Demonstrates how to build a secure cloud- connected ... 1GHz CC1310 wireless microcontrollers (MCUs). ... Secure cloud connection using TI-RTOS NDK and.
C.P. Ravikumar, Texas Instruments
Talk delivered at Ubicomp-2017, Bangalore 2017. Organized by CDAC, Bangalore.
Improve Wellbeing and Safety of citizens
Clean Drinking Water Safe Transport Better waste management
Be Flexible
Flexible Transport Flexible Electric Supply
Improve utilization of resources; lower footprint
Reduce water leakage Reduce fuel and electricity wastage
Data logging, Data Communication, Data Analytics
Data Analytics
Insecure data storage
Improper session handling
Weak server-side control
Security decisions via untrusted inputs
Insufficient transport layer protection
Side-channel data leakage
Client-side injection
Broken cryptography
Poor authentication and authorization
Sensitive information disclosure
Daniel Miessler, 2016
Secure ROM – e.g. Advanced Encryption Standard (AES) tables Secure external storage - decrypt/authenticate on the fly for protecting confidentiality/authenticity while allowing only your application to run on the CPU Secure Storage – (protect critical keys) Keys and data are stored in a part of the memory that is isolated from the rest of the code and data. TI provides various security features ranging from encrypted blob of keys, anti-tamper modules with master keys, and a private key bus between the nonvolatile memory and the cryptographic accelerators. Secure Boot – only our software (from Flash) must run Program your device in an untrusted (foregin) manufacturing site
Update application remotely and securely. Debug security - lock the debugging ports and passwordprotect them Unique ID ID (UID) for devices - and optionally a signature (certificate) key whose public key is easily shareable with a cloud service Tampering – open the package and steal information IP Protection - Firewalls, IP protection zones/regions, encryption and debugging lockout of part or all of the application are some of the security features that TI provides to help you address these types of concerns. Trusted Environment - Vulnerability in another application running on the same central processing unit (CPU) cannot be exploited to attack your assets: keys, data and code?
Wi-Fi chipset integrates › secure storage › cloning protection › secure boot
› networking security. › transport layer security › secure socket layer engine › real-time encryption › on-chip 128-bit secret key
Demonstrates how to build a secure cloudconnected IoT gateway allowing access and control of the multiple wireless nodes. Based on TM4C12x, TM4C123x, TRF7970A and RF430CL330H, SimpleLink™ Wi-Fi® CC3100, Bluetooth®low energy CC2650 and Sub1GHz CC1310 wireless microcontrollers (MCUs).
TM4C1294ECPDT MCU is hardware encryption enabled. CRC hardware, AES hardwareaccelerated data encryption, DES block cipher implementation, hashing hardware accelerator, and four tamper units along with tamper event response.
The CC3100 supports Station, Access Point, and Wi-Fi Direct modes. The device also supportsWPA2 personal and enterprise security and WPS 2.0. This subsystem includes embedded TCP/IP and TLS/SSL stacks, HTTP server, and multiple Internet protocols.
Certificate-based security protocol
https://training.ti.com/secure-iot-demo?cu=774616
Wi-Fi, Bluetooth low energy and Sub 1-GHz-based nodes Wi-Fi-based stepper motor control, Bluetooth low energy SensorTag, Bluetooth low energy slave node and Sub-1 GHz slave nodesConnection between nodes and gateway using NFC-based secure out-ofband pairing. Secure data communication between nodes and gateway using hardware crypto blocks Secure cloud connection using TI-RTOS NDK and WolfSSL stack TI-RTOS for task scheduling and peripheral access
Identify a few specific applications of IoT and do pilot implementations at selected institutions › Select applications that are of relevance in
Indian society › Seek proposals from industry
Technologies to enable IoT exist › Sensitize universities to work closely with
industry and work on practical problems › Try and evolve India-specific standards