As IoT innovation has captured the public’s attention, a (smart) light has gone off inside the heads of building contractors, technology vendors and facilities managers around the world. Where lighting was once considered an energy hog, today’s sophisticated lighting systems based on sensors and light emitting diodes (LEDs) are not only energy efficient but also valuable conduits for information on everything from environmental conditions to asset visibility to conference room availability.
IoT-powered lighting systems can be a building’s eyes and ears. If your aim is to collect data about a building and its occupants, there is no better way than lighting. In fact, the potential upside is so clear in the marketplace that one out of every four luminaires will be ‘smart’ by 2020, according to the Boston Consulting Group.
But without proper care, smart lighting can also become a vector for pernicious digital attacks. Remember that one of the biggest attacks of recent memory, the Mirai botnet attack, came in through poorly secured video cameras.
So as companies embrace the data-unlocking power of smart lighting systems, they also need to consider how to secure them against attack, since smart lighting is entwined with the rest of a building system. If these systems share connectivity with enterprise functions, not only are a building’s entire operations vulnerable to compromise but also their business operations and IT infrastructure.
Fortunately, the right countermeasures, such as isolation (using hardware to isolate sensitive operations and data), cryptography (end-to-end encryption of data), tamper mitigation and side-channel attack protection (physical protection against tamper attacks such as spoofing, man-in-the-middle, malware and lab-based attack) and security services (secure remote firmware updates over the air) can minimize the risks of IoT lighting systems and greatly enhance their security features.
A security framework for smart lighting success
Here are three simple steps that organizations must take to secure IoT-enabled devices, their connection to the cloud, and the data that flows among them.
Conduct a Threat model and security analysis (TMSA) to ascertain the security risks facing today’s connected devices. This analysis carefully considers the assets that need protecting, identifies potential threats, and flags those individuals or groups most likely to attempt to compromise a particular system or company.
Although security considerations differ from one industry to the next, the most important questions to ask include:
- What is the attack surface?
- What are the assets that need to be protected?
- What type of breach do I want to protect against?
- What are the threats that I need to consider?
- What are the security requirements?
How does my product fulfill the security requirements?
Build a robust security model and architecture that are aligned to the organization’s security objectives. These may differ based on a company’s industry, corporate goals, and market trends.
As organizations discover the many benefits of smart lighting, IoT systems are likely to expand, incorporating more devices for a variety of applications, thereby producing a greater number of potential security risks. Organizations must, therefore, establish a baseline of IoT security based on Platform Security Architecture (PSA), to avoid introducing weak links, based on the following four key principles:
- Immutable device identity
- Trusted boot sequence
- Certificate-based authentication
- Secure over-the-air updates
Finally, to securely harvest, harness and analyze data, enterprises have started investing in advanced IoT platforms that go beyond a diverse collection of software stacks, libraries and prototyping boards. Building owners demand comprehensive, easy-to-use technologies that are interoperable with other building systems, provide robust device-to-cloud security and hide complexities of connectivity options from application developers while streamlines data management for their end applications.
Leading by innovating
Arm has a legacy of putting security first in its technologies. This has been amplified in recent years with the company’s Security Manifesto, which calls on all companies in the technology ecosystem to recognize a duty of care to protect technology users for the lifetime of products. It was further enhanced by things such as Arm TrustZone technology, which protects assets from software and hardware attacks by providing a secure and non-secure partition.
In addition, Arm’s Platform Security Architecture (PSA) provides a common foundation approach to security, allowing IoT to scale. It includes a comprehensive set of threat models, documentation, hardware and firmware architecture specifications, and an open-source firmware reference implementation.
Finally, a key feature of the Mbed IoT Device Platform–Arm’s targeted, end-to-end IoT implementation solution–is that it secures the device, communications between device and cloud, and the life cycle of the system.
To extend this security leadership, Arm this week has introduced a new range of IP to protect silicon against increasingly prevalent physical attacks. The new Cortex-M35P processor is the first Cortex-M to provide anti-tampering technology combined with robust software protection for highest levels of protection. In addition, enhanced new security IP delivers protection against side-channel attacks, including power and electromagnetic analysis.
In the world of IoT, end-to-end security is non-negotiable. It must be baked into the devices themselves to thwart threats. By doing so, organizations can take advantage of the benefits of smart lighting and other use cases while continuing to support a secure world of interconnected systems.