The everyday lives of countless people and organizations are becoming ever more closely linked to the intensive use of digital communication and information systems. A complete failure of this technology would be a catastrophe. Even a few disrupted partial functions can cause major damage. However, new digital applications are being developed and brought to market by providers in ever shorter timeframes in order to withstand the immense competitive pressure in the IoT world and meet increasingly demanding customer requirements. Automated remote update solutions - over-the-air updates (OTA) - are used to eliminate identified vulnerabilities and distribute subsequent enhancements. However, primarily function-centered innovations and OTA updates create new vulnerabilities that cyber attackers can exploit.

Update attacks

The supply chains of IT systems also include OTA update applications, such as those known from PCs, notebooks and smartphones. The situation is no different for many IoT devices. However, software supply chains are now also a target. Such supply chain attacks are not new. Decades ago, government services began intercepting communication systems and computers in transit in order to manipulate the hardware and software components. This allowed unauthorized access to these devices during subsequent operation. Routine service work on site, which is used for such manipulations, also falls into the category of supply chain attacks. However, such attack methods are not only used by government services. Organized crime has also used supply chain attacks to manipulate cash and gaming machines or to tap into and resell confidential company data.

Due to technological progress, however, attackers no longer have to open the packaging and housing of the components to be manipulated or even gain physical access to the devices. Instead, they simply hack into the supply chains for software updates and ensure that manipulated firmware is imported into the respective target systems. As a result, the attacks have a much greater reach than the manipulative intervention in individual cases, as can be seen in Figure 1.

The SolarWinds Orion hack, which used manipulated software updates to install a backdoor, caused quite a stir in 2021. SolarWinds provides a very popular and widely used network performance monitor that is used as a management and monitoring tool for local, hybrid and cloud services. The product is used by very large companies (e.g. 425 companies in the US Fortune 500) and government organizations. Various components can be integrated; practically everything that needs to be monitored in a network - routers, switches, servers. Global topologies can also be monitored, such as the entire network of a global corporation.

The outage of the KA-SAT satellite network (Eutelsat), which thousands of customers use to access the internet, was probably also caused by an OTA supply chain attack. As a result, around 6,000 wind turbines of a turbine manufacturer from Aurich were no longer accessible remotely for several weeks from February 24, 2022. The exact nature of the cyber attack is still being investigated. The individual KA-SAT modems were damaged by the attack, meaning that they have to be replaced on site.

Integrated resilience

Intelligent cyber attacks in the form of manipulated software updates cannot be prevented, even in the Internet of Things. However, cyber resilience can be created. In general terms, this refers to the ability of an IT system to maintain operations at a reasonably normal level despite a successful cyber attack. According to the US National Institute of Standards and Technology (NIST), IT resilience is based on the three elementary building blocks of protection, detection and recovery. In this respect, manufacturers and operators are required to work together. The first building block corresponds to "security by design" by the manufacturer. Given the current state of technology, the other two tasks require the involvement of the operator. As IoT cyber resilience is also a research topic, fully automated processes can also be expected in the future.

Chains of trust as a basis

In order to implement cyber resilience in IoT practice, anchors of trust (Root of Trust, RoT) and chains of trust (Chain of Trust, CoT) based on them are required first and foremost. In this environment, an RoT is a cryptographic solution that is firmly anchored in the module hardware. The CoT uses an RoT as a starting point and forms a functional chain of different components that create verifiable security using cryptographic procedures. CoT implementations are usually used to implement complex security-relevant tasks, such as the entire firmware runtime environment (protection) of an embedded computer platform, including the automatic detection of faulty system behavior (detection) and the measures required to restore a valid initial state (recovery).

With regard to the RoT security-by-design requirements, an SD memory card with an MD5 checksum inserted in the front panel of an industrial IoT module is definitely not sufficient. The same applies to internal USB sticks or similar easily replaceable plug-in modules. From today's perspective, at least a permanently soldered semiconductor chip would be required, which can only be replaced with a complex SMD rework process plus the necessary special tools. However, since any device or system can be manipulated by a person with sufficient knowledge, equipment and time, a tamper detection system can also be added, depending on the application-related RoT security requirements, in order to detect the rework at least retrospectively.

Figure 2: Chain of trust of an IoT device: An SoC hardware reset starts component A. This checks the digital signature of the embedded operating system (DS-B in component B) with the public key PK-A. If the check is successful, B takes control of the SoC. In the same way, B can now securely start firmware components C and D if required.

© SSV Software

The second important security aspect is the cryptographic procedure used by both the RoT and the CoT. Here, for example, the use of modern hash procedures - such as a SHA-3-based challenge response - or digital signatures with private key and public key using asymmetric cryptographic systems are possible. Figure 2 provides an IoT hardware example with four firmware components A, B, C and D. Component A is the bootloader of the system-on-chip (SoC) used, which is stored together with a public key in an SoC-internal (unchangeable) trusted function block. Public keys plus digital signatures, including the associated verification procedures, form the device's internal CoT core functions.

Operational monitoring required

Even with secure chains of trust, a successful supply chain attack cannot be completely prevented. Detection and recovery are therefore important cyber resilience methods. Manipulated IoT modules can often be detected via unusual behavior in relation to communication relationships with other systems.

In the case of an IoT sensor, for example, which is integrated into the production network of a digitalized factory as a component of a condition monitoring application, it can be assumed that this sensor only requires three communication relationships: Firstly, the respective measurement data must be forwarded to a higher-level target system. Secondly, a connection to a source for software updates and changed configuration settings as well as to an external authenticated watchdog timer (AWDT) makes sense. Unlike the production manager's workstation, the IoT sensor does not need to contact other IP addresses within the factory environment or even on the internet on a daily basis. In this respect, the IoT module of an industrial application should only be given the rights and access options that are required to perform the task ("principle of least privilege" concepts). In addition, the communication relationships within the network segment should be monitored automatically. If there are any anomalies, a recovery is triggered and the IoT sensor is reset to its initial state. In other words, a safe fallback is performed, for example via the AWDT-triggered booting of recovery software from a write-protected medium.