© 2019 GlobalPlatform Confidential
IoT Initiative in GlobalPlatform
Gil Bernabeu, Technical Director
ETSI IoT week – 24 October
2
Lots of Guidance – Which is Best?
There are multiple security recommendations, frameworks and best practice guidelines
available to IoT device manufacturers
Which to follow?
What are the specific security requirements of different vertical markets?
IoT device manufacturers are not security experts
Regulation is here!Mapping of IoT Security Recommendations, Guidance and Standards to the UK’s Code of Practice for Consumer IoT Security
3
Lots of ‘Things’ are Getting Connected…
4
…And This Creates One of the Largest Attack Surfaces in the Enterprise Environment
7 Billion enterprise IoT devices deployed by
2020
1 in 4odds of a
data breach for an
enterprise
$3.6Mnaverage cost of a security incident
$5Bncost to
industry of ransomwarein 2017
5
The Inflection Point of IoT Keeps Moving Back
IoT Units Installed Base Grand Total
Source: http://www.cisco.com/c/en/us/solutions/service‐provider/visual‐networking‐index‐vni/index.html
3.8b 4.9b6.4b
25b+
2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025
100bNokia
80bIDC
74.5bIHS
Today9.1b
IT/OT Scale Challenge
IoT Security Concerns
6
Breakdown
317 new devicesper second
10min to connect
6.6person days of
effort per second
208.3Mperson‐days of effort per year
7
GlobalPlatform is Addressing These Challenges!
Introducing
A collaborative initiative to standardizesecurity for IoT devices and services
8
IoTopia: An Implementation Guide Based on 4 Key Pillars
Security by Design
10
A Secure Device Baseline
• Manufacturers have an industry set of certifiable common capabilities – Security by Design
• Chip vendors/ manufacturers are best positioned to provide a set of baseline capabilities related to security
• Baseline device requirements are critical to support IoT - Lifecycle Management • IoTopia plan to define ~30 verifiable device and network security parameters
11
Moving to Testable Parameters For Certification
Device Intent
13
Access Switch forwards
Device emits a URI
Expressing Manufacturer Usage Descriptions (MUD)
https://example.com/mud/…
MUDFileServer
Device MUDManager
Internet
Access Switch
MUD controller queries manufacturer
DHCP, LLDP,or 802.1X
Radiushttps
Enterprise Network
The goal of MUD is to provide a means for end devices to signal to the network what sort of access and network functionality they require to properly function. The initial focus is on access control.
https://datatracker.ietf.org/doc/rfc8520/
14
Expressing Manufacturer Usage Descriptions
https://example.com/mud/…
MUDFileServer
Device MUDManager
Internet
Access Switch
Radius https
Enterprise Network
ITAdmin Approval
Manufacturer JSON file returned
Enterpriseconfiguration
created
Devices Segmented
15
The Benefits of MUD
Customer
Manufacturer
• Reduces threat surface of exploding number of devices
• Almost no additional CAPEX
• Avoids lateral infections in the network
• Eases and scales access management decisions
• Reduces manufacturer product risk at almost no cost
• Will increase customer satisfaction and reduce support costs
• Avoids the front page
• Standards-based approach
Device Onboarding
17
The Network Administrator’s Problem – The Number of Types of Things
$
$
18
Current Options for Secure Device Identification
Out of the boxNetwork
identification“SSID?”
Device gets trust anchor Device enrolls Operational
State
Proof of Ownership
Nothing Out of band Out of band Manual/OOB/ IPSK
Nothing Not needed Nothing EAP with username and password
Mfg Cert/Trust anchor
Round robin or 802.11u/aq
ZSJ or BRSKI or EST over (HTTP, CoAP, EAP)
Current WiFi
Current wired
New approach
Trusted IntroductionZSJ: Zero Touch Secure Join
19
Results
• Device starts with a manufacturer certificate and trust anchor• Device now has deployment certificate and trust anchor• Network authorizes the device• Process can be automated [scale]
Standards-based secure onboarding process via BRSKI/ANIMA
Lifecycle Management
21
Devices Need to be Managed Throughout Their Lifecycle
• Proper lifecycle management limits hacks• Some manufacturers are requiring customers to implement software (SW) updates
as part of warranty and even operation• Now regulators are requiring IoT device maintenance
• Manufacturers provide SW patches and support throughout a device's lifecycle• They require the ability to track SW patches as well as end-user implementation• Helps manufacturers implement product end-of-life (EoL)• Lifecycle management
22
Device Lifecycle
• Reference the NIST framework to create lifecycle management• Lifecycle management involves: –device makers– network vendors – IT staff– in some countries, regulators
• Monitoring, and enforcing SW updates and SW patch ability• Defining and supporting EoL and EoS related to devices• Support IoT industry tiers and relative requirements
23
IoTopia Launch – We Have Already Started!
Public Website
Information is available at www.globalplatform.org
IoT Solutions World Congress
Official public announcement of IoTopia will take place on
Wednesday, 30 October in Barcelona at the IoT Solutions
World Congress.
GlobalPlatform panel discussion on IoT Security challenges with
NIST, GSMA and ENISA as participants.
GlobalPlatform Fall Meetings
For GlobalPlatform members, the IoTopia Technical Committee
launch meeting is on Tuesday, 19 November in Madrid.
This initial meeting is OPEN TO ALL MEMBERS.
IoTopia Committee
IoTopia Committee is open to Full and Participant Members