New-Tech Europe Digital Magazine | Feb 2016

First page Previous page 42 Next page Last page

Establishing a Chain of Trust

Pascal Herczog, u-blox

E

to divide it into a number of trusted domains. By investigating the fundamental methods necessary to protect each domain, the following define the areas of potential attack; device firmware, communications to the server, interface security, enforcing API control and robustness that includes handling spoofing/ jamming. Ensuring that your device is executing the code it should be requires a secure boot method to be implemented. When booting the system, it is crucial that each stage is authenticated prior to booting the next set of processes. When reviewing firmware security you also need to be mindful of how it might be updated. For many physically

approved wireless modules, means that a more holistic approach to security needs to be considered. When we look at, for example, an IoT sensor using a microcontroller and a wireless module, it is necessary to establish a chain of trust, from the sensor to the host, via the wireless antenna to the end application. Building a secure solution requires a holistic viewpoint to take into account all the technical and operation aspects of the system components and is not only limited to the wireless communication. The application might also encompass and utilise GNSS positional data, which has its own security consideration. One potential approach to implementing the chain of trust is

verybody is talking about security these days. For the

embedded developer, getting the system running as the marketing specification stipulated and on time, used to be a challenge in itself. Today, the need to build security into every aspect of the design, whether it is a simple IoT sensor communicating with a server or a more sophisticated multicore application, requires thought and a careful appraisal of potential security attack points. In a perfect world, a design could be built from scratch with every functional block designed and developed within one team. However, the pressures of time-to-market and embracing a higher level of integration using, for example, pre-certified and type

42 l New-Tech Magazine Europe

Made with