www.design-reuse-embedded.com
Find Top SoC Solutions
for AI, Automotive, IoT, Security, Audio & Video...

Checking boxes is not a panacea for IoT security

Rambus blog, Jan. 07, 2015 – 

Recently, Semiconductor Engineering interviewed Paul Kocher, president and chief scientist of the Rambus Cryptography Research division, about various security risks associated with the rapidly evolving Internet of Things (IoT).

In part one of the interview, Kocher told the publication that the industry is still more concerned with making a chip work than securing it.

"[This] approach at some point has to change, but the question is how bad does it have to get before people really care," he explained.

As Kocher notes in part two, numerous airline companies actively collaborated during the early days of aviation by asking the government to regulate critical safety issues.

"People were dying and it was keeping the public away from airplanes, so even if an airline was doing a good job these issues made everyone look bad," he said. "There is a possibility that someday we'll end up with connected devices being highly regulated. I dread that, but I don't see any other long-term solution because [certain] marketing messages are completely uncorrelated to technical reality."

More specifically, says Kocher, there are companies that will routinely "check a box" to expedite the process of launching a new product.

"They want the least intrusive, least comprehensive evaluation possible," he continued. "And then there are companies that have been hacked that want to understand their risk and mitigate it. If you get check boxes without teeth behind the consequences, it doesn't help. If you can get liability and skin in the game for companies that control the risk, it would be transformative."

As Kocher points out, there are a number of secure (containment) solutions that are beginning to appear on the market, including NXP chips.

"What happens in your processor is going to be independent of another chip, so it's going to be decoupled even if the processor fails," he explained. "The Crypto Manager cores [built by the Rambus Cryptography Research division] function within a chip as a separate security perimeter."

Kocher also emphasized that some of the most frightening security threats involve people with modest resources who hire someone like a college undergraduate to find a bug.


Click here to read more...

 Back

Partner with us

List your Products

Suppliers, list and add your products for free.

More about D&R Privacy Policy

© 2024 Design And Reuse

All Rights Reserved.

No portion of this site may be copied, retransmitted, reposted, duplicated or otherwise used without the express written permission of Design And Reuse.