IoT Security Technologies Forum: IoT Security an Urgent Concern
To address the security challenges in the era of internet of things (IoT), the NTU System-on-Chip Center organized the IoT Security Technologies Forum in Barry Lam Hall on September 13, 2017. In this forum, experts from both industry and academia gathered and shared their views and visions on the state of the art in IoT security, as well as how technologies can help secure future IoT.
Securing IoT is an extremely challenging task for many good reasons: to name a few, the scale and complexity of the networks, the diversity of the involved devices, as well as the sophisticated interplay and politics among its stakeholders, including governments, industries, and consumers. Our life will soon be immeasurably intertwined with IoT. The consequences of IoT security failures can be catastrophic, as have been demonstrated by a rapidly growing list of IoT security incidents. As a result, people have begun to recognize the importance and value of bringing the highest level of security to IoT.
However, software-only IoT security solutions have been shown to be insufficient. Software is malleable and hence cannot provide a solid foundation to bootstrap trust. We need hardware as a root of trust. Furthermore, hardware security issues such as theft of intellectual properties (IP), reverse engineering, as well as tampering and cloning, have already become a foremost challenge faced by numerous IoT manufacturers. How to mitigate these security threats in a cost-effective way will be a topic of vital prominence in the years to come.
In this forum, the System-on-Chip Center has invited several partners from industry, including ARM, Synopsys, IKV-Tech, Onward Security, and Nuvoton. Together with our faculty members from the Department of Electrical Engineering, the participants discussed a wide variety of issues and challenges on IoT security, as well as how to solve these problems from a technological viewpoint. For example, Ms. Suzie Nien (粘靜芳), Director of Sales and Business Development, ISG of ARM, presented ARM’s idea on how enterprises can relieve the pressure to unlock the value in IoT using the ARM Mbed IoT Platform. She also briefly touched upon various security issues during creation, deployment, and management of IoT systems.
Dr. Robert Li (李明哲), Country Manager of Synopsys in Taiwan, shared his vision of IoT security. He believed that the industry is evolving from stressing Quality of Result (Better), Time to Result (Sooner), and Cost of Result (Cheaper) to emphasizing Risk of Result (Safer), as the lack of security can put enterprises in great risks now that every “thing” is connected in the IoT era. He then demonstrated how enterprises can stay Safer with Synopsys’ ARC-based IoT solutions and Software Integrity Platform for IoT.
Mr. Albert Cheng (鄭嘉信), General Manager of IKV-Tech highlighted the significance of having a hardware root of trust in order to provide a high level of security to IoT. He shared his insightful analysis on how much security enterprises can expect for having different levels of hardware security against software vulnerabilities, external memory chip access, debug port implants, side channel attacks, fault injection, as well as chip-level reverse engineering. From a viewpoint of risk management, having the right level of protection at the right amount of cost is nevertheless an art, much like buying just enough insurance.
NTU Prof. Chen-Mou Cheng (鄭振牟) of Electrical Engineering, currently also Chief Cryptographer of IKV-Tech, then stressed the indispensable role played by cryptography in securing IoT. He illustrated his points using remote attestation technologies as an example. Without such capabilities, an IoT service would have no means to be sure that its devices in the field are still in a trustworthy state, let alone security at all, as these remote devices could easily have been hijacked or impersonated.
The forum concluded with a panel discussion with panelists from ARM, Synopsys, IKV-Tech, Onward Security, and Nuvoton, in which several participants expressed their concerns that Taiwan is still largely lagging behind when it comes to hardware security technologies and industries. On the other hand, as crises entail opportunities, the emergence of IoT will also be a great chance for us to catch up. It requires prodigious teamwork from industry, government, and academia, so we really should start working together—today!
(Source: Prof. Chen-Mou Cheng, NTU System-on-Chip Center)
Forum VIPs: (from left) Vice Chairman Chih-Chung Tsai (蔡志忠) of Himax Technologies; Senior Director Chi-Feng Wu (吳奇峰) of Realtek Semiconductor; Vice Chairman In-Shek Hsu (徐英士) of Nuvoton; Director Suzie Nien (粘靜芳) of Sales and Business Development, ISG of ARM; Country Manager Robert Li (李明哲) of Synopsys in Taiwan; Prof. and Director An-Yeu (Andy) Wu (吳安宇) of the Graduate Institute of Electronics Engineering (GIEE); TSMC Director Shih-Lien Lu (呂士濂); Technical Manager Li-Min Ling (凌立民) of the Microcontroller Application Business Group of Nuvoton; NTU GIEE Prof. Chen-Mou Cheng (鄭振牟); NTU GIEE Prof. Chee-Wee Liu (劉致為); NTU GIEE Prof. Tsung-Te Liu (劉宗德).