How to make sure the IoT is as secure as it should be

4 mins read

Attacks on Sony and Target suggest current enterprise security, in many companies, is not fit for purpose. The Internet of Things means that almost anything can now be connected to the Internet, but that also means that anything connected to the Internet can be hacked. Most of the information isn't transmitted securely and many apps have vulnerabilities that can be easily exploited by anyone with the necessary skills.

While both at home and in the workplace IoT security is being recognised as a serious issue, as pressure grows to get product to market quicker, invariably corners tend to be cut when it comes to understanding and implementing secure operating systems.

The ideas behind the IoT are not new; we have had connected embedded devices for many years. These installations were self contained, operating a proprietary network which was relatively easy to make secure as everything was enclosed within it. What is new is that, today, we have networks that are being controlled externally whether that's through the Cloud, through external management systems or through control facilities via the Internet.

"As soon as you open up a proprietary network, whether that's deploying new technology or managing it externally, you then open a back door into something that had been relatively well protected," suggested Robert Day, sales and marketing director with Lynx Software.

"The good news is that security is becoming an issue as more companies realise their systems are vulnerable. Recent events in the US, and the examples of Sony and Target, have highlighted the risks companies face. These were high profile hacks that suggested current enterprise protection isn't working as it should."

That security isn't as strong as it should be isn't helped, according to Day, by the fact that security experts now have to deal with a broader range of issues and threats – security is becoming a much bigger job and that is stretching resources.

"Everything in the embedded world is becoming connected to the Internet; connected devices and personal devices and the information they provide and how they are controlled are all vulnerable to cyber attacks," he said. "But, with a better understanding of the security risks that the IoT brings, there are new opportunities available to build much better levels of security into connected devices from the ground up."

Lynx has chosen to target the gateway between the IoT and the operating system, what it defines as the IT and OT networks.

"It is, in our opinion, 'horribly vulnerable', especially if you are not employing any segregation. It is the point where hackers look to break in as it is the point where the IT and the OT networks meet. It's where the Internet and the collection of information join the network, which is most likely a Linux based proprietary system – sometimes, although not typically, Windows based. If hackers succeed in breaking into its root privileges, they will then be able to see everything that Linux is talking to on the network including all the devices being managed."

For Lynx, the gateway is the most vulnerable part of the infrastructure, so it believes this requires a more comprehensive and systematic approach when it comes to its security.

"LynxSecure technology has been developed to protect the gateway. It provides a secure virtualisation environment in which multiple secure and non secure operating systems – such as Linux, Windows and Solaris – can perform without compromising their security, reliability or data. We run the guest operating systems in virtual machines on top of a small separation kernel.

"The separation kernel provides strict isolation on a single hardware platform, separating memory, CPU and devices without the need of the 'helper' operating system that is usually found in most other hypervisors," Day explained.

Originally designed for use in high threat device environments, such as the military, the separation kernel technology developed for LynxSecure was seen as a way to consolidate increasingly complex systems into a single physical system which was more easily managed.

Hardware virtualisation involves the creation of a software environment that mirrors the hardware capabilities of the operating system and preventing a breach of the virtualisation platform is critical. Common vulnerabilities will include such things as denial of service, insecure initialisation, data corruption and unauthorised access to data.

Traditional hypervisors tend to fit into two commonly designated architectures – type 2 and type 1. Type 2 hypervisors run as applications on top of a general purpose OS, such as Windows or Mac OS. Type 1, also referred to as bare metal, is a single software hypervisor package that runs directly on hardware.

These hypervisors are, however, less suitable for use in embedded systems because they include a significant amount of additional logic that can greatly impact the size, security, and performance of an embedded system design.

Hardware virtualisation provides levels of performance very close to the native speeds of guest operating systems running in isolated domains: with LynxSecure, that virtualisation technology has been designed to sit above the separation kernel.

"In effect, the hypervisor technology has been split in two. It exists in both the operating and Internet domains which, we believe, makes it more secure. If the vulnerable elements of the device – usually the Internet connectivity – are compromised, hackers will be limited as to where they can go once they have broken in," Day said.

"LynxSecure can securely separate different networks, for example the IT and OT networks commonly found in IoT gateways. It can also securely partition persistent storage to isolate critical information from malicious threats," he explained.

According to Day, the next generation of connected embedded systems will require enhanced security, especially if these systems are controlling critical infrastructure.

"Developers will need to be able to design more secure connected systems without sacrificing power, performance or functionality," Day suggested. He explains this was why the company made the decision, announced at embedded world in February 2015, that both its LynxOS 7.0 RTOS and LynxSecure would be ported to ARM based processors.

According to Day: "More companies are looking at ARM processors, especially the multicore Cortex-A series. Using ARM cores, it is possible to scale from simple sensor nodes, using the Cortex-M and Cortex-R cores, to more intelligent ones using the Cortex-A series. These devices now have the processing power to support virtualisation, which until relatively recently had only been available with Intel processors."

Now that ARM's cores are capable of supporting virtualisation across a growing number of variants, it will be possible to employ LynxSecure to provide a much stronger level of security – whether in the industrial space, factory automation or the automotive and medical markets, Day believes.

"Wherever proprietary systems are connected to the outside world, they are vulnerable to ever more sophisticated attack vectors, especially those systems that are reliant upon regular operating systems," he concluded.