9/21/2016 ConnectedSystemsRequireHardwareBasedSecurityElectronicsForYou

Connected Systems Require Hardware Based Security

Juergen Spaenkuch is division vice president, chip card and security, at Inneon Technologies AG
February 20, 2016

Modern applications like connected industrial systems, smartgrids, connected cars and
autonomous driving widely summarised under the term the Internet of Things (IoT), see
Fig. 1, have a high demand for reliable security. There are some typical use cases such as
authentication of components and their unique identities, monitoring and safeguarding of
system integrity and protection of data and communication. To build trust in new services
and technologies, intellectual property (IP) protection is key, and data security and system
integrity are a prerequisite for successful implementation of new services and
applications.

To establish new solutions, we need integrated system solutions based on secured

hardware that protects infrastructure and components from attacks, fraud and sabotage;
in brief, hardware that enables to store, run and update software in a protected way.

Purely software based security is not enough

Several attempts have been made in the past to apply purely software based solutions for
device authentication. Unfortunately, software, due to its nature, bears several signicant
weaknesses. It is written in code, and code can be read and analysed. And once it is
analysed, it can be modied as per the requirements of an attacker. And once the device is
re-programmed with the modied software, the authentication process and system
integrity can be broken.
http://electronicsforu.com/technologytrends/connectedsystemsrequirehardwarebasedsecurity?utm_source=pushengage&utm_medium=push_notification 1/3
9/21/2016 ConnectedSystemsRequireHardwareBasedSecurityElectronicsForYou

Another severe weakness of software based solutions can be the inappropriate storage of
secret keys via all relevant processes and production steps. Typically, in software based
protection systems, attackers can identify secret keys from the software in a very simple
way; keys usually behave like random numbers, in total contrast to the program code
itself. So-called entropy analysers can scan the software and identify parts with high
randomness (these parts typically contain the keys). Such a scan is done in seconds, and
the keys found could directly be used to generate falsied products in masses.

Fig.1:TheIoTandvariousotherconnectedapplicationsrequiresecurecommunication,dataandIPprotectionaswellas
systemintegrity

Software-only solutions allow protection only in the case when none of the components
used are physically accessible to an attacker. In real life, this exception would render such
solutions unpractical. So software is usually not seen as a valid alternative for product
authentication, system integrity and IP protection today.

http://electronicsforu.com/technologytrends/connectedsystemsrequirehardwarebasedsecurity?utm_source=pushengage&utm_medium=push_notification 2/3
9/21/2016 ConnectedSystemsRequireHardwareBasedSecurityElectronicsForYou

READ Maintain, Repair And Operate With Smart

Mobility

However, software can be protected by hardware; secured hardware protects the

processing and storage of code using encryption, fault and manipulation detection, and
secure code and data storage. Software becomes trustworthy by combining it with secured
hardware. This has been proven by extensive experience from areas of trusted computing
and the use of secure elements in mobile phones and protective functions of smartgrids.

Hardware based solutions provide more security

A typical embedded control architecture with a standard microcontroller (MCU) on which a
real-time operating system (OS) and applications are running can currently be found in the
majority of installed systems. Usually, security functionality is implemented using software
based encryption mechanisms. What is missing is an ecient and secured trust anchor
(Hardware Roots of Trust, or HRoT) with dedicated encryption functionality for increased
security.

1 2

http://electronicsforu.com/technologytrends/connectedsystemsrequirehardwarebasedsecurity?utm_source=pushengage&utm_medium=push_notification 3/3