Security coprocessor marks a new approach to provisioning for IoT edge devices

---

It’s worth noting that security breaches rarely involve breaking the encryption code; hackers mostly use techniques like spoofing to steal the ID.

---

The advent of security coprocessor that offloads the provisioning task from the main MCU or MPU is bringing new possibilities for the Internet of Things product developers to secure the edge device at lower cost and power points regardless of the scale.

Hardware engineers often like to say that there is now such thing as software security, and quote Apple that has all the money in the world and an army of software developers. The maker of the iPhone chose a secure element (SE)-based hardware solution while cobbling the Apple Pay mobile commerce service. Apparently, with a hardware solution, engineers have the ecosystem fully in control.

Security is the basic building block of the IoT bandwagon, and there is a lot of talk about securing the access points. So far, the security stack has largely been integrated into the MCUs and MPUs serving the IoT products. However, tasks like encryption and authentication take a lot of battery power — a precious commodity in the IoT world.

Atmel’s solution: a coprocessor that offloads security tasks from main MCU or MPU. The ATECC508A uses elliptic curve cryptography (ECC) capabilities to create secure hardware-based key storage for IoT markets such as home automation, industrial networking and medical. This CryptoAuthentication chip comes at a manageable cost — 50 cents for low volumes — and consumers very low power. Plus, it makes provisioning — the process of generating a security key — a viable option for small and mid-sized IoT product developers.

A New Approach to Provisioning

It’s worth noting that security breaches rarely involve breaking the encryption code; hackers mostly use techniques like spoofing to steal the ID. So, the focus of the ATECC508A crypto engine is the tasks such as key generation and authentication. The chip employs ECC math to ensure sign-verify authentication and subsequently the verification of the key agreement.

The IoT security — which includes the exchange of certificates and other trusted objects — is implemented at the edge node in two steps: provisioning and commissioning. Provisioning is the process of loading a unique private key and other certificates to provide identity to a device while commissioning allows the pre-provisioned device to join a network. Moreover, provisioning is carried out during the manufacturing or testing of a device and commissioning is performed later by the network service provider and end-user.

Presently, snooping threats are mostly countered through hardware security module (HSM), a mechanism to store, protect and manage keys, which requires a centralized database approach and entails significant upfront costs in infrastructure and logistics. On the other hand, the ATECC508A security coprocessor simplifies the deployment of secure IoT nodes through pre-provisioning with internally generated unique keys, associated certificates and certification-ready authentication.

It’s a new approach toward provisioning that not only prevents over-building, as done by the HSM-centric techniques, but also prevents cloning for the gray market. The key is controlled by a separate chip, like the ATECC508A coprocessor. Meaning, if there are 1,000 IoT systems to be built, there will be exactly 1,000 security coprocessors for them.

Certified-ID Security Platform

Back at ARM TechCon 2015, Atmel went one step ahead when it announced the availability of Certified-ID security platform for the IoT entry points like edge devices to acquire certified and trusted identities. This platform leverages internal key generation capabilities of the ATECC508A security coprocessor to deliver distributed key provisioning for any device joining the IoT network. That way it enables a decentralized secure key generation and eliminates the upfront cost of building the provisioning infrastructure for IoT setups being deployed at smaller scales.

Atmel, a pioneer in Trusted Platform Module (TPM)-based secure microcontrollers, is now working with cloud service providers like Proximetry and Exosite to turn its ATECC508A coprocessor-based Certified-ID platform into an IoT edge node-to-cloud turnkey security solution. TPM chips, which have roots in the computer industry, aren’t well-positioned to meet the cost demands of low-price IoT edge devices.

Additionally, the company has announced the availability of two provisioning toolkits for low volume IoT systems. The AT88CKECCROOT toolkit is a ‘master template’ that creates and manages certificate root of trust in any IoT ecosystem. On the other hand, AT88CKECCSIGNER is a production kit that allows designers and manufacturers to generate tamper-resistant keys and security certifications in their IoT applications.

The CANBus Triple is like an Arduino for your car

According to Maker Derek Kuschel, there is a massive pool of hidden data flowing around within a car’s computer units. In an effort to display this data, Derek recently launched a successful Kickstarter campaign for a device that taps into these binary riches. If you’re someone who enjoys tinkering with their vehicle, you’ll certainly be interested in his new car hacking platform, the CANBus Triple.

CANBus Triple has been developed in hopes of providing an Arduino-style device for cars that can be used to bus data and add awesome functionality to your vehicle.

The Controller Area Network (CAN) is a message-based protocol found in modern automobiles, which carries significant amounts of data all around your vehicle while you drive, with much of it being unavailable to the average driver. In fcat, . Atmel offers a wide range of solutions for CAN networking, including AVR 8-bit RISC microcontrollers and transceivers.

However, it didn’t sit well with Derek that this much data was going to waste; therefore, through a series of three prototypes, he finally developed a system to display this sought after automobile information.

“The CAN Bus Triple gives you an easy way to read and write raw CAN data packets, and perform operations with that data easily,” the Maker elaborates. Using an Atmel ATmega32u4 MCU, the device can read and analyze numerous data sets that are traditionally hidden within the vehicle’s inner workings.

You can use the CANBus Triple to simply watch all the data on your CAN Bus, or send your own packets out to the network. “Simply attaching the two CAN High and Low lines it’s all you need to send and receive raw CAN data packets,” its Kickstarter page explains. “The real fun comes in when you physically cut the CAN Bus and use the CANBus Triple to read and augment the packets. Each packet is read and processed, then optionally sent back out and your car doesn’t know the difference.”

