
- How Ericsson Is Fixing IoT Implementation Challenges for Businesses: Q&A With Kyle Okamoto
- Microsoft Patches Five Azure Defender for IoT Vulnerabilities, Including Two Critical Ones
- Telematics and Connected Vehicle Cybersecurity: Driving Monetization and Protection