Is System-on-Chip a viable solution for IoT security?

As devices get smaller and smaller, semiconductor manufacturers have to deal with a variety of new challenges. The smaller, more portable designs create difficulties with circuitry, reliability, power draw, and connectivity. That’s not all, as security is also a concern from a hardware perspective. Thanks to the emergence of IoT, in its many forms, the design problems have been exacerbated even more.

As a result, a new class of developers and designers have stepped up to the plate, leading to the adoption of some relatively new silicon implementations. Application-specific integrated circuits (ASICs), system-on-chip (SoC), and system-in-package (SiP) development techniques have all improved considerably, particularly in regards to their viability.

Out of the three, SoC has gained a ton of traction in the semiconductor industry because of what it can provide.

1. What makes SoC unique?

SoC stands for system-on-chip and it denotes a seamless design process that semiconductors use. All the necessary electronic circuits and components are built into a single integrated circuit.

It’s an incredibly useful technique when dealing with portable or smaller devices, such as a smartphone or wearable like a fitness tracker. All the necessary components are embedded within a single chip, keeping things compact, efficient, and compatible. It makes sense then why it’s the preferred method of development for complex electronic devices.

Everything is crammed into a single chip or unit, including processors, memory, storage, connectivity, sensors, power management components and more. That’s also what makes SoC such an ideal solution for IoT. Not only are such connected devices smaller and more compact, but they’re also meant to include a bevy of features and functionality.

The Global Standard Initiative states that a device labeled as “IoT” must have the following features built-in: sensors, internet or wireless connectivity, processing, energy efficiency, quality, reliability, cost-effectiveness and, last but not least, security.

There it is, security.

2. What’s the deal with SoC and security?

Traditionally, security has been handled by software platforms especially in the early days of IoT.

The software itself comes in many forms, and tends to be proprietary for each industry — healthcare and manufacturing, for example, each has their own software security solution. They can be inexpensive, are easy to revise and upgrade, and handle processing locally. But the problem with this is they still have many associated vulnerabilities. When you place the load on a host processor, for instance, that leaves a lot of room for outside interference. In addition, the software is often run from non-secure hardware, making matters that much worse.

Hardware-based security, on the other hand, relies on a dedicated integrated circuit which is essentially a dedicated security processor. Said processor can handle cryptographic functions to protect against potential attacks. All security operations — such as encryption and decryption, user authentication, and access blocking — happen at the hardware level. Any data or sensitive information remains strongly protected behind the electrical boundary of the dedicated system hardware.

It is also quite difficult to alter or modify silicon, a common material used in semiconductor chips and components. A special form of plastic tubing is necessary to even form silicon-based components and chips because it must be resilient under extreme temperatures. Let alone the resources needed to modify a solidified component that has been tempered and shaped.

Finally, if there is an attack, hardware security chipsets can be programmed to wipe all sensitive data, adding an extra layer of protection. If the system or device falls into the wrong hands a backup contingency such as this is necessary.

3. How does SoC security benefit IoT?

Hardware security and chip-based solutions are tamper-resistant and can be used to protect against both local and foreign attacks. The former is important and protects against unscrupulous parties who are willing to reverse-engineer devices as a means to find vulnerabilities. But the outside protection is just as important because the whole of the IoT market is connected to the greater internet. It means that every device is both receiving and transmitting sensitive data, constantly.

The embedded security chips in newer credit cards serve as an excellent example. They require very little resources and yet they are remarkably secure thanks to built-in hardware protocols and cryptography features. Exactly the same thing can be achieved for all forms of IoT from consumer smart home tech to industrial and manufacturing sensors.

When you stop to consider the future of the IoT market, it really makes a lot of sense to implement hardware-based security through SoC. Smart and driverless vehicles, home security systems, retail and payment solutions, healthcare and body sensors, they all require a certain level of security to protect the resulting data. But beyond that is the way in which the technologies will be deployed. The last thing we want as a society is a cyber attack carried out an entire city outfitted with IoT and connected technologies. Just imagine what kinds of nefarious things could happen. Water supplies could be cut off remotely. Traffic control systems could be compromised. Modern power grids could be turned off. The list of potential disasters goes on and on.

That’s definitely not something we want playing out in our future, not if we can help it anyway.

(Featured image by Dragon Images via Shutterstock)

—

DISCLAIMER: This article expresses my own ideas and opinions. Any information I have shared are from sources that I believe to be reliable and accurate. I did not receive any financial compensation for writing this post, nor do I own any shares in any company I’ve mentioned. I encourage any reader to do their own diligent research first before making any investment decisions.