Security is a core requirement for manufacturers, developers, service providers and other stakeholders who produce and use IoT devices to develop systems and applications for Smart Cities and/or IoT systems, like those for industry 4.0 or connected cars. Securing these is a major challenge, and failure to do so can result in significant harm to individuals and businesses. The course will address the challenges to securing IoT and Smart Cities devices used to deploy systems and applications.
The course will focus on a hardware-led approach to create stronger security for IoT and Smart Cities systems, once software-based approaches are not sufficient to guarantee the application or system ""security. The course proposes three general areas of guidance:
Addressing fundamental controls for securing IoT devices. Developers must address two basic questions related to IoT and Smart Cities systems: “What are we trying to protect?” and “What is required to enable protection?” The answers result in a shortlist of fundamental controls necessary to implement hardware-based security. The core requirement is a trusted IoT operating environment enabled with a secure boot process that is impervious to attack. This requires a root of trust forged in hardware, which establishes a chain of trust for all IoT subsystems.
Using a Security by Separation approach. Security by Separation is a classic, time-tested approach to protecting computer systems and the data contained therein. Separation means functions cannot see or access other functions without authorization. By separating and restricting the availability and use of assets, security is enforced according to prescribed policy. In this way, software that implements one function does not have to trust software, which is implementing another function – each is separated from each other. The course focuses on IoT and Smart Cities systems that can retain their security attributes even when connected to open networks. It hinges on the use of logical separation created by a variety of methods: the most secure is hardware-based virtualization, which entails systems used to simulate, isolate and control IT assets. There are pros and cons to using other separation methods, but they can serve as interim implementations, such as paravirtualization, hybrid virtualization and Linux containers.
Enforcing secure development and testing. Finally, developers must provide an infrastructure that enables secure debug for IoT and Smart Cities systems during product development and testing. Normally, hardware debugging through JTAG allows the user to see the entire system. A secure system needs to maintain the separation of assets even when using hardware debugging. By embracing these initial areas of focus, designers can take action to create secure operating environments for IoT and Smart Cities systems by means of secure application programming interfaces (APIs). The APIs will create the glue to enable secure inter-process communications between disparate software and applications. The course will focus in IoT and Smart Cities systems to illustrate these challenges.