48
Building Secure Connected Devices Kedar Sovani

Iot secure connected devices indicthreads

Embed Size (px)

Citation preview

Page 1: Iot secure connected devices indicthreads

Building Secure Connected

DevicesKedar Sovani

Page 2: Iot secure connected devices indicthreads

Who am I?

• IoT @ Marvell for 7 years

• 1st Apple HomeKit SDK, 1st Google Weave on μC

• Powering millions of Wi-Fi IoT devices in the field

Page 3: Iot secure connected devices indicthreads
Page 4: Iot secure connected devices indicthreads
Page 5: Iot secure connected devices indicthreads

Anywhere and Everywhere

Page 6: Iot secure connected devices indicthreads
Page 7: Iot secure connected devices indicthreads
Page 8: Iot secure connected devices indicthreads
Page 9: Iot secure connected devices indicthreads

Google for the term IoT Security

Page 10: Iot secure connected devices indicthreads

Result Type I: Doomsday Hacking Scenarios

Page 11: Iot secure connected devices indicthreads

Yes, security is a concern

• Increased surface area for attacks• Connects to the physical world around us• Newer and tinier hardware• Newer developers

Page 12: Iot secure connected devices indicthreads

Courtesy: Darkreading.com

Result Type II: Buy Our Product

Page 13: Iot secure connected devices indicthreads

But How Do I Build for Security?

Page 14: Iot secure connected devices indicthreads

Secure By Design

Page 15: Iot secure connected devices indicthreads

Device Interactions #1

Page 16: Iot secure connected devices indicthreads
Page 17: Iot secure connected devices indicthreads
Page 18: Iot secure connected devices indicthreads
Page 19: Iot secure connected devices indicthreads
Page 20: Iot secure connected devices indicthreads

Remote Access

Page 21: Iot secure connected devices indicthreads
Page 22: Iot secure connected devices indicthreads

Standards!

• No home-grown security schemes• Rely on established security standards #2

Page 23: Iot secure connected devices indicthreads

TLS

• Transport Layer Security• Certificate-based Server Authentication • Secure Key Exchange• Encrypted Channel• Certificate-based Device Authentication• Secures Bank Transactions

Page 24: Iot secure connected devices indicthreads

Technology Advancements

• Hardware Capability• Memory• CPU

• Strong Software• Many Open Source implementations

Page 25: Iot secure connected devices indicthreads
Page 26: Iot secure connected devices indicthreads

Courtesy: Ars Technica

An interesting search engine

Page 27: Iot secure connected devices indicthreads
Page 28: Iot secure connected devices indicthreads

Malformed Content?

• What about: malware/viruses?• Communicate with known server

• controller by known entities• Write protection

Page 29: Iot secure connected devices indicthreads
Page 30: Iot secure connected devices indicthreads

Local Access

Page 31: Iot secure connected devices indicthreads
Page 32: Iot secure connected devices indicthreads

Local Network

• Acts as a client for outside world• router firewall

• Encrypted traffic at the MAC layer• Requires Password/Certificate for access (explicit

delegation)

Page 33: Iot secure connected devices indicthreads

Switch Network?

• Remember AP Security• Force physical access to reset-to-factory

Page 34: Iot secure connected devices indicthreads

New Device

Setup?

Page 35: Iot secure connected devices indicthreads

Authenticate the other endpoint! #3

Page 36: Iot secure connected devices indicthreads

Authenticate the other endpoint!

Page 37: Iot secure connected devices indicthreads
Page 38: Iot secure connected devices indicthreads

Compromised User

• Guest access to the network?• Malware on user’s phone?• Additional Cryptographic layers on top of the MAC

layer• User Management

Page 39: Iot secure connected devices indicthreads

Tradeoff

Page 40: Iot secure connected devices indicthreads

Physical Access

Page 41: Iot secure connected devices indicthreads
Page 42: Iot secure connected devices indicthreads
Page 43: Iot secure connected devices indicthreads

Physical modification

• Change the server address/keys?• Change the firmware?• Trusted Boot

• Signed Firmware• Encryption

Page 44: Iot secure connected devices indicthreads

Device Phishing

• Completely change the device?• Device Authentication – PKI

Page 45: Iot secure connected devices indicthreads

Zarro Boogs Found!

• Firmware upgradeability• Connectivity Bonus: evolving appliances

• Fix security vulnerabilities• Possible attack vector

Page 46: Iot secure connected devices indicthreads

Scrutinize #4

Page 47: Iot secure connected devices indicthreads
Page 48: Iot secure connected devices indicthreads

@kedarsovani

Thank You!


