Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
 
EE Times-Asia > Networks
 
 
Networks  

Securing MCU RTOS for the Internet of Things

Posted: 02 May 2014  Print Version  Bookmark and Share

Keywords:Internet of Things  IoT  Electrical transmission  MCUs  MPUs 

Our society is highly dependent on the Internet for conducting a majority of our business, for a large percentage of our communications and financial transactions as well as entertainment. Internet dependence will only grow as more and more devices are added to the Internet of Things (IoT). Dependence will create significant vulnerabilities if these devices are not secure. Without security on every device, those devices will be subject to attack and failure.

Many IoT devices that are activated now will remain in service for many years, depending on the application. For example, utility meters are rarely changed. Communications infrastructure is designed to be compatible and operational for fifty years. Electrical transmission systems last thirty years or more. Homes, offices, industrial buildings, and other structures are intended to last indefinitely with retrofits in terms of decades. If these new systems are not secure now, they could be disposable very quickly as threats grow.

To preserve user investments in smart devices and protect them from intrusion, security is an essential requirement for all new devices. Of the 50 billion IoT devices expected to go onto the Internet in the next few years, a huge percentage of them will be microcontrollers or small microprocessors with limited resources. Fortunately, these small devices can be more secure than much larger devices because they are more easily protected and are not subject to the same type of threats. This does not mean that security is easy, just that it is not as difficult if you properly exploit the features of MCUs and small MPUs. The remainder of this article discusses how to protect small devices on the Internet of Things.

Necessary IoT security features
To completely lock down an MCU or small MPU the following security features are generally required, although some may not be necessary for every system. Security using standard information technology security solutions are the core security mechanisms for deeply embedded MCU and MPU products. These security protocols include:
 • TLS
 • IPSec / VPN
 • SSH
 • SFTP
 • Secure bootloader and automatic fallback
 • Filtering
 • HTTPS
 • SNMP v3
 • Secure wireless links
 • Encryption and decryption
 • Encrypted file system
 • DTLS (for UDP-only security)
 • Secure email

TLS, IPSec/VPN, HTTPS, Secure wireless links, and DTLS are all means to secure communications links. SFTP provides secure file transfer while SSH provides secure remote access and Secure email provides email services over encrypted links.

A secure bootloader with automatic fallback ensures that the system cannot be corrupted. SNMPv3, encrypted data, and an encrypted file file system protect data through encryption either locally or as it is about to be transferred to another machine. Filtering is really a firewall feature, intended to keep out unwanted and uninvited guests. Each section and each item will be discussed after a discussion on system level security.

System security
Security is only as strong as its weakest link or component. To make a system secure, all the various communication channels, all the file transfer, all the data storage, and any means to update anything must be secure as well. In the case of systems with dynamic loading, modification of executable files and other other sophisticated features, security is difficult. Imagine the following scenario:

1. An intruder moves a file onto the machine using email, ftp or some other means.
2. The file is dynamically loaded and when it runs, it corrupts other executable files. It then cleans up and deletes itself.
3. If the virus is new or unknown to the system, it won't be recognised as a virus and will pass into the system and infect it.

1 • 2 • 3 Next Page Last Page



Article Comments - Securing MCU RTOS for the Internet o...
Comments:  
*  You can enter [0] more charecters.
*Verify code:
 
Webinars

Seminars

Visit Asia Webinars to learn about the latest in technology and get practical design tips.

 
 
Back to Top