What Are The 7 Properties of Highly-Secured IoT Devices? – So durable value in an IoT system requires security so that you can protect the device against attackers. As we did an empirical study, what we found is that a device needs seven properties. I won’t go through the full list of those seven, but three of them, for example, are a hardware root of trust, defense in depth, and renewable security through software update.
So let me just drill into one of those, for example. So hardware root of trust, that means is that your device needs a cryptographically strong protected identity that’s embedded in the hardware so it can’t be stolen from the device, and also its hardware to validate that software that runs on that device.
So another example is defense in depth and the builds on top of a hardware root of trust. So hardware root of trust means I know that I have the right software running on the chip. But then the software then has to have multiple layers of defenses so that if an attacker is able to get in and find one exploit, that they can’t get farther into your system.
What we found is that these seven properties required for any device in order for it to be secure. So what we know is that you have to have all seven properties for a device. So let’s say that the device doesn’t have all of them implemented inside the device.
What that means is then you have to implement them with human practices and processes outside of the device. So to give you a very simple example, imagine that your device, we talked about defense in depth. Imagine that your device doesn’t have defense in depth and you have a zero-day attack, that means the attackers have found a vulnerability in your device and they’re using it to attack your device.
Well, if you’re an OEM and you’ve got a device like that, what you have to do is call all of your customers and say, “Quick, disconnect your device from the internet before it becomes compromised.” Another example of a property that many common devices don’t have, existing devices, is renewable security through software update.
So let’s say that you’ve found this vulnerability, you need to update all your devices to address that vulnerability of some of the new emerging threat. Well, if you don’t have software update, if those devices don’t remotely update themselves, you have to roll trucks and humans to go find those devices and go update those devices. So implementing the seven properties is really time-consuming and really hard.
What we’ve produced with Azure Sphere is an end-to-end solution that allows an OEM to build on top of Azure Sphere and know that their device already has the full seven properties built-in and always on by default. Azure Sphere contains four elements, three technical, one people. So the first element are Azure sphere chips, these are chips that have a hardware reader trust created by Microsoft that are built by our silicon partners.
On top of that, we run the Azure Sphere operating system that within those chips creates a secured software environment. Then there’s a Cloud service, and the Cloud service protects the chips and the Apple devices over their lifetime. Now that forced element is our people. What that means is our security experts are watching and they’re creating new security updates for those devices over time. We’ve got your back.
Web enthusiast. Thinker. Evil coffeeaholic. Food specialist. Reader. Twitter fanatic. Music maven. AI and Machine Learning!