Securing Internet-Connected Devices

Problem Statement

The recent DDOS attack on Dyn servers by a botnet of ICDs highlighted the vulnerability of unprotected smart devices from malware and other forms of cyber attacks. For many this is just the tip of the iceberg, highlighting the likelihood of many such nightmare scenarios in the future. The projected massive growth in IoT, from door locks to traffic lights, is both exciting and extremely daunting.
24 billion connected ‘things’ by the 2020 will be worth $1.7 trillion globally. The promise of previously undreamed of convenience is very enticing. Imagine the consequences as (or when) thousands of driverless ‘connected cars’ get hacked. Or a smart shower that cannot be turned off.

Proposed Solution

The issues involved with managing the security issues associated with the vast number of devices connected to the Internet are highly complex and consequently the set of proposals to address them requires a mix of technical solutions, usability, certification and regulation.

While it is apparent that ensuring the correct software is installed on sensors and small devices, this is not an especially useful piece of advocacy. Far more important is to ensure that all devices are running the latest software that support the latest protection. The one huge gap with all these small devices is whether or not they are well-managed; so that if they are not kept up to date, they should be isolated.

Other industry initiatives and technical solutions in this area will abound with the core issues being associated with authentication, consent and compliance . For example:

  • The issues of authentication being addressed by the 5G PPP
  • The potential of ‘lightweight crypto’, often overlooked by  SIM manufacturers, although there may be a role for some loss of functionality depending on whether the objective is velocity, size, security, performance, latency etc.
  • Getting access to the TrustZone
  • The absence of  the attestation of compliance in many cases

One solution would be to provide security quantification for such devices, i.e., making security measurable, using methods based on computational trust. Long term this could lead to an alternative/extension for current certificate authority-based solutions.

Another idea entails providing a means for making mobile devices more trustworthy and controllable representatives of their owners as compared with having them controlled by hardware/operating system/application suppliers and telcos. An extension to this would be to explore the trend towards managing the ‘swarms’ of devices, not only individual smartphones, surrounding each of us. This approach – coined ‘AlterEgo’ by TU Darmstadt – is a challenging vision that requires a socio-technical design approach and comprises all the challenges of developing such devices in a secure, trustworthy and transparent manner.

Working Group Approach

This working group will focus on practical recommendations for how businesses, governments and citizens can restore trust in ICDs and prevent the future of IoT being scuppered by hackers.  It is intended to neither provide advice to developers or manufacturers nor produce a gap analysis but rather address some technical solutions as well as broader societal, policy and legislative issues, such as the problems or pain points customers would encounter. Among the technical solutions would be an exploration of security quantification and the ideas associated with ‘AlterEgo’

Outputs

Deliverables include setting out insights and recommendations for businesses, governments and citizens as well as a demonstrator platform for testing IoT devices and the results of a small number of technical solutions.

Dissemination will be aimed at ongoing consultation with the appropriate departments of the EC as well as a one-day workshop with external stakeholders

Timeline is 12 months from 2 February 2017