Connected Retail: Running the Store with IoT

Connected Retail: Running the Store with IoT

Business
BigchainDB and IoT at Bosch Connected worlds

BigchainDB and IoT at Bosch Connected worlds

Internet
Top 10 innovative IoT connected devices

Top 10 innovative IoT connected devices

Technology
Introduction to Startupbootcamp IoT | Connected Devices

Introduction to Startupbootcamp IoT | Connected Devices

Technology
Value for a Connected Vehicle (IoT)

Value for a Connected Vehicle (IoT)

Technology
IoT Meetup Stockholm - Designing Connected Products

IoT Meetup Stockholm - Designing Connected Products

Design
Mobile IoT: 3GPP standard per reti LPWA e IoT security · Mobile IoT: 3GPP standard per reti LPWA e IoT security. ... Connected Consumer Electronics 4 Million Connected Car ... Module

Mobile IoT: 3GPP standard per reti LPWA e IoT security · Mobile IoT: 3GPP standard per reti LPWA e IoT security. ... Connected Consumer Electronics 4 Million Connected Car ... Module

Documents
Connected Things I: IoT Sensor Nodes & Arduino

Connected Things I: IoT Sensor Nodes & Arduino

Documents
IoT and Future of Connected world

IoT and Future of Connected world

Internet
J2EE, SOA and Web2 - IndicThreads › ... › SOA_web2_j2ee-Indicthreads... · 12/1/2006  · J2EE, SOA & Web2.0 Speaking at IndicThreads conference on Java Technologies Pune, December

J2EE, SOA and Web2 - IndicThreads › ... › SOA_web2_j2ee-Indicthreads... · 12/1/2006  · J2EE, SOA & Web2.0 Speaking at IndicThreads conference on Java Technologies Pune, December

Documents
SFO15-209: Cisco Connected Life IoT Gateway

SFO15-209: Cisco Connected Life IoT Gateway

Technology
IoT-O, a Core-Domain IoT Ontology to Represent Connected Devices Networks · 2020-05-28 · IoT-O, a core-domain IoT ontology to represent connected devices networks Nicolas Seydoux

IoT-O, a Core-Domain IoT Ontology to Represent Connected Devices Networks · 2020-05-28 · IoT-O, a core-domain IoT ontology to represent connected devices networks Nicolas Seydoux

Documents
Big Data – Analytics – IoT – BIoT – Smart, Connected .... Herr... · Big Data –Analytics –IoT –BIoT –Smart, Connected Buildings –Smart Energy Analytics

Big Data – Analytics – IoT – BIoT – Smart, Connected .... Herr... · Big Data –Analytics –IoT –BIoT –Smart, Connected Buildings –Smart Energy Analytics

Documents
Davra IOT Solution - Connected Roadways

Davra IOT Solution - Connected Roadways

Technology
EKKO: Paper based web connected objects & IoT

EKKO: Paper based web connected objects & IoT

Technology
IoT, M2M, architecture, protocols, Connected objects,

IoT, M2M, architecture, protocols, Connected objects,

Documents
Davra IoT Solution Smart Connected School Bus

Davra IoT Solution Smart Connected School Bus

Technology
Connected Things, IoT and 5G

Connected Things, IoT and 5G

Technology
IoTサブスクリプション・マーケットプレイス「IoT …...2021/01/13  · IoTサブスクリプション・マーケットプレイス「IoT SELECTION connected with

IoTサブスクリプション・マーケットプレイス「IoT …...2021/01/13  · IoTサブスクリプション・マーケットプレイス「IoT SELECTION connected with

Documents
IoT Connected Brewery

IoT Connected Brewery

Technology
IoT Smart Summit - Connected Health

IoT Smart Summit - Connected Health

Technology
IoT and Connected World in Traditional Business

IoT and Connected World in Traditional Business

Business
Summit @ HIMSS- IoT and Personal Connected Health

Summit @ HIMSS- IoT and Personal Connected Health

Healthcare
INTERNET OF THINGS AND CONNECTED DEVICES › wp-content › uploads › 2016 › 11 › ...INTERNET OF THINGS AND CONNECTED DEVICES Security IoT Testing IoT Agile IoT Comtrade Digital

INTERNET OF THINGS AND CONNECTED DEVICES › wp-content › uploads › 2016 › 11 › ...INTERNET OF THINGS AND CONNECTED DEVICES Security IoT Testing IoT Agile IoT Comtrade Digital

Documents
Building Connected IoT Gadgets with Particle.io & Azure

Building Connected IoT Gadgets with Particle.io & Azure

Technology
Through IoT, Japanese factories connected together

Through IoT, Japanese factories connected together

Documents
IoT – Connected Devices

IoT – Connected Devices

Documents
Davra IOT Platform - Connected Healthcare

Davra IOT Platform - Connected Healthcare

Technology
IoT testing and quality assurance indicthreads

IoT testing and quality assurance indicthreads

Software
Iot secure connected devices indicthreads

Iot secure connected devices indicthreads

Devices & Hardware