The Future of IoT Security

By Haydn Povey

Unlimited opportunity. That’s what comes to mind when I think about the future of the Internet of Things (IoT). And, that is both a blessing and a curse.

As the IoT proliferates, billions of cloud-connected devices are expected to be designed, manufactured, and deployed over the next decade. Our increasingly connected world will become hyper-connected, transforming our lives in ways we likely never thought possible. We will see smarter cities where the commuter is automatically guided, smarter farming where livestock health is individually monitored with on-call veterinary services, smarter healthcare to reduce the spiraling costs, integration between smart white goods and utilities to manage grid loading, and the integration of smart retail and personal assistant AI to provide a “curated” shopping experience. That future is limitless and exciting. But it is also frightening. We have already seen the headlines of how attacks have impacted businesses and people with valuable data being stolen or ransomed. It is widely believed the attacks are just starting.

Devices—not often seen as likely hacking targets—now have the potential to be weaponized. No one wants a device or application that is prone to hacking or theft. Hacks, malware, and IP theft have a significant dollar cost and can destroy corporate brands and reputations. And these devices may have extended lifecycles of decades. And a “secure” connected device does not guarantee a secure system. All too often, security has been an after-thought in the development of systems.

Hardware, software, communications, and communications protocol, device commissioning, applications layers, and other systems considerations all could impact security of a device and its data. The future of IoT must see security become an integral part of the design and deployment process, not merely an after-thought or add-on.

Delivering security-orientated embedded systems is a major challenge today. It will take a strong ecosystem and the development of a “supply chain of trust” to deliver truly secure product creation, deployment, and lifecycle management for the rapidly evolving IoT marketplace.

Security needs to be architected into devices from the moment of inception. In addition, it needs to be extended across the supply chain, from security-orientated chips through to manufacturing and management for the lifecycle of the product.

To deliver secure manufacturing and ensure no malware can be injected, cold and hard cryptography principles must be relied upon to ensure solutions are secured. Security principles should be embedded in every aspect of the system from the delivery of secure foundations in the silicon device, through to the secure mastering and encryption of the OEM codebase to ensure it is protected. The programming and manufacturing stages may then freely handle the encrypted code base, but the utilization of secure appliances, which integrate high-integrity and high-availability hardware security modules, enables secure enclaves to be integrated into the process to manage and orchestrate all key material. Furthermore, the ability to encrypt applications within the development process and subsequently decrypt the images in place within the device is a critical to securing the intellectual property.

While simple in theory, there are multiple aspects of a system that must be secured, encompassing the device, the mastering of the application, the handling and sharing of the keys, and the loading of the application on to the device. The only real solution is to develop a “zero trust” approach across the supply chain to minimize vulnerabilities and continually authenticate and individualize deliverables as far as possible.

While this integrated approach cannot resolve all aspects of counterfeiting, it does mark a key rallying point for the industry, and finally enables the industry to start to draw a line under the mass counterfeiting and over-production of devices. And all stakeholders in the process—including device platform providers, OEMs, programming centers, contract manufacturers, end users, security experts, and standards bodies—must do their parts to make cyber-secure programming and manufacturing ubiquitous, easy to use, and easily adoptable.

As I said, the future of IoT holds limitless opportunity, and that will drive new solutions. There will be new business models and new ecosystems. The threats are real, and the cost of failure could be astronomical. So, for the future of IoT to be bright, it must start with security.

This article appears in Circuit Cellar 324.

Haydn Povey [Headshot - Colour]Haydn Povey is the Founder/CEO of Secure Thingz, a company focused on developing and delivering next-generation security technology into the Internet of Things (IoT) and other connected systems. He also currently sits on the Executive Steering Board of the IoT Security Foundation. Haydn has been in senior management at leading global technology companies for more than 20 years, including 10 years in senior marketing and business development roles at ARM.

High-Performing, Intelligent Wireless Transceiver Module

The RF Solutions high-performance ZETA module was recently updated to include a simple SPI and UART interface. The ZETAPLUS module doesn’t require external components, which means a fast and effective plug-and-play setup.

