Sensing the danger

4 mins read

Thorsten Stremlau looks at why cybersecurity is so important when it comes to sensors and digital technologies.

The Internet of Things (IoT) has been revolutionising industries for several years now. Removing the need for many manual procedures frees up personnel for other, sometimes considerably safer, tasks. But the sensors used in Industry 4.0 are connected to networks of networks all of which are at risk of hackers. As the number of complex cyberthreats continues to rise, sensor technology can provide hackers with a route into other elements of a network, and this can lead to severe financial and reputational damage for an organisation.

Sensors enabled by the Internet of Things (IoT) are network-connected “smart” devices that collect and transmit real-time data about their environments and that data is then used to monitor and control the systems to which they are connected.

The use of IoT sensors has grown explosively in recent years and are poised for mass-scale adoption as an essential technology across a host of sectors from smart cities to industrial applications.

However, there is a lack of standardisation when it comes to IoT sensors, and this together with interoperability challenges, means that they have become a prime vector for cyber-attacks.

Consequently, cyber-attacks are targeting IoT sensors in greater numbers, in more industries, and with greater sophistication than ever before.

A new wave of threats

In a recent study, 54% of manufacturers in the UK interviewed advised they would not consider cybersecurity action despite adopting new Industrial Internet of Things (IIoT) devices to boost production.

This could prove to be a mistake, as the devices that operators are increasingly reliant on can quickly become weaponised against their operator and today’s hackers continue to find new ways of disrupting an organisation’s critical infrastructure.

For example, software controlling robotic arms used on the production line can be modified and corrupted resulting in faulty or dangerous products being created.

Alongside the potential for harm coming to consumers, any form of hack can result in a firm’s stock price taking a considerable significant hit if expensive product recalls and lawsuits follow.

The reality is that at some point, an organisation will likely be the target of an attack and to that end, sensors can provide a gateway for hackers in ways most would not expect. For example, 10 GB of data was taken from a casino in 2017 as hackers were able to enter its database through a fish tank thermometer found within the lobby.

Sensors and other instruments deployed in smart phones, such as the accelerometer can also be used as a means to unlock devices remotely, with researchers in Singapore using information generated from these to unlock smartphones with a 99.5% accuracy.

Establishing trust in your devices

Organisations must proactively mitigate the risks that a weaponised sensor could bring to their operations. There are a number of options available that can enhance their cybersecurity, but it is crucial that any approach taken can protect, detect, attest, and recover from any potential attack.

If an organisation is to overcome these attacks, they need to apply a model which establishes ‘trusted computing’. Doing so can provide a strong line of defence against any attempts to modify a sensor’s coding.

International standards and specifications, such as the Trusted Platform Module (TPM) documents from the Trusted Computing Group (TCG) should certainly be among the first stops for organisations. These can help sign and verify any data provided to a sensor or IoT device to establish whether it has come from a reliable source.

This ensures any communication is precise and secure and a TPM can also provide hardened storage for software or platform keys found in an IoT solution, protecting and attesting the algorithms used when computing data into a model.

Applying trusted principles that focus on cyber resiliency, network security, identity, and sensor attestation places an organisation in a strong position to identify, then mitigate any tampering or deviations in device behaviour.

But this approach doesn’t stop at the technology, as operators using sensors must ensure the individuals or organisations responsible for training their systems are compliant with the latest security specifications, else operations can quickly become corrupted.

Staying up to date with the latest trusted computing standards can go a long way to ensuring an adequate level of protection.

Strong security at little cost

But how can an operator establish integrity and accuracy within a sensor and mitigate potential vulnerabilities?

This is where Root of Trust (RoT) hardware plays a crucial role. Hardware such as a Device Identifier Composition Engine (DICE) can supply a unique security key to each firmware layer found in a sensor or connected device. This is then combined with the previous identifier found in the layer above, alongside a measurement of the current one.

Should an attack on your systems be successful, and a layer become exposed, the unique key accessed by a hacker cannot be used to breach further elements. This can help reduce the risk of a significant data breach and enables operators to trust the devices they utilise in a network.

A device can also easily be re-keyed should any unauthorised amendments be discovered within the sensor’s firmware, enabling users to quickly identify vulnerabilities throughout the system’s update process.

For organisations with smaller devices and an even smaller budget, specifications such as the Measurement and Attestation Roots (MARS) can be deployed to instil the necessary capabilities of identity, measurement storage, and reporting in a more cost-effective manner.

These elements should form the building blocks of a strong defence, as they give operators the tools to attest the health of a device – such as a sensor – and ensure there are no vulnerabilities available to hackers.

Using an isolated, lightweight hardware RoT, MARS can be integrated across several IoT and embedded devices, with logic being implemented directly into the hardware as a state machine. This is separated from the microprocessor environments, meaning the level of security found on the device is increased. DICE and MARS specifications establish the fundamental aspects of security without costing a fortune and should be considered vital tools in establishing trust in devices.

Protecting the digital ecosystem

Sensors and other connected technologies play an important role in optimising operations. As digitalisation continues to be embraced throughout a number of industries, the security of your devices must be paramount.

If your digital ecosystem cannot be trusted, then the riches earned through digital technologies will quickly turn to ruin.

To stay one step ahead of attackers, organisations must have cybersecurity measures in place and implement the standards and specifications on offer.

Using a TPM, DICE, or MARS alongside an approach which establishes cyber resiliency as a core value can enable businesses to enjoy the benefits of digital technologies without having to live in fear of the next attack. 

Author details: Thorsten Stremlau is Co-Chair of the Marketing Work Group, Trusted Computing Group