November 2, 2016
|By: Scott Jones
Executive Director, Embedded Security, Maxim Integrated
The good news is that today's components and software make possible extremely sophisticated, small, low-power, and low-cost products that address and solve diverse problems. But that's also the bad news, at least for the design team.
Why? Today's lean teams are charged with developing, prototyping, debugging, and validating the product with ever-shorter design cycles, yet with fewer resources. It can get intense and maybe even a little ugly.
Think back a little: not that long ago, a sensor-related product had the sensor (of course), an analog front end for signal conditioning, and an A/D converter, plus software to manage these functions and make these blocks work together. There might also be some basic data-analysis routines and perhaps a modest wired/wireless link to "elsewhere."
But now we're a decade and a half into the 21st century and we have the cloud, and the internet, plus the luring presence of hackers/spoofers in the mix, requiring securing the data from attacks over the data links, or at the cloud. The massive cyberattack that struck on Oct. 21, taking down sites including Twitter, Etsy, Spotify, and Netflix, is just the latest example of why security—and how it is implemented—should always be a key design consideration.
But how do you know that the basic sensor data is secure? What's to prevent a hacker from implanting invalid data into the stream or inside the front end, and causing all sorts of havoc (such hacking can take many forms: look at GPS hacking, which makes you think you are somewhere other than where you are: "Protecting GPS From Spoofers Is Critical to the Future of Navigation").
Protecting the data from sensor to the web server is a major challenge. It calls for an even more varied set of engineering skills than those needed for data acquisition, digitization, and connectivity. Even if the team can do this, there are major issues of validating the security and meeting complex standards. Sure, they can buy the needed software as separate entities, and then spend time trying to integrate them when modules don't link with each other, or try to get the third-party vendors to resolve the problems.
That's the bad news, but there is good news. Vendors of analog and mixed-signal components know that it's not enough to provide only these ICs and basic reference designs. Instead, they have to go far beyond hardware and basic software drivers, and take their offerings to the next level.
An illustrative example is the MAXREFDES143#, an Internet of Things (IoT) embedded security reference design, which is built to protect an industrial sensing node by using authentication and notification between the sensor and a web server. The hardware includes a module that acts as a protected sensor node monitoring operating temperature (the most commonly measured real-world parameter) as well as the remaining life of a filter (here, simulated by using sensing of ambient light); users can substitute their own sensors, of course, such as for vibration or pressure. The reference design also has an "mbed shield" representing a controller node responsible for monitoring one or more sensor nodes.
The design is thorough and hierarchical, with each controller node transferring data from connected sensor nodes to a web server that maintains a centralized log and dispatches notifications as necessary. This design enables rapid integration within a star-topology IoT network, along with security set by the SHA-256 symmetric-key algorithm. The high level of security is further enhanced as there is no need for storage of the secure key in the processor memory.
This is not a trivial or partial reference design (see Diagram). The protected sensor node contains a DS28E15 authenticator, a DS7505 temperature sensor, and a MAX44009 light sensor. Its mbed shield includes a Wi-Fi module, a DS2465 coprocessor with 1-Wire® master function, an LCD, LEDs, and pushbuttons. The mbed shield communicates to a web server via the onboard Wi-Fi module and to the protected sensor node via I2C and 1-Wire interfaces, connecting to an mbed board such as the MAX32600MBED# or an Arduino form factor platform.
Implementing this design with authentication of IoT device nodes, along with data authentication at all levels from sensor node to web server, and the ability to invalidate unsafe industrial sensor nodes is a major undertaking. It would take expertise related to sensors, sensor interfaces, and data-acquisition systems. No doubt about it: doing all this on your own is an ambitious project, while the MAXREFDES143# makes it a relatively painless one.