Securing Sensor ICs in the Age of IoT
The time when a sensor needed only to sense is behind us. In the age of the Internet of Things sensors are part of a connected network. SRAM PUF technology can create a unique and unclonable identity for every sensor, providing the basis for strong authentication and encryption.
Hi everyone. I’m Vincent van der Leest, Director of Product Marketing. And welcome to another whiteboard video from Intrinsic ID. Today we will be talking about securing sensor ICs in the age of IoT.
Protecting sensors requires special consideration because they create the currency that is most valuable in the IoT – data. But being part of the IoT comes with many threats. This is because connected devices and sensors are very interesting attack subjects. The consequences of these attacks can be enormous, especially in applications that use a lot of sensors, like industrial IoT, smart cars and critical infrastructures. This is why data needs to be protected at all times. Planes have crashed because of incorrect sensor data. This happens through malfunctioning sensors, but also through hacked sensors.
Just imagine what can happen if an attacker can manipulate sensor data in power grids or in water supplies. This can cripple entire countries. The time that sensors only needed to sense is behind us. This is because they create value by capturing data, the currency of IoT.
Why Secure Sensors?
So why secure sensors? Well typically in IoT devices, it’s the microcontroller, the central processing chip, that is responsible for security. However, there are still plenty of reasons for sensor makers to also equip their sensor ICs with strong security.
The first one is actually physical security. So, contrary to devices that are locked away behind closed doors, sensor devices are typically deployed somewhere in the field, where attackers have physical access to them. If an attacker can make physical change to a device, the sensed data can already be compromised before it even reaches the microcontroller. Carrying forward with this corrupt information means your expensive cloud resources are crunching untrustworthy data.
The second reason is actually increasing the value and differentiation of the sensor. If sensor ICs can secure data from the moment it is created, this lowers the burden of security on other components in the device. This way, IoT devices can be made at a lower cost, which optimizes the value for the OEM.
And finally, protecting valuable IP. In many cases, sensors have processing algorithms that need to be protected from counterfeiting and theft. This is why these sensors, these algorithms, need to be bound to the hardware of the sensor.
All of this can be achieved with SRAM PUFs, and even at a low cost, which is very important to the cost-sensitive nature of sensors. SRAM PUFs are unique chip fingerprints derived from tiny variations in the chip’s silicon. From the unpredictable start-up behavior of SRAM memories, SRAM PUFs create unclonable device-unique keys that are used to protect the sensor and its data. To protect against physical attacks, the keys from SRAM PUFs are used to authenticate sensors and encrypt data. This prevents eavesdropping, altering, and injection of sensor data.
Sensor IP is protected from counterfeiting by using the keys, which cannot be copied from one device to the next, which binds the algorithms to the hardware of the sensor. SRAM PUFs can be added in hardware to the sensor IC, or run in software on the sensor’s processor, which makes the integration very flexible at any stage of design and deployment of the sensor.
With so much in the IoT relying on sensing, strong security from the moment data is captured is no longer optional.
Thank you all for watching, and look for more videos from Intrinsic ID.