The Internet of Things is one of the most vulnerable targets for hackers trying to infiltrate computer networks, loot information, or remotely control of factory equipment and critical infrastructure. The challenge has been the high cost of security for IoT devices. It is more affordable for manufacturers to build a product without spending time on the security—which could end up straining the limited compute and memory inside IoT devices.
On that front, Silicon Labs is trying to improve the defenses of IoT devices. The company plans to install a secure subsystem into its microcontrollers in mid-2020. The Secure Vault technology isolates secure key store management, cryptography, and other features, making the device more secure by default. By adding it to a wireless microcontroller, Silicon Labs said Secure Vault can be used to regularly update devices as threats are exposed.
Matt Johnson, the company's senior vice president of IoT products, said the Secure Vault is one of the most advanced sets of integrated hardware and software protections for the IoT. The system, which has a dedicated core, memory, and bus interface, is isolated from the other parts of the system-on-chip (SoC). That not only serves to simplify development of secure IoT products, but it also helps to defend the device against unforeseen threats.
Billions of Internet of Things devices are inadequately secured, and the hackers hijacking them can inflict significant damage. Compromised devices could be used to infect factory systems or interfere with medical equipment. The vulnerability in a connected lock could allow attackers to remotely unlock the front door to a house. Once the attackers infiltrate the device, they may also take advantage of it as a gateway to other parts of the network.
To close vulnerabilities as they are spotted, many manufacturers are adding mechanisms to securely update the device over its service life, which may be more than a decade. But the process itself is also a potential vulnerability. The device needs to authenticate that the updates are genuine and can be trusted to close the security hole. It also needs to thwart hackers from intercepting the update and interfering with the secret stash of code.
With hackers using sophisticated attacks against IoT devices, Silicon Labs is looking to highlight the need for hardware countermeasures as the front line of defense. The Secure Vault is a secluded subsystem barricaded from all other parts of the chip. Other vendors are rolling out secure elements and other modules that are physically isolated on the circuit board of the device—the secure enclave embedded in the Apple iPhones, for instance.
"Embedded security is a key requirement for IoT products, and software updates alone cannot address all of the vulnerabilities present in insecure hardware," Tanner Johnson, senior analyst at market researcher Omdia, said in a statement. "As a result, hardware components can comprise the front line of defense for device security." These parts can also be less costly than trying to secure a compromised device long after manufacturing, he said.
Many IoT manufacturers are adding secure chips that act as the unchangeable root of trust (RoT) of the device, running checks every time the system restarts to confirm that nothing has been maliciously altered. Others are installing secure elements (SE), which can protect against more devastating attacks. NXP Semiconductors, Renesas Electronics, and other top vendors are also slapping secure elements on microcontrollers used in factories and cars.
Silicon Labs said that the Secure Vault adds another layer of protection to forestall all sorts of attacks. If the root of trust is a padlock and the secure element is a safe, then the secure vault is the strongroom of a bank, according to Silicon Labs. The system stores and manages secret keys, which are used to authenticate that devices on the network can be trusted. It can also be used to hamper hackers trying to steal data by tampering with hardware.
The Secure Vault system supports the storage and management of the secret keys, which serve as proof of the immutable identity of the device. The technology also guards against theft by concealing and isolating the secret keys from the other electronic processes of the microcontroller. These secret keys are important in preventing attackers from spoofing and cloning IoT devices in order to intercept information or valuable intellectual property.
The master key is erased and replaced every time the system starts instead of preserved in the system, where it could be plundered by attackers. A physically unclonable function in the subsystem pumps out the secret codes used to forge the master key. The codes are based on slight variations in the manufacturing of the chip and, as a result, serve as the unique fingerprint of the device. The unchangeable ciphers cannot be cloned, stolen, or shared.
Silicon Labs said the Secure Vault can also be paired with factory provisioning. The company said it would work with customers to load credentials—analogous to a birth certificate—into the chip while on the production line. The credentials can be used to guarantee the chip's authenticity over its service life. They can be used by devices to identify each other on a network and understand whether they have permission to share data.
Internet of Things devices need to be protected against side-channel attacks, too. With physical access to the hardware, hackers are able to monitor the power consumption and other internal operations of the embedded device. These details can be used to unravel the cryptography of the system and uncover the secret keys that are stored in the recesses of memory. These types of vulnerabilities are also often inexpensive for hackers to exploit.
Secure Vault, according to Silicon Labs, has improved protections against tampering. It can be used to identify attempts to intentionally sabotage the device by altering the voltage or temperature of the microprocessor, siphoning out secret keys or other data in the process. Once the alarm is sounded, the Secure Vault can be programmed to shut down or restart the device. Customers can also instruct it to destroy the keys to keep them from hackers.
In addition, it offers other countermeasures against side-channel attacks, including differential power analysis (DPA). These attacks are based on indirect information from the device, ranging from the timing of signals to swings in power consumption as cryptography runs in the background, to figure out the secret keys. Silicon Labs said that the keys are protected by scrambling the timing signals and camouflaging valuable data on the device.
The Secure Vault system also offers secure boot, which defends the device from tampered code by testing it against the original copy every time it resets. Furthermore, the system is designed to lock the interfaces used for debugging the device, which prevents attackers from abusing vulnerabilities in the ports. Silicon Labs said it also blocks hackers from reloading out-of-date firmware into the device to reopen previously patched faults.
Silicon Labs plans to start selling microcontrollers with Secure Vault before the second half of 2020.