This book focuses on the impact of secure frontend devices for the Internet of Things (IoT). It explains how to identify vulnerabilities of IoT applications and how to protect them against misuse and attacks. Provided insights will help readers to design a reliable and trustworthy IoT ecosystem ensuring a high level of user confidence and a fruitful deployment. As a starting point, the book provides guidance how to identify risks and potential threats. Then, it explains which countermeasures are available and introduces all major ingredients for an efficient implementation of IoT security measures, e.g. a bullet-proof protection of user privacy and device identities. The author outlines an efficient design approach that combines classical embedded computing with smartcard technology and wireless cellular networking like LTE-M or NB-IoT. The target audience includes industrial professionals and students focusing on low cost design and a fast time-to-market. The book is ideal for engineering-minded IoT project owners to safeguard their business goals.
Author(s): Kersten Heins
Series: Synthesis Lectures on Engineering, Science, and Technology
Publisher: Springer
Year: 2023
Language: English
Pages: 166
City: Cham
Preface
About This book
Contents
About the Author
List of Figures
1 Introduction and Scope
1.1 Social Impact and Public Relevance
1.2 IoT Ecosystem
1.3 What is an “IoT Device” ?
1.4 Cellular and Other IoT Networks
1.5 IoT Security Scope
1.5.1 Communication Channel
1.5.2 End Devices
References
2 Challenges and Objectives
2.1 Why IoT Security Concerns All of Us
2.2 Critical Use Cases
2.3 Threat Analysis (STRIDE)
2.4 Vulnerability Analysis—Penetration Testing
2.4.1 Software Analysis
2.4.2 Side-Channel and Fault-Injection Attacks
2.5 Security Items for IoT Devices
2.6 Attacks
2.6.1 Attack Type
2.6.2 Attacker Expertise
2.7 Protection Level
2.8 Risk Assessment for Sample Use Cases
2.8.1 “Forest Sensor”
2.8.2 “Room Guard”
2.8.3 “eMeter”
2.9 National Regulations and Legal Standards
2.10 Security Evaluation and Certificates
2.10.1 Schemes
2.10.2 Common Criteria
2.10.3 SESIP
References
3 Cryptographic Toolkit
3.1 Symmetric Versus Asymmetric Ciphers
3.2 Digital Signatures
3.3 Identity Management
3.3.1 Digital Certificate
3.3.2 Public-Key Infrastructure (PKI)
3.4 Message Authentication Codes (MACs)
3.5 Key Establishment
3.5.1 Diffie-Helman (DH) Key Agreement
3.6 Secure Data Transmission
3.6.1 TLS Protocol
References
4 Ingredients for Secure Design
4.1 Intrusion Protection/Detection
4.1.1 Mechanical Intrusion
4.1.2 SCA and FI Attacks
4.1.3 Active Intrusion Sensing
4.1.4 Network Attacks
4.2 Standard Embedded Security Functions
4.2.1 Sign-Of-Life Indication and Watchdog
4.2.2 Secure Firmware Update
4.2.3 Integrity Check and Secure Boot
4.2.4 Key Generation and Provisioning of Device Credentials
4.3 IoT Design with Off-The-Shelf Elements
4.3.1 Hardware Suppliers and Online Support
4.3.2 IoT Clouds
4.3.3 Host MCU
4.3.4 Smart Card Security for IoT
4.3.5 Secure Elements
4.3.6 Security MCUs
4.3.7 Secure Network Modules
4.3.8 Physical Intrusion Sensors
4.3.9 IoT Device Production Stages
References
5 Device Design
5.1 MCU Options for Secure IoT Devices
5.2 Design Tips
5.2.1 Fourteen (14) Tips How to Improve Security of Any IoT Device
5.2.2 Physical Intrusion Protection
5.2.3 SE-Centered Concept
References
Glossary
