Industry 4.0 Internet of Things Security & Identification

IoT could offer a lot of potential entry points for a devastating cyber attack

Industry 4.0 has already become a reality in several developed countries, while other countries are about to join the revolution very soon. “Smart” product lines equipped with all kinds of “intelligent tools” form very complex networks, known as the Industrial Internet of Things (IIoT). This enables automation and coordination at a very high level, maximizing productivity. However, the Internet of Things (IoT) exists outside the industrial environment, as well: consumer-grade devices, city infrastructure, automotive… The whole world is becoming a network of interconnected devices, providing quick access to everything we need from the comfort of our homes. However, as someone once said, “with great power comes great responsibility”. Indeed, such a high level of connectivity could potentially expose entire systems to attacks from a remote location. Some of the end-node devices can be infected with viruses, causing very disruptive DDoS attacks. Breaking into a single IoT node and spoofing its identity can allow rapid “virus” propagation and proliferation, which can be potentially very dangerous. The security level of the entire network depends on the security level at its weakest point.

Cost-effective yet reliable security solutions are not easy to come by

On the other hand, the IoT market is a price-constrained market. Implementing a cheap but effective solution can be a real challenge that depends on many different factors. However, there are a growing number of low-cost hardware solutions on the market that can be used to enhance the security level of a typical IoT end node device. As one of the most complete and cost-effective hardware security solutions on the market, the LPC55S6x, a dual-core ARM® Cortex®-M33 microcontroller (MCU) from NXP, integrates several different protection technologies on a hardware level. Some of its main features are:

  • Specialized Physical Unclonable Function (PUF) is used to determine logic states on a portion of SDRAM cells. When powered on, SDRAM cells can be randomly set either as logic HIGH (1) or logic LOW (0). The randomness is the result of the specific structure of a particular piece of silicon used to produce them and it is a unique feature of each device. It can be considered a silicone fingerprint. This silicone fingerprint can be converted into a secret key that can be used to uniquely identify the device and to provide a hardware root of trust for other security features.
  • TrustZone-M technology implements two hardware “worlds”: secure and non-secure. The non-secure world provides a flexible execution environment without access to security-critical registers and data. Non-secure code can only access secured resources via a specific interface exposed by the secure world.
  • In addition to Secure Boot with Anti-rollback Protection, the hardware also supports real-time execution of encrypted images from flash memory. The flash content is only decrypted during execution. Without a way to successfully decrypt the content, it would be completely unusable to a potential attacker.
  • Other security features of the LPC55S6x MCU series include hardware accelerators for real-time encryption and decryption, tamper-detection, True Random Number Generator (TRNG), secure GPIO and DMA, secure debug system that requires authentication to be enabled, and more.

The LPC55S6x series: a family of dual-core MCUs from NXP with sophisticated and cost-effective hardware-based security features, powerful enough to drive even the most demanding IoT nodes

The LPC55S6x features the whole range of additional options. Supported by the CMSIS-NN libraries written especially for the ARM platform, this dual-core ARM® Cortex®-M33 MCU is capable of machine-learning and inference system implementation, featuring all these security functions, implemented on top of the entire system. By integrating high-level security features along with substantial processing capabilities all in one package, this powerful and secure MCU proves how higher levels of integration, achieved using Large Scale integration (LSI) manufacturing technologies enable more security functions to be included in an MCU without sacrificing either cost or performance.

Figure 1) Block diagram of the LPC55S6x family

The LPCXpresso55S69 Development Board is the ideal platform for the evaluation and showcasing the capabilities of the LPC55S6x MCU series. Apart from the MCUXpresso driver suite support, middleware, and examples that allow rapid application development, this development board features great connectivity options such as LPCXpresso-V3 expansion connectors compatible with Arduino® UNO R3, the PMod™ compatible expansion/host connector, as well as the mikroBUS™, and socket expansion that allows interfacing to a huge repository of over 700 different Click boards™.

Figure 2) LPC55S69-EVK: LPCXpresso55S69 Development Board

If you need more information on how to implement a cost-effective yet powerful solution to your embedded system, please visit this LINK. Also, make sure to contact our Security & Identification experts who can help you with your specific design needs.