What's The Right Security for IoT?

What’s The Right Security for IoT? IIC (Industrial Internet Consortium) Public Forum Yoshiaki Ujino June 3, 2016

Agenda

Infineon introduction

Introduction to IoT

Risk Analysis

Countermeasures

Into the Future

1

2

3

4

5

2 2016-06-03 Copyright © Infineon Technologies AG 2016. All rights reserved.

Agenda


Introduction to IoT

Risk Analysis

Countermeasures

Into the Future

1

2

3

4

5


Infineon application portfolio

Industrial Power Control (IPC)

Power Management & Multimarket (PMM)

Chip Card & Security (CCS)

Automotive (ATV)


Infineon enables security in the connected world

Courtesy: AUDI

Applications

Internet of Things (incl. Industry 4.0), mobile security, embedded security, trusted computing, machine to machine, (mobile) payment, SIM applications, transport ticketing, government identification, NFC


Infineon offers security solutions for smart cards and emerging use cases


Infineon’s active Role in the Standardization Arena

Member of Industrial Internet CONSORTIUM

Active contribution to ETSI standards

Contributing all

relevant activities

Serving solutions including OS

Focus on approvals for all relevant NFC products

Principal Member of NFC Forum

Co-Founder and active contribution of Open Standard for Public Transport

Security Founding Member Promoter of Trusted Computing Group


http://www.globalplatform.org/

http://de.wikipedia.org/w/index.php?title=Datei:Java-Logo.svg&filetimestamp=20061221200047

http://fidoalliance.org/index.html

Agenda


Introduction to IoT

Risk Analysis

Countermeasures

Into the Future

1

2

3

4

5


The increasing connectivity will influence the life we know in manifold ways.

IoT growth until 2020

Source: Mario Morales, IDC


Definition

IoT is moving from a centralized structure to a complex network of decentralized smart devices

“A world where physical objects are seamlessly integrated into the information network.”


Internet of Things (IoT) Drives Increased Profits

Smart Home Automotive Industrial ICT

Greater efficiency 2

Increased flexibility and customization 3

New capabilities and services 1


IoT Trend Affects All Markets

Factory Automation

Smart Vehicles

Smart Cars

Commercial, Agriculture & Construction Vehicles incl. Trucks & Busses

Low speed vehicles

Smart Cities & Energy

Smart Industry & Business

Smartphones, Tablets & PCs

Consumer Electronics & Wearables

Smart Home

Smart Home & Consumer Devices

Other Business

Other Transport

Energy

Building Automation

Professional Lighting

Infrastructure

Data Center / Server Farms Communication Networks

Smart ICT

Medical Equipment


Industrial manufacturing will go through disruptive changes: 4th industrial (r)evolution

85% of responding companies will have implemented 4.0

in their key areas by 2020 Source: Strategy& and PWC


Security need for Industry 4.0

Smart factories will only be built if implementation is reliable and cost-effective.


Japan, Germany team on Internet of Things standards

April 13, 2016 6:30 am JST

Japan, Germany team on Internet of Things standards

TOKYO -- Japan and Germany will join hands in creating international standards for Internet of

Things technology, Prime Minister Shinzo Abe said Tuesday.

Japan will "work toward establishing international standards together with Germany, a

country that also has a strong manufacturing industry," Abe said in a public-private forum on

investment. By 2020, Japan aims to have advanced systems at 50 locations that let companies

and factories share data collected through sensors, he said.

Tokyo and Berlin are to sign a memorandum of understanding for cooperation in the Internet

of Things as early as this month. In Japan, individual businesses have been separately

developing technologies for Internet-connected products. By cooperating with Germany, which

leads in the field, Japan hopes to play a major role in developing international IoT standards.

Germany and Japan can cooperate in many areas, since both have manufacturing sectors

that contribute more than 20% to their gross domestic product, said Henning Banthien,

secretary general of the Plattform Industrie 4.0, a German Internet of Things promotion

organization.