As Derek points out, using this method, one can listen for all of the hidden data on the bus and send it over Bluteooth LE, or even send out your own packets to an in-dash OEM display as shown below on a Mazdaspeed3.

Given the open-source nature of his project, Derek has provided fellow Makers with the coding and schematics needed to produce their own software for the CAN Bus Triple platform as he envisions his project as “a toolkit for adding to and augmenting your vehicle.”

Both the ATmega program and Bluetooth firmware are flashable without any additional hardware, the Maker explains. “You can add functionality to the Bluetooth module and upload the firmware over USB!” Now, add in the fact that the Triple is compatible with the Arduino IDE and can run on multiple mobile platforms, and any mechanic Maker should be ready to rev their engines!

Derek is currently beta testing his machine in a variety of cars. He has used the device in his Mazdaspeed 3 for over two years without a single issue. Next up will be large-scale production, and shortly thereafter hopefully customer distribution by the end of the year.

The open-source car hacking platform garnered just shy of $68,000 in pledges, tripling its original goal of $18,000. For more information about Derek’s project or how you could obtain your own unit, head over to his Kickstarter page.

Hacker group sets out to improve vehicle security

Forget about car jacking, car hacking is now at the center of all the buzz. A grassroots security movement called “I am the Cavalry” recently introduced a cyber safety program to facilitate collaboration between researchers and car makers as vehicles become increasingly connected. Last Friday, the group presented an open letter to the heads of today’s leading automotive companies challenging them to acknowledge growing cybersecurity concerns that impact vehicle safety. In a detailed description of its “Five Star Automotive Cyber Safety Program,” I am The Cavalry outlined five critical capabilities that participating companies should demonstrate within their organization to improve security:

1. Safety by DesignVALUE: We take public safety seriously in our design, development, and testing.

   PROOF: As such, we have published an attestation of our secure software development lifecycle, summarizing our design, development, and adversarial resilience testing programs for our products and our supply chain.

2. Third-Party CollaborationVALUE: We recognize that our programs will not find all flaws.

   PROOF: As such, we have a published coordinated disclosure policy inviting the assistance of third-party researchers acting in good faith.

3. Evidence CaptureVALUE: We want to learn from failures and enable continuous improvement. PROOF: As such, our systems provide tamper evident, forensically sound logging and evidence capture to facilitate safety investigations.
4. Security UpdatesVALUE: We recognize the need to address newly discovered safety issues.

   PROOF: As such, our systems can be securely updated in a prompt and agile manner.

5. Segmentation & IsolationVALUE: We believe a compromise of non-critical systems (like entertainment) should never adversely affect critical/physical systems (like braking).

   PROOF: As such, we have published an attestation of the physical/logical isolation and layered defense measures we have implemented

“Modern cars are computers on wheels and are increasingly connected and controlled by software. Dependence on technology in vehicles has grown faster than effective means to secure it. Security researchers have demonstrated vulnerability to accidents and adversaries over more than a decade,” the group writes on its website.

It appears that some have grown tired of the same-old hacking of computers, email, websites and networks, and have elected to try a moving target instead; subsequently, with the emergence of connected vehicles comes numerous car hacking opportunities.

In its open letter, I am The Cavalry referenced vehicle-to-vehicle (V2V) communication, automated traffic flow, remote control functions and driverless cars as just some of the evolving technologies making their way to the public. “We don’t need to wait for bad things [to happen] before starting to take safety into our design [considerations]. It takes a very long time to develop technologies and get them in the market. What we start today may not manifest for several years,” Joshua Corman, I am The Cavalry Co-Founder and CTO of Sonatype, told SCMagazine. 

(Source: Seth Rosenblatt/CNET)

A Change.org petition has also been set up, encouraging the car industry to urgently address security concerns. “When the technology we depend on affects public safety and human life, it commands our utmost attention and diligence. Our cars command this level of care. Each and every day, we entrust our lives and the lives of those we love to our automobiles.”

“The goal of our outreach effort here is to catalyze greater teamwork between security researchers and the automotive industry. Our combined expertise is required to ensure that the safety issues introduced by computer technologies are treated with the same diligence as other classes of automotive safety issues.”

Researchers have revealed that high-end cars have several computers to control brakes, acceleration, cruise control and self-parking. As a result, attackers have to find a way to exploit a system and then use that vulnerability to send a command to the electronic control unit. These flaws are a problem because it’s hard to patch a car. As VentureBeat notes, “Tesla has a lot of security in place, and it also has a vulnerability disclosure system. Most car makers seem unprepared for hackers because they’re not yet used to the idea of hackable electronic systems. The tire pressure monitoring system, for instance, is hackable. But the risks related to it are small.” As car makers add more computing power and communications to their cars, they become bigger targets. Tesla vehicles rely heavily on sophisticated software and electronics. Founder Elon Musk has even offered a $10,000 reward for a successful hacking of the Tesla Model S vehicle.

A study released at Black Hat 2014 by security researchers Chris Valasek and Charlie Miller also explored the “hackability” of 24 different car models. Among the “most hackable” include 2014 Jeep Cherokee, 2015 Cadillac Escalade and 2014 Infiniti Q50) while some of the notable “least hackable” include 2014 Dodge/SRT Viper, 2014 Audi A8, and 2014 Honda Accord.