ZETAPLUS

Available on 433-, 868-, and 915-MHz frequencies, the module is easy to set up and you’ll be sending and receiving data quickly. Furthermore, you’ll find it easy to create networks of ZETAPLUS modules or point-to-point links without the need for time-consuming register configuration.

With an impressive 2-km range, the ZETAPLUS is well-suited for sensor networks, sleepy nodes, and numerous other telemetry, control, and Internet of Things (IoT) applications.

RF Solutions | www.rfsolutions.co.uk

Small Antenna Covers Bands for LPWAN, IoT and Smart Cities

Antenova has announce a new antenna, Grandis, part number SR42I010. It is an SMD antenna that is physically smaller yet provides enhanced performance in the 863-870 MHz and 902-928MHz bands. It directly targets the growing number of M2M and IoT applications using the LPWAN protocols. With Grandis, Antenova has reduced the footprint of the LPWAN antenna to 12.0 x 11.0 x 1.6mm, while also enhancing the antenna’s performance. Grandis is a low-profile antenna which uses a ground plane to radiate, and is designed to be placed in the corner of the PCB.

Antenova Grandis SR42I010

Antenova endeavours to give PCB designers the benefit of flexibility in the positioning of the antenna within a design, so the Grandis antenna is supplied is two versions, Left and Right, to give designers a choice of locations for the antenna on a PCB. LPWAN is an increasingly popular choice for IoT and smart city applications because it uses less power, which means that the batteries within individual devices will have an extended life. Antenova’s Grandis antenna covers the newer LPWAN standards for connected devices in IoT and smart cities: LoRa, SigFox and Weightless-P. Grandis is suitable for all applications in the 863-870 MHz and 902-928MHz bands, so it could be used in industrial, scientific and medical applications, smart metering, network devices, manufacturing automation, agricultural and environmental monitoring and consumer tracking, worldwide.

 Antenova | www.antenova-m2m.com

Scalable Multi-Protocol Industrial Ethernet Platform

STMicroelectronics recently announced a collaboration with Hilscher that combines the STM32 ecosystem with the multi-protocol flexibility of Hilscher’s netX control ICs. As a result, you can use the I-NUCLEO-NETX expansion board with any STM32 Nucleo-64 or STM32 Nucleo-144 development board.

The I-NUCLEO-NETX contains a netX 52 network controller IC with integrated Real-Time Ethernet switch. Plus, it includes two RJ-45 ports for line and ring topologies. netX 52 supports all Real-Time Ethernet protocol specifications and evolutions, including EtherCAT, PROFINET, EtherNet, Ethernet/IP, POWERLINK, CC-Link IE, Modbus TCP, and SERCOS III. Well suited for the Industrial Internet of Things (IIoT). it also can support Fieldbus standards like CANopen, emerging standards such as Time-Sensitive Networking (TSN), and OPC-UA and MQTT for cloud data exchanges.

Combining the strengths of netX with the STM32 family creates a “flexible, stable, and scalable platform for building products from simple I/O systems to complex, high-end drives and controls.” The I-NUCLEO-NETX expansion board is available on Amazon for $49. The I-CUBE-NETX expansion software—including evaluation versions of the EtherCAT, PROFINET, and EtherNet/IP protocols—is available for free at www.st.com/i-cube-netx.

Source: STMicroelectronics

New Wi-Fi Hardware and Device Platform

Texas Instruments recently announced its next generation of Wi-Fi hardware and the new SimpleLink MCU platform. The products include the SimpleLink Wi-Fi CC3220 wireless MCU and CC3120 wireless network processor. Designed with security in mind, the CC3220 products are built with two separate execution environments within a single chip.ti simplelink

Promoted as the “new standard for IoT developers,” The SimpleLink MCU Platform offers you the following:

