Let Security Redefine IoT Product Design

Due to the rapid development of the Internet of Things (IoT), data security issues have become increasingly prominent. According to relevant data, nearly 70% of the existing connected devices are vulnerable to cyber attacks, resulting in data loss or theft. This figure undoubtedly makes us feel scary, and it also allows us to raise the issue of Internet of Things data security. On the agenda.

The holistic vision of the Internet of Things hidden high-risk Internet of Things is to make everything on the Earth smarter and able to communicate with each other. Imagine that when a car breaks down, it automatically tells you which component has a problem. When the building automatically prompts you which part needs reinforcement and maintenance, what kind of spectacular scene will the world be?

Behind the beautiful scene, there is a potential security crisis. The Stuxnet attack that occurred in 2011 eventually resulted in the destruction of the centrifuge and the destruction of the core processing capacity of the entire facility. The control system that was under attack caused the centrifuge to deviate slightly from the allowable parameters, but the report showed that everything was normal and no failures were reported until the centrifuge was damaged.

In view of this, the urgent need for security of the Internet of Things.

Internet of Things Awareness Layer WSN Security Technology Analysis As one of the indispensable systems of the Internet of Things, strengthening the security of the WSN is also one of the indispensable tasks. The following analysis of several WSN security technology applications for everyone.

(1) Key management Key management is the core of information security technology, and it is also the core of WSN security technology. There are four types of key management protocols: simple key distribution protocols, dynamic key management protocols, key pre-distribution protocols, and hierarchical key management protocols.

In a simple key distribution protocol, all nodes use the same key, the sender uses this key to encrypt, and the receiver also uses this key to decrypt. This type of key distribution protocol occupies very little memory and obviously its security is also the worst. Therefore, this protocol is rarely used in WSN technology.

In the dynamic key management protocol, the key of the node is periodically replaced according to the needs of the user to form a dynamic key management method. This key distribution protocol can effectively ensure the security of the network.

In key pre-distribution protocols, network nodes are assigned a set of keys before deployment. After the node is deployed, the sensor node establishes the node shared key and redistributes the key. This key distribution protocol can also effectively guarantee the security of the network.

In the layered key management protocol, the LEAP protocol is adopted, which is a typical definite key management protocol. Various key mechanisms are used to jointly maintain the security of the network. In each node, four keys are assigned, which are the pre-distributed base station separately shared identity key, the pre-distributed intra-network node shared key group, the neighbor node shared neighbor key and the cluster head shared Cluster head key. This type of key distribution protocol provides the most effective and secure protection.

WSN key management methods can be classified into two types: symmetric key encryption and asymmetric key encryption. Symmetric key encryption is characterized by the fact that both parties to the communication use the same key, the sender uses this key for encryption, and the receiver uses this key for decryption. This kind of key encryption technology has a short key length, relatively low computational, communication, and storage costs and is applicable to WSNs. Therefore, it is the mainstream method of WSN key management. Asymmetric key encryption refers to the use of different encryption and decryption keys for nodes. Due to the high requirements for node's computing, storage, and communication capabilities, it has been considered to be unsuitable for WSN. However, recent studies have shown that asymmetric key encryption can be applied to WSN after optimization. From the perspective of information security, the security of asymmetric key systems will be far higher than that of symmetric key systems.

In order to solve the physical destruction problem of WSN nodes, tamper-resistant devices can be used in the nodes to add a layer of protection for the node protection. A physical damage perception mechanism can be added to give early warning of physical damage. In addition, a lightweight symmetric encryption algorithm can be used to encrypt and store some sensitive information to protect the security of information.

For example, ST introduced the STM32W MCU family, which is based on the IEEE 802.15.4 SoC, ARM Cortex-M3 24MHz processor, built-in 64 ~ 128KB flash memory, and 8K SRAM. Support ZigBee and 6LoWPAN agreement, and AES -128 hardware encryption function to protect data transmission security.

(2) The special architecture of the secure routing IoT makes it more demanding for route safety. Therefore, a proper secure routing protocol should be adopted according to the needs of different applications of the Internet of Things to ensure that data can safely pass from one node to another. At the same time, node resources should be consumed as little as possible to ensure efficient operation of the nodes. In the IoT secure routing technology, the SPINS security framework protocol is adopted, which includes two parts: the SNEP protocol and the μTESLA protocol. The SNEP protocol is used to implement the confidentiality, integrity, and point authentication of the communication; and the μTESLA protocol is used to implement the point. Multipoint broadcast authentication. The SPINS security framework protocol effectively guarantees the security of the Internet of Things routing. However, the SPINS protocol is only a framework protocol, and does not indicate the specific algorithms for implementing various security mechanisms. Therefore, in the specific application, the implementation of many SPINS protocols should also be considered.

(3) The node authentication node authentication can prevent unauthorized users from accessing the nodes and data of the perception layer of the Internet of Things, effectively guaranteeing the information security of the sensing layer. At present, the main node authentication technologies in the sensor network include: authentication methods based on lightweight public key algorithms, authentication methods based on pre-shared keys, authentication methods based on random key pre-distribution, and authentication methods based on single hash functions. When deploying nodes, full consideration should be given to the specific application requirements and the actual capabilities of the nodes, and corresponding authentication mechanisms should be adopted.

(4) Access control Access to information resources in the network must be established under the premise of orderly access control. For different visitors, their operation rights should be stipulated, such as whether they are readable, writable, and whether modification is allowed. Centralize management of all information resources in the WSN to ensure secure access to information resources.

Such as Silicon Labs launch Ember ZigBee development tools, then use EM35x series SoC. Its EM351/EM357 high-performance series, built-in 32-bit ARM Cortex-M3 processor, operating clock frequency is 6,12,24MHz, including 128~192KB Flash memory, with read protection, security monitoring, 12KB RAM, and AES-128 hardware encryption. Suitable for smart energy harvesting, building or home automation control, and WSN applications.

(5) Intrusion Detection Intrusion detection is a network security technology that actively protects the system from attacks. It intercepts and collects information at several key nodes of the network and analyzes them to identify problems and timely blocks the Tracking, monitoring the behavior of nodes in the network, and discovering suspicious behavior in a timely manner. Nodes in the Internet of Things are widely distributed and relatively weak in security. Therefore, distributed intrusion detection mechanisms should be adopted.

The information security measures of the Internet of Things (IoT) are taken as the largest group of IoT users. Enterprises should not be limited to applications. They should also strengthen measures in information security. The following is a brief introduction to the related countermeasures for enterprise data security. There are ways to strengthen the backbone of the Internet of Things - machine-to-machine (M2M) communication security. Engineers can also fully protect M2M devices by integrating passive, active, and reactive security measures.

Passive security methods such as tamper-resistant mechanisms can also be used to easily prevent signal interception and block cybercriminals from performing simple "black box" analysis of the device;

Active security processes, such as encryption based on transport-layer security and certificate-based authentication, can increase the difficulty of cracking the device, thus preventing potential criminal attacks;

Reactive security measures can detect unauthorized intrusions and minimize the impact of the attacks. These security combinations can protect the system from a wide range of issues, including information, data forgery and device impersonation.

To better realize the potential of the Internet of Things, these are the most effective ways to build security for every IoT device.

Conclusion: The development and application of the Internet of Things is deeply dependent on security. As long as the security issues are reasonably solved, will the Internet of Things era be far behind?