Memory could hold the key to IIoT security
Electronic Specifier Editor Joe Bush spoke to Kris Baxter of Micron Semiconductor Products about the crucial role that security will play in the Industrial Internet of Things (IIoT).
The world market for internet connected devices is predicted to meet 50 billion devices by the year 2025. The fastest growing segment in the IoT space is industrial, and connected devices in smart cities, transportation, manufacturing, smart grid and agriculture will see the industrial sector as the largest in the IoT by 2022 – larger than consumer, mobile and automotive.
The IIoT and Industry 4.0 will see a huge increase in smarter, connected devices. These devices will have to be able to communicate with each other so they will have to get smarter to the point where analytics are no longer happening in a central location. Because there will be a greater demand for real time decision making, a lot of analytics will take place towards the end node. However, the predicted 50 billion end point devices represent a huge security vulnerability at a time when DDOS (Distributed Denial of Service) incidents have become more commonplace.
Baxter commented: “DDOS attacks are picking up a lot of press attention and the key thing is that a lot of them are driven out of botnets - so I could hack into a camera or a device and using that IP address I could bombard a website, overload it and cause a DDOS.
“The best way to prevent that is to stop the hack from initiating in the device. As discussed there's a lot of end node devices and what hackers are doing is looking for the most vulnerable and easy place to get in. So they'll go and find a device with no security, hack into it, put malware in there and that malware turns it into a botnet.
“What we're seeing is a number of different places that are becoming the get in for the hackers, where they'll infiltrate the end node device and then start to perpetrate the malware.
“If you look at what's happening in the IoT space with the predicted 50 billion units, all of these devices will be connected and they all represent an increased risk - end points which have the potential for malware to be placed. Security has been talked about for a long time, set up in mobile phones and in PCs, but in that IT space you're talking about a very limited number of protocols for communications, and a limited number of operating systems – you’re really talking about an eco-system of just a few suppliers into that system. So if you can develop a secure solution that works with them, then you've captured the majority of that space.
“The issue on the IoT side is that you have different systems communicating in different ways, with no common protocol. There's a bunch of different hardware suppliers and operating systems that are working with the devices. So when you look at that environment it becomes very difficult to come up with a secure solution that works across the board. There's so many different variants and when you think about that exploding to 50 billion units, then it could cause a huge problem.
“The thing that we think is unique, is that in all of these elements, the common denominator is the memory – so if you can make the memory secure - if you can develop a solution that prevents someone from modifying the code that's in the memory – then you have one of the most secure solutions that you could possibly have. There can be other security elements that reside in the SoC and in the value chain, but if you can achieve security at the memory level it provides defence in depth, so we believe that there is a lot of value in making our memory more secure.”