(Source: Immersion Imagery/Shutterstock.com)
In a marketplace where 26 billion Internet of Things (IoT) devices are expected to go live by 2020 (Gartner), it is critical to secure the enormous amount of data that these devices would generate. Transmitting data to and from the cloud involves many intermediate hops that increase latency. As such, the cloud can’t exclusively secure end-to-end IoT architectures. Designing security intelligence closer to IoT devices is a more meaningful solution for many reasons.
In most IoT architectures, an edge gateway is where the bulk of the ingress and egress data are processed (Figure 1). A gateway aggregates data over various network segments, which might be running Wi-Fi, Bluetooth®, Sigfox, cellular, or Ethernet. This mix of protocols adds to the attack surface, but the importance of securing this point-of-data ingestion and aggregation is significant. Real-time security analysis, filtering, and processing of security data at the edge gateway improve the security posture of traffic flows on premises as well as from and to the cloud.
The sheer scale of the IoT helps threats evolve rapidly. IoT gateways often have direct peer-to-peer connections with on-premises devices (similar to the broker in a Message Queuing Telemetry Transport network). In the event of an attack, the proximity of security-hardened gateways provides a rapid response for controlling and minimizing damage to enterprise assets.
Figure 1: Edge gateway diagram (Source: Texas Instruments)
Another advantage of IoT gateway security is that it helps reduce a network’s attack surface. When the gateway handles the bulk of the edge analytics and computing, IoT traffic has to traverse fewer hops, which reduces the risk of unauthorized access and man-in-the-middle attacks.
Industry 4.0 use cases involve legacy networks, protocols (e.g., Modbus), and devices that are connected to industrial IoT infrastructure through gateways. Open connectivity exposes legacy equipment to new threats that they were never designed to encounter. In such scenarios, the only option is to integrate security features in the IoT gateway, which acts as a security proxy for the legacy equipment it connects.
IoT gateways also act as security agents for resource-constrained IoT devices, sensors, and actuators that lack the CPU horsepower, battery life, and storage to handle complex cryptographic security functions such as secured access, authentication, and encryption.
On virtualized platforms on which multiple virtual devices run on a hypervisor, the virtual gateway instance can act as the trust anchor for the entire hardware platform. It can execute various trust functions, such as mutual authentication, certificate-based access control, remote boot, update attestation, firewalling, and deep packet inspection. The software-based security functions are isolated from each individual virtual machine’s guest operating system. This configuration is analogous to deploying a security gateway inside the device rather than in front of it.
Considering these use cases, an IoT gateway must always be designed to secure threat-prone IoT architectures. IoT gateway security has two aspects.
In IoT environments, both the devices and the gateway are prone to various threat vectors, including spoofing, denial-of-service, hardware or software tampering, data theft, and elevation of privilege. Considering the intended use cases where the gateway would be deployed, you can use various threat-modeling techniques to identify the security controls to be implemented in the gateway to protect IoT devices. For example, when an IoT gateway acts as a security proxy for legacy networks and devices, it can implement firewalls (hardware-based or software-defined), rule-based traffic filtering, and whitelisting.
It’s important to note that these security features are designed to protect devices connected to the gateway; unless the gateway itself is secured, all accompanying security technologies would become useless if the gateways were compromised. To secure the gateway, it must be designed with endpoint security controls.
The gateway needs a root of trust to identify itself on the network before it can participate in data exchange. A gateway can be designed as a trust anchor and equipped with key-based access control to grant access to authorized users and devices only. To protect the secrets (keys and certificates), secured storage or vaults can be implemented.
Often, gateways are exposed to extreme outdoor environments. Tamper-resistant hardware can protect them from physical damage.
Over-the-air updates ensure that the gateway is running the latest software and firmware free from common vulnerabilities and exposures. Secure boot enables the gateway to boot firmware images whose integrity and authenticity have been cryptographically verified. This precaution prevents booting the gateway with malicious firmware.
Fine-grained event logging provides sufficient visibility into the processes running in the gateway, which is useful for security audits and also automates threat detection and troubleshooting. In IoT environments, where accessibility could be constrained, it’s more practical to automate threat detection by using machine learning or artificial intelligence. Machine learning enables us to identify behavioral baselines and can detect or even prevent anomalies.
Sravani Bhattacharjee has been a Data Communications technologist for over 20 years. She is the author of “Practical Industrial IoT Security,” the first released book on Industrial IoT security. As a technology leader at Cisco till 2014, Sravani led the architectural planning and product roadmap of several Enterprise Cloud/Datacenter solutions. As the principal of Irecamedia.com, Sravani currently collaborates with Industrial IoT innovators to drive awareness and business decisions by producing a variety of editorial and technical marketing content. Sravani has a Master's degree in Electronics Engineering. She is a member of the IEEE IoT Chapter, a writer, and a speaker.
Privacy Centre |
Terms and Conditions
Copyright ©2021 Mouser Electronics, Inc.
Mouser® and Mouser Electronics® are trademarks of Mouser Electronics, Inc. in the U.S. and/or other countries.
All other trademarks are the property of their respective owners.
Corporate headquarters and logistics centre in Mansfield, Texas USA.