  • 100% code compatibility across SimpleLink MCU portfolio
  • Encryption-enabled security features
  • TI Drivers offers standardized set of functional APIs for integrated peripherals
  • Integrated TI-RTOS, a robust, intelligent kernel for complete, out-of-the-box development
  • POSIX-compatible APIs offer flexible OS/kernels support
  • IoT stacks and plugins to add functionality to your design

Source: Texas Instruments

Chip Antennas for the New NB-IoT Standard

Antenova Ltd recently announced a new Narrow Band IoT (NB-IoT) standard.The compact 20 × 11 × 1.6 mm antenna is easy to integrate onto a small PCB.SR4C033The Latona SR4C033  chip antenna is a member of Antenova’s lamiiANT antenna family. The embedded NB-IoT antennas are designed to be easily integrated onto a host PCB for a wide variety of IoT projects.

Source: Antenova

Lightweight Systems and the Future of Wireless Technology

Last November, we published engineer Alex Bucknall’s essay “Taking the ‘Hard’ Out of Hardware.” We recently followed up with him to get his thoughts on the future of ‘Net-connected wireless devices and the Internet of Things (IoT).

BucknallAs we enter an age of connected devices, sensors, and objects (aka the Internet of Things), we’re beginning to see a drive for lightweight systems that allow for low power, low complexity, and long-distance communication protocols. More of the world is becoming connected and not all of these embedded devices can afford high-capacity batteries or to be connected to mains power. We’ll see a collection of protocols that can provide connectivity with just a few milliwatts of power that can be delivered through means of energy harvesting such as solar power. It’ll become essential for embedded sensors to communicate from remote locations where current standards like Wi-Fi and BLE fall behind due to range constraints. Low-Power Wide Area Networks (LPWANs) will strive to fill this gap with protocols such as Sigfox, LoRa, NB-IoT, and others stepping up to the plate. The next hurdle will be the exciting big data challenge as we start to learn more about our world via the Internet of Things! — Alex Bucknall (Developer Evangelist, Sigfox, France)

New Cyclone 10 FPGA Family

Intel recently launched the Intel Cyclone 10 family of FPGAs. Well suited for IoT applications, the new FPGAs are designed to deliver fast and power-efficient processing. They can collect and send data, and make real-time decisions based on the input from IoT devices. You can program the FPGAs  to deliver the specific level of computing and functions required by different IoT applications.Cyclone INTEL

Cyclone 10 GX supports 10G transceivers and hard floating point digital signal processing (DSP). Furthermore, it offers 2× the performance of the previous Cyclone generation. The architectural innovation in the implementation of IEEE 754 single-precision hardened floating-point DSP blocks can enable processing rates up to 134 giga floating-point operations per second (GFLOPs) for applications such as motion or motor control systems.

The Intel Cyclone 10 LP is the perfect solution for applications where cost and power are key factors in the design decision. These systems typically use FPGA densities that are sub 75K LE and chip-to-chip bridging functions between electronic components or I/O expansion for micro-processors. Cyclone 10 LP can also be used for automotive video processing used in rear-view cameras and in sensor fusion, where data gathered while the car is on the road is combined from multiple sensors in the car to provide a more complete view of what is happening.

The Cyclone 10 FPGA family will be available in the second half of 2017, along with evaluation kits, boards, and the latest version of Intel’s Quartus FPGA programming software.

Source: Intel

Brain Controlled-Tech and the Future of Wireless

Wireless IoT devices are becoming increasingly common in both private and public spaces. Phil Vreugdenhil, an instructor at Camosun College in Canada, recently shared his thoughts on the future of ‘Net-connected wireless technology and the ways users will interact with it.

VreugdenhilI see brain-controlled software and hardware seamlessly interacting with wireless IoT devices.  I also foresee people interacting with their enhanced realities through fully integrated NEMS (nano-electromechancical systems) which also communicate directly with the brain, bypassing the usual pathways (eyes, ears, nose, touch, taste) much like cochlear implants and bionic eyes. I see wireless health-monitoring systems and AI doctors drastically improving efficiency in the medical system. But, I also see the safety and security pitfalls within these future systems. The potential for hacking somebody’s personal systems and altering or deleting the data they depend upon for survival makes the future of wireless technology seem scarier than it will probably be. — Phil Vreugdenhil (Instructor, Camosun College, Canada)

Transform IoT Audio, Voice, and Video Interactions

NXP Semiconductors (now part of Qualcomm) recently introduced the new i.MX 8M family of applications processors specifically designed to meet increasing audio and video system requirements for smart home and smart mobility applications such as over-the-top (OTT) set-top boxes, digital media adapters, surround sound, sound bars, A/V receivers, voice control, voice assistance, digital signage, and general-purpose human machine interface (HMI) solutions.NXP-iMX8M-FS

The concept of the smart home is expanding rapidly, heightening consumers’ expectations for audio and video entertainment and transforming the requirements for consumer electronics devices. NXP’s i.MX 8M family addresses the major inflection points currently underway in streaming media: voice recognition and networked speakers in audio, and the move to 4K High Dynamic Range (HDR) and the growth of smaller, more compact form factors in video.

NXP’s i.MX 8M family of processors has up to four 1.5-GHz ARM Cortex-A53 and Cortex-M4 cores, flexible memory options and high-speed connectivity interfaces. The processors also feature full 4K UltraHD resolution and HDR (Dolby Vision, HDR10 and HLG) video quality, the highest levels of pro audio fidelity, up to 20 audio channels and DSD512 audio. The i.MX 8M family is tailored to streaming video devices, streaming audio devices and voice control applications.

Capable of driving dual displays, the new devices include:

  • The i.MX 8M Dual/i.MX 8M Quad, which integrates two or four ARM Cortex-A53 cores, one Cortex- M4F core, a GC7000Lite GPU and 4kp60, h.265 and VP9 video capability.
  • The i.MX 8M QuadLite, which integrates four ARM Cortex-A53 cores, one Cortex- M4F core and a GC7000Lite GPU.
  • The i.MX 8M Solo, which integrates one ARM Cortex-A53 core, one Cortex-M4F core and a GC7000nanoULTRA GPU.

The i.MX 8 applications processor is highly scalable with a pin- and power-compatible package and comprehensive software support. The i.MX 8 multi-sensory enablement kit (MEK) is now available to prototype i.MX 8M systems. Limited sampling of i.MX 8M will begin in the second quarter of 2017, and general availability is expected in the fourth quarter of 2017.

Source: NXP Semiconductors

The Future of Test-First Embedded Software

The term “test-first” software development comes from the original days of extreme programming (XP). In Kent Beck’s 1999 book, Extreme Programming Explained: Embrace Change (Addison-Wesley), his direction is to create an automated test before making any changes to the code.

Nowadays, test-first development usually means test-driven development (TDD): a well-defined, continuous feedback cycle of code, test, and refactor. You write a test, write some code to make it pass, make improvements, and then repeat. Automation is key though, so you can run the tests easily at any time.

TDD is well regarded as a useful software development technique. The proponents of TDD (including myself) like the way in which the code incrementally evolves from the interface as well as the comprehensive test suite that is created. The test suite is the safety net that allows the code to be refactored freely, without worry of breaking anything. It’s a powerful tool in the battle against code rot.

To date, TDD has had greater adoption in web and application development than with embedded software. Recent advances in unit test tools however are set to make TDD more accessible for embedded development.

In 2011 James Grenning published his book, Test Driven Development for Embedded C (Pragmatic Bookshelf). Six years later, this is still the authoritative reference for embedded test-first development and the entry point to TDD for many embedded software developers. It explains how TDD works in detail for an unfamiliar audience and addresses many of the traditional concerns, like how will this work with custom hardware. Today, the book is still completely relevant, but when it was published, the state-of-the art tools were simple unit test and mocking frameworks. These frameworks require a lot of boilerplate code to run tests, and any mock objects need to be created manually.

