IoT Foundations of Trust Whitepaper Review
Matthew Clark's IoT Foundations of Trust whitepaper caters to a variety of audiences and serves as a foundational document when discussing trust concepts in IoT. Technical audiences interested in IoT security should find the whitepaper informative and provide them with a solid basic understanding of trust concepts and hardware implementation options. Security leaders can also utilize this article to understand trust concepts and to select hardware controls to meet their business requirements.
The whitepaper supports IoT manufacturers curious about options to improve the cybersecurity of their products. Matthew Clark uses his 20+ years of experience in technology, security, and governance to describe technical measures that IoT manufacturers could consider to create foundational trust attributes in their merchandise. Clark's whitepaper covers the technical concepts behind the "root of trust" methodology and the hardware implementations that technicians should consider. The whitepaper provides an invaluable introduction to basic trust concepts that can be applied by IoT engineers seeking to incorporate security into their products, or security engineers seeking to incorporate IoT into their repertoire.
In his whitepaper, Clark describes the technical concepts that much up a "root of trust" implementation. When describing these theories, he brings attention to the business risks, such as cost, resourcing, and delayed timelines that businesses may face in implementing these components. The article frequently discusses the use of these foundational concepts where they are reliant on or embedded in hardware for IoT, arguing that some of their software forms are ineffectual either generally or specifically in the IoT environment. The discussion of the flaws and business risks associated with each concept type provides valuable insight into the impact of the concept on both security and business operations.
Implementation options discussed by include:
- ARM Trusted Zone
- TEE Secure Boot
- Trusted Platform Module (TPM)
- Measured Boot
- Hardware Security Module (HSM)
- Cloud HSM
- Secure Boot (HSM)
- Device Identifier Composition Engine (DICE)
A description of the implementation environment, costs, benefits, and shortcomings of each option provides readers with a framework for the technical implementation of trust concepts. Security leaders can use this paper to identify appropriate trust implementations for their business needs.
Clark's description of implementation options lacks recommendations for the different types of IoT manufacturers identified in the introduction of his paper. Arguably the business model and the customer capability of a commercial IoT manufacturer are different from that of an industrial IoT manufacturer. A clear preference for more advanced implementations, such as an HSM, could mislead someone new to the IoT security space into thinking that this is the correct option for their business model. Yet Clark recognizes the business dilemma manufacturers face and provides a positive review of the low-cost DICE implementation.
When considering different implementations of trust models, readers should consider the impact on their business, customer needs, and customer capabilities. Throughout his paper, Clark addresses the issue of manufacturers considering their customer and business needs. Technical staff should engage with their business stakeholders to understand what their customer wants when developing security requirements.
Beyond IoT Foundations of Trust, readers should also consider the impact of availability on their product. Trust concepts will address confidentiality, integrity, authenticity, and non-repudiation, but can sometimes neglect availability problems. In the worst-case, the introduction of trust concepts can create new availability issues. Considering this, manufacturers should introduce trust concepts as early as possible in their development lifecycles.
For readers who want to learn more, or already have a technical background in IoT development and want to know how to address specific problems you're facing in the security space, consider Alejandro Guinea's course on IoT Security on Cybrary.