Security assurance schemes for IoT devices

The Internet of Things has become widespread, and various things have been networked. The same is true for automobiles, and control using a network called a connected car has come to be performed. On the other hand, cases have been reported in which a malicious attacker remotely controls a car. In order to respond to such social issues, it is important to ensure that security functions work.

JISEC (Japan Information Technology Security Evaluation and Certification Scheme) is explained as an example of an existing security evaluation and certification scheme. This is based on the system for certifying IT products based on the international security evaluation standard ISO / IEC 15408 (Common Criteria: CC). In JISEC, the supplier presents the procurement requirements to the product provider and the vendor of the applicant using the security requirement specification PP. Vendors publish the Security Design Specification (ST) and request an evaluation agency to evaluate it in order to self-declare that their security product meets this requirement. Based on the criteria set by Common Criteria, the evaluation organization evaluates the validity and accuracy of the security functions as a third party and compiles it as a report. The certification body verifies this evaluation report, confirms that the evaluation was conducted based on CC, and issues the certification report and certificate if the criteria are met. This is the existing security assessment and authentication scheme.

CC has a proven track record in smart cards, but CC may not always be sufficient when it comes to security assurance schemes for edge devices. Reasons include difficulty in guaranteeing security as a system, not a direct standard for measuring the degree of security, and cost and time. We recognize that it is important for society to consider what kind of infrastructure is needed to build a security guarantee scheme for application to edge devices in each IoT industry such as electronic payment, industrial equipment, and automobiles. We think that there are things such as developing evaluation technology while keeping an eye on the latest trends in cryptographic implementation attacks, and clarifying the scope of security guarantees in order to reduce the impact on the time and cost of the vendor side.
This research team comprehensively researches papers on hardware security presented at major international conferences in order to evaluate the security of IoT devices equipped with advanced cryptographic modules that are expected to play a role as a root of trust. However, the attack targets and attack methods are organized as attack types and aggregated as a vulnerability DB. By inputting this vulnerability DB to the European Association of Evaluation and Certification Organizations, etc., we are contributing to the setting of evaluation criteria. By utilizing such internationally standard evaluation criteria, we expect that the security specifications of IoT products manufactured by vendors can be ensured to be comprehensive and valid.

At the IC chip layer, we aim to ensure that the security functions on IoT devices can be utilized. Through these research and development, by realizing a security guarantee scheme for the root of trust of IoT devices, we will provide security services that can reliably utilize low power consumption and high security cryptographic functions. We aim to build a foundation for development at a reasonable cost.

Paper

  • Hirotaka Yoshida, Kenji Yamaya, SeongHan Shin, Yasuyoshi Uemura, “A Proposal of Security Evaluation for Microcontroller-Based IoT Devices” ICCC conference October 2021