In the rest of the software world though, unit test tools are significantly more mature. In most other languages used for web and application development, it’s easy to create and run many unit tests, as well as to create mock objects automatically.
Since 2011, the current state of TDD tools has advanced considerably with the development of the open-source tool Ceedling. It automates running of unit tests and generation of mock objects in C applications, making it a lot easier to do TDD. Today, if you want to test-drive embedded software in C, you don’t need to roll-your-own test build system or mocks.

With better tools making unit testing easier, I suspect that in the future test-first development will be more widely adopted by embedded software developers. While previously relegated to the few early adopters willing to put in the effort, with tools lowering the barrier to entry it will be easier for everyone to do TDD.
Besides the tools to make TDD easier, another driving force behind greater adoption of test-first practices will be the simple need to produce better-quality embedded software. As embedded software continues its infiltration into all kinds of devices that run our lives, we’ll need to be able to deliver software that is more reliable and more secure.

Currently, unit tests for embedded software are most popular in regulated industries—like medical or aviation—where the regulators essentially force you to have unit tests. This is one part of a strategy to prevent you from hurting or killing people with your code. The rest of the “unregulated” embedded software world should take note of this approach.

With the rise of the Internet of things (IoT), our society is increasingly dependent on embedded devices connected to the Internet. In the future, the reliability and security of the software that runs these devices is only going to become more critical. There may not be a compelling business case for it now, but customers—and perhaps new regulators—are going to increasingly demand it. Test-first software can be one strategy to help us deal with this challenge.


This article appears in Circuit Cellar 318.


Matt Chernosky wants to help you build better embedded software—test-first with TDD. With years of experience in the automotive, industrial, and medical device fields, he’s excited about improving embedded software development. Learn more from Matt about getting started with embedded TDD at electronvector.com.

New Scalable Biometric Sensor Platform for Wearables and the IoT

Valencell and STMicroelectronics recently launched a new development kit for biometric wearables. Featuring STMicro’s compact SensorTile turnkey multi-sensor module and Valencell’s Benchmark biometric sensor system, the platform offers designers a scalable solution for designers building biometric hearables and wearables.

The SensorTile IoT module’s specs and features:

  • 13.5 mm × 13.5 mm
  • STM32L4 microcontroller
  • Bluetooth Low Energy chipset
  • a wide spectrum of MEMS sensors (accelerometer, gyroscope, magnetometer, pressure, and temperature sensor)
  • Digital MEMS microphone

Valencell’s Benchmark sensor system’s specs and features:

  • PerformTek processor communicates with host processor using a simple UART or I2C interface protocol
  • Acquires heart rate, VO2, and calorie data
  • Standard flex connector interface

Source: Valencell

Smart Home Reference Designs for IoT Device Development

Silicon Labs recently launched two new wireless occupancy sensor and smart outlet reference designs for the home automation. FCC and UL-precertified, the reference designs comprise hardware, firmware, and software tools that enable you to develop Internet of Things (IoT) systems based on Silicon Labs’s ZigBee “Golden Unit” Home Automation (HA 1.2) software stack and multiprotocol Wireless Gecko SoC portfolio. Both reference designs include Silicon Labs’s EFR32MG Mighty Gecko SoC.SiliconLabs Ref Design

 

The occupancy sensor reference design is a precertified ZigBee HA 1.2 solution featuring a wirelessly connected passive IR sensor along with ambient light and temperature/relative humidity sensors from Silicon Labs. The compact occupancy sensor’s battery-powered design provides up to five years of operation. The sensor’s detection range extends up to approximately 40′ with a 90° viewing window.

The smart outlet reference design is a precertified solution for a wirelessly controlled outlet plug. You can use it to power and control a wide variety of home and building automation products. Powered by an AC main-voltage line, the smart outlet communicates wirelessly to ZigBee mesh networks. It features the following: built-in diagnostics and metering with a user-friendly web interface; an AC voltage range of 110 to 240 V for global use along with a robust 15-A load current; and integrated high-accuracy sensors (ambient light and temperature/humidity).

 

Silicon Labs’s occupancy sensor and smart outlet reference designs are currently available. The RD-0078-0201 occupancy sensor reference design costs $49. The RD-0051-0201 smart outlet reference design costs $119. (All prices USD MSRP.)

