Remy Cricco, Chairman of the SIMalliance, explores why a standardised API enabling IoT devices to easily leverage the SIM to execute security services and store credentials will deliver scalability, simplicity and trust.
The growth of connected devices is unlocking new services across M2M and consumer IoT use-cases. ABI Research predicts annual revenues from IoT services will hit $460 billion by 2026.
IoT services are enabled by devices collecting, processing and sending data, quite often sensitive or personal, to the cloud. A key factor in the widespread deployment of IoT services is the ability for key stakeholders – end users and service providers – to trust that the data gathered and transmitted to the IoT cloud is done so securely, in order to protect its integrity and the resulting integrity of the service.
Global authorities, industry bodies, governments and regulators are therefore working collaboratively towards defined IoT guidelines and mandates. This activity is particularly advanced in Europe. The General Data Protection Regulation (GDPR) defines strict penalties for device manufacturers and service providers who do not protect consumer privacy. A robust certification framework has also emerged, with the ENISA Cybersecurity Act and Eurosmart IoT Certification Scheme requiring IoT devices to undergo penetration testing from state-of-the-art independent security laboratories prior to deployment.
The challenges of remotely provisioning, managing and updating credentials across millions of different devices throughout their entire lifecycle to ensure this security and privacy are myriad. It is the ability to protect IoT data communications in a simple, standardised manner at scale, however, that has emerged as a key industry challenge.
Market fragmentation – a key challenge
Leveraging a hardware secure element (SE) as a ‘Root of Trust’ to execute security services and store security credentials is an essential step in the development lifecycle to guarantee end-to-end security for IoT products and services. It is also a key recommendation of the GSMA IoT Security Guidelines.
There are several proprietary hardware SE solutions available to deliver this root of trust, but market fragmentation introduces a key challenge. Connected devices must be modified to access security services from different SE providers, which creates significant design issues and is unsustainable at scale given the ever-increasing size and diversity of the IoT ecosystem.
The SIM on the other hand, in combination with supporting over-the-air provisioning and management infrastructure, is fully standardised. When used as the hardware Root of Trust in an IoT device, it promotes interoperability across different vendors and more consistent use by IoT device makers and service providers.
An additional advantage is that the SIM has advanced security and cryptographic features, including a securely designed central processing unit (CPU) and dedicated secure memory to store operating system programmes, keys and certificate data. This protects IoT devices from various hacking scenarios, such as cloning, physical attacks to a single device, and remote attacks from the internet to numerous devices.
Although this advanced functionality and infrastructure means the SIM can effectively function as the hardware Root of Trust in an IoT device, the fragmentation challenge is not completely removed. This is because device middleware must still be modified to enable access to the SIM services.
It was apparent, therefore, that removing this design hurdle was critical to the development of a scalable, secure IoT ecosystem.
Introducing IoT SAFE
It’s widely recognised that industry collaboration is key to promoting a secure, interoperable connected future. To further extend the capability of the SIM, GSMA and SIMalliance have partnered on IoT SAFE (IoT SIM Applet For Secure End-2-End Communication).
IoT SAFE directly addresses the significant challenge of industry fragmentation. By specifying a common API and defining a standardised way to leverage the SIM to securely perform mutual authentication between IoT device applications and the cloud, it is far easier for IoT device makers to execute security services and manage credentials across millions of devices.
And as all of the critical security functions are executed on the SIM rather than untrusted areas of the device, the robustness of the mutual authentication is assured. Also, a remote interface enables the management of the secure IoT applet throughout its lifecycle.
Delivering flexibility and maximising investments
The benefits of IoT SAFE go beyond scalability and security. For example, as security functions can be delegated to the SIM, device makers are not solely dependent on cloud provider services to secure their products and solutions.
In addition, SIMs are already widely deployed to ensure trusted connectivity across the mobile ecosystem.
Graham Trickey, Head of IoT, GSMA, said:
“For over 25 years the SIM has been the ‘Root of Trust’ for the mobile industry, its security constantly evolving over this period so that today the SIM secures over 9.4 billion cellular connected devices. IoT SAFE extends the security capabilities of the SIM even further to secure new IoT services end-to-end, underpinning a new generation of IoT services and billions of new IoT devices.”
An estimated 5.6 billion SIMs were shipped in 2018 alone, with estimated total shipments from 2013 to 2018 hitting 32 billion. This can be leveraged to deliver enhanced security for devices with minimal additional investment.