IoT Security RESCURE: Security for the IoT Device Lifecycle
A Cost-Effective Way to Retrofit Security on IoT Devices
The RESCURE consortium, consisting of the companies Technikon and Intrinsic ID, along with the Eindhoven University of Technology (TU/e), was created to address the need for a security solution that spans the lifecycle of devices in the Internet of Things (IoT). The solution provided by the consortium resolves security vulnerabilities in this lifecycle using SRAM Physical Unclonable Function (PUF) technology in combination with state-of-the-art cryptography and security protocols.
RESCURE is a project funded by the EU and EUREKA programme Eurostars (Grant: E11897). RESCURE has had the goal to retrofit security on IoT devices in a low-cost manner. For this purpose, SRAM PUFs have been used, which are able to generate and securely store cryptographic keys, based on tiny variations in the silicon of chips. This way the keys are securely protected on the IoT device, without adding new hardware that would decrease flexibility and increasing cost.
Transcript
Welcome to this video of the Eurostars project RESCURE.
Our critical infrastructures are under attack! As more and more safety critical components of these systems are being connected to the internet, the risks of attacks that can cripple networks for energy and transportation are growing exponentially. New security vulnerabilities of deployed IoT devices are reported every day, for example in NIST’s National Vulnerability Database.
To deal with these threats, the RESCURE project was initiated. Its goal has been to enable security that can be retrofitted on existing IoT devices in a low-cost manner. For this purpose, cryptographic keys need to be generated and stored securely on devices. RESCURE has used SRAM PUFs, which are able to generate keys at runtime, based on tiny variations in the silicon of chips. These keys are never stored and never leave the device, which makes the solution very secure, without adding new hardware that would decrease flexibility and increase cost.
The prototype developed by RESCURE demonstrates two main security functions: secure over-the-air updates and end-to-end encryption. First, it runs an application that sends temperature measurements to our application backend via Amazon’s AWS cloud by using encrypted point-to-point TLS connections from device to cloud and from cloud to backend. This means that data gets decrypted and re-encrypted when travelling through AWS. This is not secure, because data will be available inside AWS without encryption. By running a secure over-the-air update, we will add an end-to-end encryption layer. This guarantees protection for our data at all intermediate steps in transit.
Now we can see how the prototype is implemented on this STM development board. First, Secure Boot verifies the integrity of the initial application that only uses a TLS connection. When approved the cryptographic keys required for the TLS connection are regenerated, after which the application starts sending temperature measurements to AWS.
In this window you can see that the data gets decrypted at arrival in AWS before it gets passed on with another TLS connection. Again, we don’t want this, so end-to-end encryption needs to be added.
To add this additional security layer, we run an over-the-air software update where cryptographic keys are used to validate that the new firmware comes from a trusted source.
Once the image has been verified and installed, the keys are generated again to connect the device to AWS. Now we see a change in how data is transmitted, as it also passes through AWS in encrypted form before it is decrypted in our backend.
This shows how easy it is to perform updates for patching security holes if your device can generate and securely store keys. With the RESCURE framework, this becomes a possibility on any common IoT platform, even without making any changes to the hardware.
Thank you for watching from all the partners of the RESCURE project!