Gil Reiter
The Internet of Things (IoT) connects billions of devices and brings a huge opportunity for businesses to grow. However, billions of new connected devices also brings billions of new opportunities for hackers to steal intellectual property (IP), compromise users’ property and invade their privacy.
While consumer awareness for Internet security grows as more security breaches at large companies are revealed to the public, secure Internet communication technology has advanced to a level that provides online banking, e-commerce and government services. State-of-the-art Internet security relies on advanced cryptographic algorithms, powerful computers and collaboration between major Internet companies and users. The common security capabilities available to Internet applications today include the following:
These security capabilities largely rely on a few fundamental building blocks, including:
The benefit of using these well-known ciphers and protocols in IoT applications is two-fold. First, it relies on proven technology that is widely deployed and tested by the industry at a mega-scale. Second, it allows harnessing the power of already deployed Internet services (e.g. email, social media) as well as the public key infrastructure provided by CAs.
Although Internet security technology is widely available, recent research from Symantec Security suggests that many deployed IoT devices have not implemented adequate security measures. There are likely multiple reasons for these security gaps, but vendor awareness, software complexity and implementation costs are probably at the top of the list.
Many IoT devices are based on low-end microcontrollers (MCUs) that have limited processing power and memory. Some devices don’t have a user interface and many are designed by OEMs with little to no experience in Internet security. This brings about one of the biggest challenges in the IoT today - enabling robust security for low-end devices and making implementation easy for OEMs.
To overcome these challenges, the Texas Instruments SimpleLink™ Wi-Fi® CC3100 and CC3200 devices offer a TLS stack integrated on-chip with highly abstracted and easy-to-use APIs. These devices also include on-chip hardware cryptographic accelerators that perform the complex computational tasks swiftly and efficiently.
Moreover, other MCU solutions offer a TLS stack that runs on the application’s MCU and needs to be integrated by the application developer. Not only that these solutions put more burden on the application developer and require a deeper understanding of the TLS protocol, they are also more vulnerable to security breaches due to software bugs, memory leaks and malicious software attacks. The CC3100 wireless network processor and CC3200 wireless MCU, on the other hand, run the TLS stack on a fire-walled network processor, keeping it isolated from the application code and would therefore be more secure than a solution running the application code and the TLS stack on the same processor.
By using the SimpleLink Wi-Fi CC3100 wireless network processor, customers can secure Internet connectivity to any MCU by offloading the TLS implementation from the MCU. The CC3200 wireless MCU has the same TLS capabilities like the CC3100, while completely offloading its integrated applications MCU from all Internet security tasks.
To summarize, securing Internet communication to IoT devices is vital. While TLS is the most deployed security protocol in the Internet, its implementation usually requires significant processing power and memory. Many IoT devices are low-end and low-power and cannot afford traditional TLS implementations. On-chip cryptographic hardware accelerators and the TLS engine offered by the SimpleLink Wi-Fi CC3100 and CC3200 devices can offload the MCU in low-end IoT devices and help customers meet their security objectives by bringing the benefits of TLS to any IoT device.
For more information, visit: www.ti.com/simplelinkwifi.