Abe also revealed plans to create a panel on artificial intelligence, with the goal of devising a

road map for development and commercialization of AI by the end of fiscal 2016.

(Nikkei)


IoT Architecture

IoT Has Many Layers

Gather data Analyze

Send commands

Reliably convey data and

commands

Send and receive data and

commands


Agenda


Introduction to IoT

Risk Analysis

Countermeasures

Into the Future

1

2

3

4

5


IoT Attacks Growing


Security threats for IoT

Each Layer can be Attacked

An Eavesdropper

listening in on data or

commands can reveal

confidential information

about the operation of

the infrastructure. A Bad Device injecting

fake measurements can

disrupt the control

processes and cause

them to react

inappropriately or

dangerously, or can be

used to mask physical

attacks.*

A Bad Server sending

incorrect commands can

be used to trigger

unplanned events, to

send some physical

resource (water, oil,

electricity, etc.) to an

unplanned destination,

and so forth.

Bad Server

Bad Device


Protecting Our Values with IoT Security

› Provide safety and privacy › Maximize uptime › Protect revenue stream

› Enable and create business models › Differentiate from competition

Security

Privacy

Safety Reliability

› Reduce costs › Increase quality and reliability


Agenda


Introduction to IoT

Risk Analysis

Countermeasures

Into the Future

1

2

3

4

5


Development guideline for connected world

Information-technology

Promotion Agency(IPA)

“Development guideline for

Connected world”

March 2016

Policy

Risk

Analysis

Design for

Countermeasure

Design for

Lifecycle

Security

Management


Common Defenses

IoT Defenses


Bad-Better-Best: Options for IoT Security

Main CPU Software Main CPU Hardware Software

Manufactured by security certified processes

Security certified

Tamper resistant

Strong isolation

Resistant against IP Theft

Crypto functionality

-

-

-

-

- 24 2016-06-03 Copyright © Infineon Technologies AG 2016. All rights reserved.

Scalable Trust Anchors for IoT

OPTIGA™ Trust

Design-in complexity

Feature set

Security Level

Personalization (loading of keys and certificates)

OPTIGA™ TPM

CC EAL 4+

low medium

Authentication TPM standard

OPTIGA™ Trust P

CC EAL 5+

medium

Programmable

OPTIGA™ Trust E

low

PKI-supported

Authentication

Security and Complexity

Note: basic | advanced


IoT solution with Optiga Trust P Macnica Mpression Adaptive Bee

https://store.macnica.co.jp/library/116873


Agenda


Introduction to IoT

Risk Analysis

Countermeasures

Into the Future

1

2

3

4

5


Likely Future Developments in IoT Security

– Expanded security features

– Expanded cryptographic algorithms

– Hardware Root of Trust standard in all IoT systems

– As today for IT and payment

– Regulations, insurance, etc.

› Continuing exploitation and damage

› Additional functionality

› Tighter integration with IoT systems

› Growing external requirements for stronger security


Summary

To protect our values, strong IoT security is needed.

Scalable Hardware Trust Anchors provide the Right Security for IoT.

IoT shows tremendous promise.


IoT / Industry 4.0 Security Forum


Part of your life.

Part of tomorrow.

We make life easier, safer and greener – with technology that achieves more, consumes

less and is accessible to everyone. Microelectronics

from Infineon is the key to a better future.


Contact Information

Thank You For Your Attention

Infineon Technologies Japan K.K. Yoshiaki Ujino Manager Regional Center Chipcard & Security Japan Marketing Group Infineon Technologies Japan K.K.

Gate City Osaki East Tower 21F 1-11-2 Osaki, Shinagawa-ku Tokyo 141-0032, Japan Tel +81,3,5745,7298(Dial In) E-mail: [email protected] URL: http://www.infineon.com/jp


mailto:[email protected]

What's The Right Security for IoT?

Documents

Transcript of What's The Right Security for IoT?