Yoni Kahana, Nanolock Security, explains cloud-to-flash technology and how it could help secure smart cities.
Smart cities are quickly becoming less of a sci-fi fantasy and more of a realistic blueprint for our future infrastructures. This is largely due to the increasing availability of connected, low-cost devices being sold and deployed.
IDC forecasts that worldwide spending on smart city initiatives will reach $95.8 billion in 2019. Specifically, the consultancy claims that major cities like Singapore, New York City, Tokyo and London will each invest more than $1 billion in smart cities programmes in 2019 alone.
By using connected technology such as security cameras and traffic, environmental, parking or road sensors to improve energy, transportation, public safety and more, these initiatives aim to create an integrated system that improves every person’s quality of life and makes our cities safer.
In order to maintain the safe development of smart cities, we need to make sure that they are fortified against potential cybersecurity breaches.
However, with all of these thousands of connected sensors and controllers, smart cities are increasingly susceptible to cyber-attacks. In order to maintain the safe development of smart cities, we need to make sure that they are fortified against potential cybersecurity breaches.
How do we ensure we are incorporating security measures to make cities as trustworthy and safe as they are smart?
To control and monitor all of the connected devices and applications that make up the smart city, each device needs to be connected to a Command and Control or Operational Centre that has visibility over all of the endpoints and the ability to engage, monitor and update devices and security measures, and more.
Some of these features already exist – e.g. connected traffic lights. However, with an increase in connectivity, we can only expect to see more of these connected systems in our cities in the future.
Accordingly, there is a growing need to strictly manage all of this connected technology in order to bring us into an era of smart (but safe) cities.
Just imagine what would happen if an adversary tried to compromise the system, the devices, the connectivity, or even the command centre in a smart city. It’s a particularly scary scenario to think about a hacker or terrorist organisation accessing and manipulating these systems.
While this kind of dangerous scene may seem more akin to a storyline for a futuristic action movie, the impending development of smart cities means that threats such as this will become less science fiction horror stories and more realistic dangers.
Securing smart cities against threats like this is a massive challenge. For one, the many edge devices that comprise a smart city are distributed across many miles and are exposed to the general population with limited restriction. Moreover, a smart city’s network is always expanding – and its data is always increasing.
And, because the smart city is a public environment, the network is always exposed – whether it’s a wired or wireless network (e.g. LoRa, 5G, WiFi) – making it susceptible to malicious elements.
Securing smart cities against cybersecurity threats is a massive challenge.
Economics presents another challenge. It’s clear that city planners will likely seek cost-effective solutions when taking on such a massive project as a smart city implementation. However, cost restrictions usually limit hard security controllers for edge devices and therefore could potentially compromise the city’s greater security.
To solve these security challenges, technologists will need to find a new approach that is reliable, accurate and economically feasible.
One new approach is a cloud-to-flash solution that can protect the firmware of the edge device from any unauthorised manipulation in the memory itself. By leveraging the capabilities from the processors in the edge devices themselves, cloud-to-flash security protection modifies the content of the firmware, making it impossible for malicious outsiders to access.
This proposed solution is very cost-effective, as it is a hardware solution built into the existing memory that doesn’t add additional modules to the system, and it doesn’t complicate the software integration or development as the system scales.
In addition to their complexity, smart cities are also living, breathing, evolving implementations. In other words, they must be able to scale over time. This presents yet another challenge for security.
Even after city planners have achieved an ironclad device protection platform that can resist physical and network attacks, there remains a key security obstacle: how can they maintain this level of security over time?
Planners must be able to ensure that their system is securely updated with a trusted, manageable system, for years into the future. The architecture must not only protect the network and devices from a breach but also ensure visibility of the network and enable the monitoring and management of the system.
Maintaining regular, secure updates is vital for the safety of smart cities and the people who populate them.
Maintaining regular, secure updates is vital for the safety of smart cities and the people who populate them. Most update mechanisms today are manually executed by a technician but this requires a connection with the edge device, which raises the concern that any remote update could increase the risk of attack and manipulation of the device.
Moreover, updates with this current model are expensive, which means they tend to be less frequent.
However, fewer updates mean more risks for downtime scenarios and increased potential for all the data that the edge devices send to the command centre to be compromised.
Thus, it is critical to require a secure update mechanism that will enable remote updates, in addition to a management platform that is trustworthy.
The smart cities market is expected to grow at a Compound Annual Growth Rate (CAGR) of 18.4 per cent until 2023 and Strategy Analytics predicts that there will be 38.6 billion connected devices by 2025.
This growth must be matched with security advances. In order to achieve the goal of making smart cities a reality, we must identify a new security approach that can both manage smart city’s complexities and facilitate a trustworthy management and update mechanism, and cloud-to-flash protection is quickly emerging as one viable option for security in industrial, automotive, and IoT markets.
Cloud-to-flash protection enables IoT device manufacturers to configure their mechanisms for secure updates and trustworthy management throughout a product’s entire lifecycle.
Cloud-to-flash protection enables IoT device manufacturers to configure their mechanisms for secure updates and trustworthy management throughout a product’s entire lifecycle. By creating a secure channel between the cloud and the flash memory in the edge device, it is possible to send a secure update all the way from the cloud to the flash memory in a device, regardless of the status of the network, the status of the processor or the version installed in the flash.
This secure channel can also be used to send status reports from the flash memory back to the management server to indicate when something looks harmful, when there is a breach, if someone needs to be quarantined, or even if an attack has been prevented.
Cloud-to-flash protection also provides status on the downtime of the device, the version, the latest update and more. Most importantly, all of this information can be trusted, as it cannot be manipulated by the software on the processor – even if it’s compromised.
You might also like: