How to build smarter, safer cities from scratch
Today we live in an age obsessed with technology. Whatever your perspective, it’s hard to avoid the growing number of applications, products and solutions that continue to redefine the limits of what we once thought possible. From autonomous vehicles to edge computing, 5G and the Internet of Things, all facets of our lives continue to evolve, thanks to an endless stream of differentiated innovations. In this article, we’ll focus on the last of them: the Internet of Things (IoT). Deployment of IoT Technologies Smart homes, smart utilities, smart retail, smart agriculture, smart supply chains and many other ‘smart’ versions of industries we already know are all so called due to implications of IoT. Indeed, it is a technology that has manifested itself in billions of devices, which today underpin the truly transformational levels of connectivity we see in industries of all shapes and sizes. The statistics speak for themselves. According to Statista, more than $ 1 trillion is expected to be spent on IoT technology globally by 2022. Whether it’s convenience, efficiency, productivity or added intelligence, many benefits are expected to emerge from it. this increase in IoT-related activities. However, to say that this digital transition is going to be entirely positive would be naive. Threats Facing Smart Cities It is said that by 2040 65% of the world’s population will live in cities Consider smart cities. It is said that by 2040 65% of the world’s population will live in cities. To cope with such an influx, without facing significant logistical problems, with limited space and infrastructure, policymakers have started to recognize that these urban environments need to become not only bigger, but also smarter. As a result, the global smart city market is booming. Statista says that, globally, technology spending on smart city initiatives is expected to double from US $ 81 billion in 2018 to US $ 189.5 billion in 2023. Threat from attackers with expanding IoT landscape the IoT landscape, offering more opportunities than ever for threat actors. As connectivity and computing power are distributed more widely across large-scale outdoor networks, hackers will scale up their own operations in tandem. According to an October 2020 Nokia report (based on aggregate data from network traffic monitoring on more than 150 million devices worldwide), IoT devices now account for around 33% of all infected devices, up from 16% estimated in 2019. What is of more concern is how these numbers translate into real-world events. On its own, 2021 has already seen an attack on a water treatment plant in Oldsmart, Florida designed to poison residents’ drinking water. In addition, Colonial Pipeline, one of the largest pipelines in the United States, was also hacked earlier this year, causing major shortages on the east coast of the country. Security through IoT Authentication Poor password protection, lack of regular patch updates and insecure interfaces, insufficient data protection, poor management of IoT devices, and lack of IoT skills , there are many weaknesses within the IoT ecosystem, which continue to provide goals for attackers. To defend against such deadly threats, security by design and open standards should be the guiding principles of IoT, striving to prioritize security, interoperability, and robust Internet protocols to mitigate risk. Device Authentication and Encryption A good place to start is to make device authentication and encryption the central pillars of your IoT security architecture A good place to start in this regard is to do authentication and security. device encryption the central pillars of your IoT security architecture. The goal is to be able to prove that each device joining a network is not malicious, the telltale signs being, for example, malicious code. By making sure that each device is uniquely identifiable with digital certificates and therefore properly authenticated when connecting to a network, you can ensure that no spoofed devices can infiltrate your global network. By using technologies such as Hardware Secure Element Critically, passwords should be avoided completely, as they are susceptible to theft and hackers. And, although a similar vulnerability is that all secure devices contain a private key, you can take advantage of technologies, such as the Hardware Secure Element (a chip designed specifically to protect against unauthorized access, even if the attacker has physical access to the device), as an additional layer of defense. Digital certificates are not the only option available to protect IoT devices which, if tampered with, could become the cause of physical threats. Non-cloning physical function (PUF) can also be used to prevent tampering. Non-Cloning Physical Function (PUF) Through Non-Cloning Physical Function (PUF), a form of IoT device fingerprint is developed from the unique composition of a piece of silicon, which can be used to create a unique cryptographic key. Unlike digital certificates, a secure infrastructure can be achieved through PUF, without the need for additional hardware, as the key is not only stored securely, but also becomes invisible to hackers when the device is not running. execution. The Importance of Encryption Using AES encryption in radio chips to scramble messages on the go is the method adopted by the Wi-SUN Alliance. Now, let’s take a look at encryption. Using AES encryption within radio chips, to scramble messages on the go, is the method we’ve adopted here at the Wi-SUN Alliance. This is a way to maximize data security, but also to reduce the power consumption of the devices themselves. Beyond AES encryption, topography should also be considered at the design stage. Indeed, mesh networks are advantageous for several reasons. They are more reliable and allow data to be rerouted in the event of unexpected loss of contact with devices. Transmissions typically travel shorter distances, which improves energy efficiency and performance, and the frequency hopping feature prevents attackers from jamming signals, which could disallow service altogether. Open standards and interoperability But where do open and interoperable standards fit? As defined by the European Committee on Interoperable Systems (ECIS), interoperability allows a computer program to communicate and exchange information with other computer programs, allowing all programs to use that information. Open standards then allow any supplier of communication equipment or services to implement all the necessary standards, to interact with other suppliers. This is incredibly useful from a security point of view. This means that all specifications are stress tested and verified by many users, and all vulnerabilities are quickly detected and fixed, improving security and reliability. Need for open standards Likewise, open standards can speed time to market, reduce costs, and ensure products are usable, with a variety of processors and radios from manufacturers, with a multitude of publicly available protocol stacks. , design information and reference implementations available that can help create and sustain secure products. Indeed, large-scale enterprise IoT networks alongside smart cities, smart utilities and other key smart infrastructure will only continue to evolve in the years to come. With immense threats from attackers in mind, these systems must prioritize security by design, both now and in the future.