Security for the Internet of Things (IoT) covers a wide range of issues because there are so many components that contribute to an IoT system. These include connected devices, gateways, platforms to manage IoT deployments and data-consuming endpoints in the form of applications and visualisation displays. The task of collecting and communicating data between these elements using an array of proprietary and standardized data protocols illustrates the permutations and complexity of IoT systems.
As a consequence, the issue of IoT security is not as straightforward as encrypting the transmission of data between a sensor and an application. Deployed IoT systems are much more complex. Many involve large numbers of connected devices and sensors. Communications paths might involve multiple hopes via intermediate gateways, for example.
Beyond the technical level, there are operational issues of remotely managing field devices in a secure manner. There may also be requirements to integrate equipment supplied by different vendors and their chosen technology protocols.
Three issues define IoT security
When thinking about solutions for IoT security, it is important to work back from three key issues. The first is the proliferation of connection standards, device operating systems and, use cases. Security has to work across a large number of permutations. As a result, IoT users need a standardized and systems-based approach which forms the basis for efficient mixing-and-matching.
Secondly, designers must work on the basis that IoT devices and applications will operate as unattended applications. This calls for a different mindset to working with human users in the loop, as is common in telephony and many enterprise IT systems, for example. In the IoT scenario, this involves designing security from the outset and automating many security functions that might usually be carried out through human intervention.
Finally, IoT devices generally operate with long service lifecycles. In addition, there may be limited scope for access or physical replacement. In contrast, user expectations move as fast as the consumer market. Security therefore needs to bridge these timing differences. This requires life-cycle management and cost-efficient security management tools which are more likely to result from standardization.
Building on a Coherent Architecture for IoT Systems
The challenge of designing effective security solutions for IoT systems has to be situated in the context of a generalized architecture that captures as many use-cases as possible. With this goal in mind, the oneM2M Partnership Project embarked on a goal of defining the standard for IoT systems in 2012.This was done with the support of several, national standardization bodies that sought to avoid regional variations and promote a global IoT market on a par with the cellular industry.
Through an analysis of multiple IoT use-cases across different industry verticals, research and commercial representatives identified the elements of a distributed architecture and a set of common services functions involved in deploying IoT systems. In its most basic form, oneM2M’s horizontal architecture has three layers. The lower layer corresponds to devices and communications technologies. The upper layer corresponds to applications that use data from IoT devices and sensors to identify operational trends for decision-making and control interventions. A set of technical specifications in the scope of oneM2M standards constitute a middleware capability between the upper and lower layers.
The middleware arrangement creates an abstraction layer that masks the underlying technical complexities of connecting applications to sources of data. It allows one or more data sets to be used by several applications, even where these are supported on different platforms, thanks to oneM2M’s support for distributed and federated architectures.
One way to understand the middleware capability is as a toolkit of common service functions. These are functions that all IoT entities rely upon. An example is the Registration function which provides a single registration point to establish the authorization and authentication relationships between different device, gateway, platform, and application entities in an IoT solution. Another common service function is Security.
oneM2M’s IoT Security Roadmap
oneM2M began to look at new requirements for IoT security well before the market caught on to these issues. Early work began in 2008, on remote provisioning for machine type devices, in 3GPP SA3. oneM2M took the early ideas into normative specification work. oneM2M’s certificate-based credentials are now a fundamental part of the GSMA’s eSIM specifications and solve the requirements for SIM-based credentials.
From a broader context, onM2M addresses the many facets of IoT security in a logical sequence through its standardisation roadmap. oneM2M Release 1 provided basic security features in the form of a common service function (CSF) that any IoT device or application entity can call upon. The capabilities within this security CSF ensure that only legitimate applications can access resources, but also that applications can confirm that the requested resources are legitimate (i.e., Mutual Authentication). Also included were pre-provisioned features (i.e., Access Control Lists) to restrict access based on specific criteria, such as an authenticated identity, location, and time of day among others (i.e., Authorisation).
The design of cellular IoT systems ensures the confidentiality and protects the integrity of communications involving set-up and content messages. However, these protections are terminated and re-enabled at each node in the communication path (hop by hop). An end-to-end security framework requires all these nodes to be trusted so that they do not modify or leak the information being relayed. As deployments grow in size and complexity, however, it becomes impossible to predict what access will be required and who and what to trust. For this reason, Release 2 added features to dynamically add and withdraw authorisation using tokens. Release 2 also added end-to-end encrypted set-up messages and message content, so that intermediate nodes in the path do not need to be trusted.
While the focus of oneM2M is on machine and IoT communication without the involvement of any human users, it is of course for their ultimate benefit. Releases 3 and 4 add features for identifying and authorising such users, but at the same time including features to protect their privacy as required by local regulations, such as GDPR (Europe) and PIPA (Korea).
Enabling the Market for IoT Security
In parallel with standardizing a family of security capabilities for IoT systems, oneM2M is transposing its security specification into an ITU-T SG20 Y series for M2M Security and Privacy protection. ITU standards are referenced by many countries, government states and corporations. The collaboration between oneM2M and the ITU is therefore very important for establishing common standards that benefit the widest community of users across the world, as happened with mobile communications.
At the ground roots level, it is very important for developer to incorporate security in the fabric of their projects and products as early as possible. Sometimes, competition or other industry factors puts pressure on projects to launch as quickly as possible. Some stakeholders may view intensive security measures as a potential business blocker so urge them to take time to make sure that all security checks and mandatory security processes are completed. However, security is not a tick-box exercise. It is important to spend the right amount of time and allocate a budget for security in order to discover potential risks and vulnerabilities in a design or an implementation before external sources do. It is much easier to deal with security problems early on, rather than let problems happen and deal with the issue retrospectively. It also avoids problems in dealing with the consequences of security breaches which may negatively affect a business and its brand. Security is no longer a luxury; it is a necessity.
oneM2M is the global standards initiative that covers requirements, architecture, API specifications, security solutions and interoperability for Machine-to-Machine and IoT technologies. oneM2M was formed in 2012 and consists of eight of the world’s preeminent standards development organizations: ARIB (Japan), ATIS (U.S.), CCSA (China), ETSI (Europe), TIA (U.S.), TSDSI (India), TTA (Korea), and TTC (Japan), together with industry fora and consortia (GlobalPlatform) and over 200 member organizations. oneM2M specifications provide a framework to support applications and services such as the smart grid, connected car, home automation, public safety, and health. oneM2M actively encourages industry associations and forums with specific application requirements to participate in oneM2M, in order to ensure that the solutions developed support their specific needs. For more information, including how to join and participate in oneM2M, see: www.onem2m.org.
Rana Kamill a Security Consultant in BT’s Security Consultancy team, providing consultancy across all of BT’s Customer Facing Units. She represents BT in oneM2M and is involved in activities to share information about oneM2M. This includes a current initiative with the ITU-T to transpose of oneM2M’s technical specification for security solutions into an ITU-Y series Recommendation.