Modern applications like connected industrial systems, smartgrids, connected cars and autonomous driving widely summarised under the term the Internet of Things (IoT), see Fig. 1, have a high demand for reliable security. There are some typical use cases such as authentication of components and their unique identities, monitoring and safeguarding of system integrity and protection of data and communication. To build trust in new services and technologies, intellectual property (IP) protection is key, and data security and system integrity are a prerequisite for successful implementation of new services and applications.
To establish new solutions, we need integrated system solutions based on secured hardware that protects infrastructure and components from attacks, fraud and sabotage; in brief, hardware that enables to store, run and update software in a protected way.
Purely software based security is not enough
Several attempts have been made in the past to apply purely software based solutions for device authentication. Unfortunately, software, due to its nature, bears several significant weaknesses. It is written in code, and code can be read and analysed. And once it is analysed, it can be modified as per the requirements of an attacker. And once the device is re-programmed with the modified software, the authentication process and system integrity can be broken.
Another severe weakness of software based solutions can be the inappropriate storage of secret keys via all relevant processes and production steps. Typically, in software based protection systems, attackers can identify secret keys from the software in a very simple way; keys usually behave like random numbers, in total contrast to the program code itself. So-called entropy analysers can scan the software and identify parts with high randomness (these parts typically contain the keys). Such a scan is done in seconds, and the keys found could directly be used to generate falsified products in masses.
Software-only solutions allow protection only in the case when none of the components used are physically accessible to an attacker. In real life, this exception would render such solutions unpractical. So software is usually not seen as a valid alternative for product authentication, system integrity and IP protection today.
However, software can be protected by hardware; secured hardware protects the processing and storage of code using encryption, fault and manipulation detection, and secure code and data storage. Software becomes trustworthy by combining it with secured hardware. This has been proven by extensive experience from areas of trusted computing and the use of secure elements in mobile phones and protective functions of smartgrids.
Hardware based solutions provide more security
A typical embedded control architecture with a standard microcontroller (MCU) on which a real-time operating system (OS) and applications are running can currently be found in the majority of installed systems. Usually, security functionality is implemented using software based encryption mechanisms. What is missing is an efficient and secured trust anchor (Hardware Roots of Trust, or HRoT) with dedicated encryption functionality for increased security.