30
those operations set up with a one-to-one binding to those operations through an
application programming interface. In that way, no other application can access
those operations. A more secure approach is to use a secure element for these
sensitive operations.
Secure boot. For Singh, secure boot is the foundation of all IoT security. "Secure
boot is the basic step of the secure device," he says. "If you don't have a secure boot
mechanism inside that device, then every other security measure will fail. There is no
use having any security on the device if you don't have secure boot."
Secure boot requires having a root of trust, which means some kind of trust inside
the device on which you can depend absolutely. The root of trust can never be
changed or hacked. This root of trust is typically inside the secure element, and it
becomes the cornerstone of the boot process that starts the IoT device. The boot
process validates the device during startup, and if at any point device verification
fails, the boot procedure ends or the device ends up in a safe mode rather than a
user mode.
During the boot process, the device uses a checksum process to test the operating
system image against the root of trust. It then checks the signatures of all software
applications installed on the device. If any signature is invalid, the boot process
ends. If the software passes, the device checks all hardware, such as sensors,
connected to the device. If everything checks out, the device boots successfully
and starts working.
30
" Security comes
with a cost.
Whenever we build
security into a
device, the cost
of that device
increases."
