Security in the Internet of Things
Wind River, with Intel and McAfee, is driving the Internet of Things. With “things” – devices and systems – interconnected to provide enhanced services enabled by increased data and adaptive analytics, it’s clear that “security is paramount and failure is not an option.”
AJ Shipley, in his blog entry “European Utility Week 2013: Critical Infrastructure Security,” outlines a security strategy for the Internet of Things that allows system manufacturers “to more easily wrap their minds around how to proceed”: and that is to use “a security strategy that is the same strategy that has been used for the last 20 or 25 years in enterprise IT environments, but that takes into account the resource constraints, hard real-time requirements, functional safety and other mission-critical aspects of critical infrastructure.”
AJ goes on to say that Wind River has expertise in the “performance and reliability of critical infrastructure applications and IoT services.” And in an earlier blog entry this year, “Security Must be Built In…Or Else,” AJ’s point is clear from his very first words.
As two proof points of our expertise in building security into our products, Wind River has just released two new versions of the VxWorks MILS Platform: VxWorks MILS Platform 3.0.0.1 and VxWorks MILS Platform 3.0, Multi-core Edition. Both platforms utilize the software MILS architecture to provide applications from different domains, or at different security levels, to securely share the same hardware platform, enabling cost reductions through reduced size, weight, and power (SWaP) requirements.
VxWorks MILS Platform 3.0.0.1 is designed for unicore processor-based systems, and has available a comprehensive, security evaluation evidence package of documentation and artifacts that can be used by a manufacturer as their security-critical system undergoes a security evaluation. Once the system achieves its certification or authorization to operate, it can be deployed for the end users.
VxWorks MILS Platform 3.0, Multi-core Edition was foreshadowed by Paul Parkinson’s blog entry “The Advent of Multi-core MILS” from early this year. This new release enables manufacturers to design and build security-critical devices without sacrificing performance, by taking advantage of the processing power provided by the current multi-core processors.
These two releases enable Wind River’s customers to build security into their devices and systems, many of which will become part of the IoT. (Though the name “IoT” is singular, there are in reality a multitude of Internets of Things, accessing a multitude of different clouds over a multitude of different networks.) Some of these security-critical devices and systems will be used to secure national critical infrastructure (as I mentioned in my blog entry “Securing Critical Infrastructure with MILS”). Others could be as mundane as the heating system in your home.
Imagine a smart home furnace: it could collect data, for example, about hours in use, air temperatures when turned on and shut off, and airflow rates throughout the home’s ducts. It would send selected data back to the power service provider’s cloud for analysis, along with data from other consumers. Then, information could be sent back to both the furnace and to the home owner with historical usage charts, comparison to previous months’ and years’ of the homeowner’s usage as well as that of the neighborhood, suggestions for reducing heating costs, and preventive maintenance alerts, such as the need to replace the air filter, or to open ducts that have been closed to save energy, but which create undue back pressure.
To send and receive data, the IoT software on the smart furnace will need to connect to a network. This connection represents a potential attack vector, a way for malicious software to breach the smart furnace. Using MILS, the part of the furnace application that handles data communications over the network can be isolated from the applications that run and monitor the furnace. So even if malicious code defeats all the networking security, any damage it potentially causes will be limited to the networking aspect of the smart furnace. As a result, the furnace might lose its network connectivity, but it can’t be maliciously shut down or otherwise tampered with.
This is but one example of the benefit of designing security into devices and systems using MILS technology. The needs are many; the possibilities are limitless; and the technology is available today from Wind River.
For additional information from Wind River, visit us on Facebook.