Achieving zero-trust for IoT & IIoT with secure device identities
Connectivity is the central theme in the world of IoT (Internet of Things), IIoT (Industrial Internet of Things), and industrial automation. These technologies connect various devices, such as sensors and actuators, to the internet or industrial networks, enabling a multitude of applications, from fleet management to predictive maintenance and production automation. However, this connectivity comes with a critical concern: cybersecurity.
As these devices connect to networks, they may become vulnerable to cyber threats. Even operational technology (OT) networks, initially designed for industrial purposes, are not inherently secure when exposed to IT environments or wireless communication. This vulnerability opens the door to a range of potential attacks, including eavesdropping on network communications, impersonation of sensors or controllers, and network device hijacking.
Why establishing Zero Trust is important
The root of this security problem lies in the difficulty of distinguishing between authorized and rogue devices or malicious software. Traditional network security measures fail to ensure the authenticity and integrity of data in this interconnected ecosystem.
This is where zero trust security comes in – a policy gaining traction in industrial circles. In essence, Zero Trust implies that data received from any source should not be trusted until the sender provides verifiable proof of its identity, authorization, and data authenticity.
This identification process involves verifying the requesting device’s claimed identity using cryptographic techniques: either secret keys to be used with a symmetric key system or digital certificates (a.k.a. secure device identity) within a Public Key Infrastructure (PKI).
Provisioning trusted device identities
The question then is how to issue verifiable and unforgeable identities to IoT devices. Rolling out identities to devices over an untrusted network after they are placed “in the field” is a self-defeating exercise, as the security of identity provisioning cannot be guaranteed. Instead, an operator can assign identities manually via an “out-of-band” method, but with billions of connected devices, this runs into a scalability problem.
Considering these scenarios, we can say that the best time to provision identities to connected devices is during manufacturing when the device is in a trusted and managed environment or has a direct wired (and thus trustworthy) connection to the programming equipment. This initial Device ID, or birth certificate, can then be used throughout the device’s lifetime for trusted verification.
PKI – the better way to create trust in a network
PKI eliminates the need for exchanging or distributing secret keys using private-public key pairs and significantly simplifies security management. The initial Device ID provisioning is done during manufacturing, providing a Factory ID. This Factory ID (or birth certificate) ensures that the device can identify and authenticate to be securely onboarded to an IoT platform and become part of the operational network environment.
Subsequently, the operator can add an "Operator ID" to distinguish and grant access rights to the device (i.e., set the correct authorizations). The Factory ID enables zero-touch provisioning of the Operator ID, even over untrusted networks.
Published 24/10 2023