© 2019 GlobalPlatform Confidential

IoT Initiative in GlobalPlatform

Gil Bernabeu, Technical Director

ETSI IoT week – 24 October

2

Lots of Guidance – Which is Best?

There are multiple security recommendations, frameworks and best practice guidelines

available to IoT device manufacturers

Which to follow?

What are the specific security requirements of different vertical markets?

IoT device manufacturers are not security experts

Regulation is here!Mapping of IoT Security Recommendations, Guidance and Standards to the UK’s Code of Practice for Consumer IoT Security

3

Lots of ‘Things’ are Getting Connected…

4

…And This Creates One of the Largest Attack Surfaces in the Enterprise Environment

7 Billion enterprise IoT devices deployed by 

2020

1 in 4odds of a 

data breach for an 

enterprise

$3.6Mnaverage cost of a security incident

$5Bncost to 

industry of ransomwarein 2017

5

The Inflection Point of IoT Keeps Moving Back

IoT Units Installed Base Grand Total

Source: http://www.cisco.com/c/en/us/solutions/service‐provider/visual‐networking‐index‐vni/index.html

3.8b 4.9b6.4b

25b+

2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025

100bNokia

80bIDC

74.5bIHS

Today9.1b

IT/OT Scale Challenge

IoT Security Concerns

6

Breakdown

317 new devicesper second 

10min to connect 

6.6person days of 

effort per second

208.3Mperson‐days of effort per year

7

GlobalPlatform is Addressing These Challenges!

Introducing

A collaborative initiative to standardizesecurity for IoT devices and services

8

IoTopia: An Implementation Guide Based on 4 Key Pillars

Security by Design

10

A Secure Device Baseline

• Manufacturers have an industry set of certifiable common capabilities – Security by Design

• Chip vendors/ manufacturers are best positioned to provide a set of baseline capabilities related to security

• Baseline device requirements are critical to support IoT - Lifecycle Management • IoTopia plan to define ~30 verifiable device and network security parameters

11

Moving to Testable Parameters For Certification

Device Intent

13

Access  Switch  forwards

Device emits  a URI

Expressing Manufacturer Usage Descriptions (MUD)

https://example.com/mud/…

MUDFileServer

Device MUDManager

Internet

Access  Switch

MUD controller  queries  manufacturer

DHCP,  LLDP,or 802.1X

Radiushttps

Enterprise Network

The goal of MUD is to provide a means for end devices to signal to the network what sort of access and network functionality they require to properly function. The initial focus is on access control.

https://datatracker.ietf.org/doc/rfc8520/

14

Expressing Manufacturer Usage Descriptions

https://example.com/mud/…

MUDFileServer

Device MUDManager

Internet

Access  Switch

Radius https

Enterprise Network

ITAdmin  Approval

Manufacturer  JSON file returned

Enterpriseconfiguration 

created

Devices Segmented

15

The Benefits of MUD

Customer

Manufacturer

• Reduces threat surface of exploding number of devices

• Almost no additional CAPEX

• Avoids lateral infections in the network

• Eases and scales access management decisions

• Reduces manufacturer product risk at almost no cost

• Will increase customer satisfaction and reduce support costs

• Avoids the front page

• Standards-based approach

Device Onboarding

17

The Network Administrator’s Problem – The Number of Types of Things

$

$

18

Current Options for Secure Device Identification

Out of the boxNetwork

identification“SSID?”

Device gets trust anchor Device enrolls Operational

State

Proof of Ownership

Nothing Out of band Out of band Manual/OOB/ IPSK

Nothing Not needed Nothing EAP with username and password

Mfg Cert/Trust anchor

Round robin or 802.11u/aq

ZSJ or BRSKI or EST over (HTTP, CoAP, EAP)

Current WiFi

Current wired

New approach

Trusted IntroductionZSJ: Zero Touch Secure Join

19

Results

• Device starts with a manufacturer certificate and trust anchor• Device now has deployment certificate and trust anchor• Network authorizes the device• Process can be automated [scale]

Standards-based secure onboarding process via BRSKI/ANIMA

Lifecycle Management

21

Devices Need to be Managed Throughout Their Lifecycle

• Proper lifecycle management limits hacks• Some manufacturers are requiring customers to implement software (SW) updates

as part of warranty and even operation• Now regulators are requiring IoT device maintenance

• Manufacturers provide SW patches and support throughout a device's lifecycle• They require the ability to track SW patches as well as end-user implementation• Helps manufacturers implement product end-of-life (EoL)• Lifecycle management

22

Device Lifecycle

• Reference the NIST framework to create lifecycle management• Lifecycle management involves: –device makers– network vendors – IT staff– in some countries, regulators

• Monitoring, and enforcing SW updates and SW patch ability• Defining and supporting EoL and EoS related to devices• Support IoT industry tiers and relative requirements

23

IoTopia Launch – We Have Already Started!

Public Website

Information is available at www.globalplatform.org

IoT Solutions World Congress

Official public announcement of IoTopia will take place on

Wednesday, 30 October in Barcelona at the IoT Solutions

World Congress.

GlobalPlatform panel discussion on IoT Security challenges with

NIST, GSMA and ENISA as participants.

GlobalPlatform Fall Meetings

For GlobalPlatform members, the IoTopia Technical Committee

launch meeting is on Tuesday, 19 November in Madrid.

This initial meeting is OPEN TO ALL MEMBERS.

IoTopia Committee

IoTopia Committee is open to Full and Participant Members