Bench Talk

According to market researchers, customers of connected products are desperately concerned about security, and they want it—as long as it has little or no impact on price. Not surprisingly, product developers often use this as a deciding factor when forced to compromise on features while balancing key objectives of design cost, bill of materials (BOM), and power, among other things. Yet, a longer view of the product life cycle suggests that organizations are taking a significant gamble in approaching security as anything less than a critical requirement for any connected products, including Internet of Things (IoT) devices.

Development organizations already face a series of tough choices in building IoT devices and applications. Design decisions on factors such as system performance, memory size, power consumption, and wireless technology are by no means simple. Nevertheless, system architects can make tradeoffs informed by customers' willingness to pay for the functionality enabled by those features. Because security appears to offer a more tenuous payoff, it often finds itself relegated to the long list of "nice-to-have" features that fail some ephemeral test of cost/benefit when developers are making hard decisions on resource-constrained designs.

Unfortunately, there's a significant chance that customers’ devices will eventually be hacked—and they'll pay one way or another. There's no avoiding the fact that security adds cost at some level. Where that cost occurs in the product life cycle can make a significant difference in its magnitude. In the worst case, a breach may force organizations to pull IoT applications offline to patch compromised software and begin tackling the complex task of retrofitting security.

Software teams are all too familiar with the challenges involved in fixing bugs in deployed packages. Unfortunately, the challenges are likely to be much worse in IoT applications. A security breach at the lowest level of the IoT will likely encompass entire networks of devices, because automated hacker tools won't stop at one device or device type. With compromised IoT devices under their control, hackers can poison the data stream flowing to the enterprise, consequently impacting analytics, machine learning, and key control processes. The resulting tangible costs in lost revenue and intangible costs in damaged customer relationships can be incalculable.

On the other hand, organizations can more reliably reduce the cost of security by embedding it in designs early in the development process. For projects with stern restrictions on hardware design, size, and costs, developers can at a minimum take advantage of software libraries to implement fundamental security mechanisms and protocols. Still, a software-only approach comes with its own appreciable costs. At best, a software-only approach results in lower performance and requires more program memory; at worst, it leaves open attack surfaces for hackers. The minimal addition of protected storage for private keys—used in encryption and authentication—can help harden the design, but it requires suitable hardware memory devices. Fortunately, designers can draw on a growing number of MCUs that provide protected storage as well as hardware crypto accelerator engines. Even better, developers can turn to dedicated security devices that provide near-turnkey security at the cost of an additional device in the BOM.

Despite the use of authentication, crypto, and secure key storage, designs may still present attack surfaces associated with software updates and code loading processes. Developers can address these vulnerabilities using secure over-the-air (OTA) update and secure boot mechanisms. Ideally, these would extend to an implementation of more fundamental mechanisms, thereby delivering a hardware-based root of trust, which is standard in secure environments. Building on this trusted platform, developers can reliably implement more sophisticated security methods needed to detect, intercept, and mitigate attacks.

Security starts with device security, which in turn, starts with the recognition that security is a critical requirement in design. Cyberattacks are already becoming more sophisticated, and the IoT is a prime target. For development organizations, gambling on the forbearance of cybercriminals can be a costly proposition.

Learn more with our Hardware Data Security eZine.