Source: Silicon Labs

Mini Multi-Sensor Module for Wearables & IoT Designs

STMicroelectronics’s miniature SensorTile sensor board of its type comprises an MEMS accelerometer, gyroscope, magnetometer, pressure sensor, and a MEMS microphone. With the on-board low-power STM32L4 microcontroller, the SensorTile can be used as a sensing and connectivity hub for developing products ranging from wearables to Internet of Things (IoT) devices.

The 13.5 mm × 13.5 mm SensorTile features a Bluetooth Low-Energy (BLE) transceiver including an onboard miniature single-chip balun, as well as a broad set of system interfaces that support use as a sensor-fusion hub or as a platform for firmware development. You can plug it into a host board. At power-up, it immediately starts streaming inertial, audio, and environmental data to STMicro’s BlueMS free smartphone app.

Software development is simple with an API based on the STM32Cube Hardware Abstraction Layer and middleware components, including the STM32 Open Development Environment. It’s fully compatible with the Open Software eXpansion Libraries (Open.MEMS, Open.RF, and Open.AUDIO), as well as numerous third-party embedded sensing and voice-processing projects. Example programs are available (e.g., software for position sensing, activity recognition, and low-power voice communication).

The complete kit includes a cradle board, which carries the 13.5 mm × 13.5 mm SensorTile core system in standalone or hub mode and can be used as a reference design. This compact yet fully loaded board contains a humidity and temperature sensor, a micro-SD card socket, as well as a lithium-polymer battery (LiPo) charger. The pack also contains a LiPo rechargeable battery and a plastic case that provides a convenient housing for the cradle, SensorTile, and battery combination.

SensorTile kit’s main features, specs, and benefits:

  • Cradle/expansion board with an analog audio output, a micro-USB connector, and an Arduino-like interface that can be plugged into any STM32 Nucleo board to expand developers’ options for system and software development.
  • Programming cable
  • LSM6DSM 3-D accelerometer and 3-D gyroscope
  • LSM303AGR 3-D magnetometer and 3-D accelerometer
  • LPS22HB pressure sensor/barometer
  • MP34DT04 digital MEMS microphone
  • STM32L476 microcontroller
  • BlueNRG-MS network processor with integrated 2.4-GHz radio

Source: STMicroelectronics

New Bluetooth 5-Ready SoC Offers Increased Range, Bandwidth, & Security

Nordic Semiconductor’s new Bluetooth 5-ready nRF52840 SoC is well suited for smart home, advanced wearables, and industrial IoT applications. In addition to supporting 802.15.4, it’s capable of delivering Bluetooth low energy (BLE) wireless connectivity with up to 4× the range or 2× the raw data bandwidth (2 Mbps) compared with the BLE implementation of Bluetooth 4.2Nordic nRF52840

The nRF52840 SoC’s features, specs, and benefits:

  • Features a 64-MHz, 32-bit ARM Cortex M4F processor employed on Nordic’s nRF52832 SoC
  • A new radio architecture with on-chip PA boosting output power considerably, and extending the link budget for “whole house” applications, a doubling of flash memory to 1 MB, and a quadrupling of RAM memory to 256 KB
  • Support for Bluetooth 5, 802.15.4, ANT, and proprietary 2.4-GHz wireless technologies
  • A full-speed USB 2.0 controller
  • A host of new peripherals (many with EasyDMA) including a quad-SPI
  • Operates from power supplies above 5 V  (e.g., rechargeable battery power sources)
  • Incorporates the ARM CryptoCell-310 cryptographic accelerator offering best-in-class security for Cortex-M based SoCs. Extensive crypto ciphers and key generation and storage options are also available.

Nordic released the S140 SoftDevice and associated nRF5 SDK with support for Bluetooth 5 longer range and high throughput modes in December 2016. Engineering samples and development kits are now available. Production variants of the nRF52840 will be available in Q4 2017.

Source: Nordic Semiconductor