Security for your IoT end devices - no chance for hackers
Plug and Secure
Introduction and Challenge
On October 21, 2016, thousands of websites—including Twitter, PayPal, and GitHub—were suddenly unreachable. It quickly became clear that a massive attack on the foundations of the Internet was under way. This attack was unique in how it was carried out. Thousands of Internet-connected webcams, home routers, and other devices were hijacked to take sites offline. Hackers were able to do this because many consumers never changed the passwords of their devices from the default values. Cybercrime is not new, and it is predicted to increase in the future. Internet-connected devices are also expected to proliferate. Wireless technology is already in everything from activity trackers to ovens. There are virtually limitless scenarios for the use of Internet-connected devices or the Internet of Things (IoT). The time is therefore ripe for an easy-to-use security solution for IoT.
IoT devices can be extremely useful, but currently they also have disadvantages. Complicated security systems are hard to implement because they tend to have relatively little processing power. They also generally have small, specialized input and display hardware. Users cannot be expected to connect a keyboard and enter a long password to log in. Sometimes, setting up a secure system is even optional.
With this in mind, the is uniquely suited to a new approach to verification. The XDK contains a multitude of sensors that collect a wide range of data which Bosch Corporate Research used to realize one of their current projects.
The Bosch Cross Domain Development Kit (XDK) was introduced by Bosch Connected Devices and Solutions (BCDS) in 2016. Inclusive of multiple microelectromechanical Systems (MEMS) sensors from Bosch Sensortec and Akustica, both fully owned subsidiaries of Robert Bosch GmbH specializing in MEMS sensors and microphone solutions bringing digital awareness to new customer products.
Bosch Corporate Research used the XDK from Bosch to securely link Internet-connected devices with each other. Imagine a scenario as follows: Someone wants to set up a new IoT device in their home. The first step is to establish an encrypted wireless connection between the device and an access point. The access point then asks the person through a trusted device like a smartphone to perform a gesture with the IoT device.
The XDK – the IoT device in this case – establishes an encrypted connection to the access point, which is yet to be authenticated, i.e. the XDK has to prove that it is the legitimate one, which the user wants to integrate. Both the access point and the XDK generate symmetric cryptographic keys from the wireless propagation environment they measure which is unpredictable, symmetric and unique for exactly their connection. Then the XDK collects sensor data of the movement performed by the user and transmit them to the access point over the encrypted connection. The access point determines whether the movement of the trusted device is correct. If so, this allows the IoT device to join the network.
This proof-of-concept demonstrator is bipartite: The cryptographic keys are generated by the built in wireless processors on two XDK devices, one as access point and the other as IoT device. For the second part, an Arduino Due board and a BNO055 sensor shield collect the sensor data used for authentication. A Raspberry Pi is used as the access point. The trusted device can be any smart phone. These parts are all low-power IoT devices that show just how easy it is to put the solution into practice. The integration of both parts into one XDK device is yet to come.
The Role of Bosch Connected Devices and Solutions
The XDK from BCDS offers an all-in-one scalable hardware platform with ready-to-use software. There is no need to select and assemble components and hardware or deploy a real-time operating system. Drivers are included for all system components.
BCDS also offers the XDK Workbench. This is a development platform that can be downloaded free of charge. It includes sample applications and a user community.
When complete, users will never have to think up or enter a password. They won’t need to keep a note of confirmation numbers either. Anyone will be able to use a single XDK to set up a network of up to hundreds of devices in a short space of time. Bosch know-how, solutions and cross-divisional collaboration are combined within the project to create a true plug-and-play security system for the future of IoT devices.
Solutions and Benefits
It is hard to quantify the total cost of cybercrime worldwide. One study puts it at 445 billion dollars, another at close to 1 trillion. Either way, the number is massive. The money making opportunities are equally massive for a company that presents a solution.
Plug and Secure with XDK from Bosch is a groundbreaking approach to the creation of a secure network of Internet-connected devices. Users do not need to remember a password, enter an authentication code or perform any other annoying, impractical actions. They simply press a button, make a gesture, and the job is done.
The system is also simple to set up. The software is easily adapted for any user and can be installed straight away by manufacturers. There are no hardware costs other than the XDK. The system can be used now on the same embedded devices that are already in use around the world.
This pilot project to create a plug-and-play gesture-based device authentication system shows the potential of the XDK as the cornerstone of future Internet of Things products. Users benefit from the solution in the form of increased security and reduced setup time and effort.
The solution can be implemented at low cost with off-the-shelf Bosch hardware. The easy-to-use nature of the solution enables consumers and producers to expand the system virtually without limit.
We at BCDS, with our experience in IoT, are the right partner for sensor-based IoT projects. We increase comfort, security and productivity by enabling new business models for global markets, improving everyday life.