GSMA IoT Security Assessment Framework

Dominique Lazanski, GSMA

Lets Focus on the Smart City as an Example

The Aim is to Enhance the Lives of Citizens

The Diversity of Potential Smart City Services is Huge…

IoT Big Data

Harmonised data sets from multiple sources available to developers and third parties through common APIs.

As a Result the IoT Attack Surface Becomes Very Large…

Insurance

Navigation/Entertainmen

t

Health system

Car OEM

City traffic control

Generic Cloud Platform

Transmit accident info

Transmit patient information

Identify and authenticate ambulance

Cellular

Cellular LPWA

Illustrative Example

Collect data generated by devices and users in the network

Manage relationship between identities

Share device data history to authorised 3rd parties (user consent)

Attacks on servers

Attacks on networks

Real time data on patient health

Attacks on devices & sensors

Identify, authenticate, authorise device to the network

Identify, authenticate, authorise device to the network

Remote provision of credentials

Identify, authenticate and authorise user to device

Share driver history to authorised 3rd

parties (user consent)

Repair shop

Emergency call

Authorise sharing of patient medical history

Identify, authenticate and authorise user to device

Security

Big data

Threats

The IoT Model

IoT Big Data

Harmonised data sets from multiple sources available to developers and third parties through common APIs.

However:Services Will Be Built Using Common Building Blocks and Attack Vectors Are Limited

Does Encryption Solve It?

IoT Big Data

Harmonised data sets from multiple sources available to developers and third parties through common APIs.

However:Services Will Be Built Using Common Building Blocks and Attack Vectors Are Limited

Encryption

So For Most Services We Can Apply Generic Guidelines…

IoT Big Data

Harmonised data sets from multiple sources available to developers and third parties through common APIs.

Security Principles

Security by DesignPrivacy by DesignEnd to EndCradle to Grave

Evaluate Technical ModelReview Security ModelAssign Security Tasks

Review Component RiskImplementationOngoing Lifecycle

www.gsma.com/iotsecurity

CLP.13

CLP.11

CLP.12 CLP.14

IoT SecurityAssessment

IoT SecurityAssessment

Process Checklist

CLP.17 CLP.19

Focus on the Key Security Challenges

AVAILABILITY IDENTITY PRIVACY INTEGRITY

LOW COMPLEXITY LOW POWER LONG LIFECYCLES PHYSICALLY ACCESSIBLE

Ensuring constant connectivity between Endpoints and their

respective services

Authenticating Endpoints, services, and the customer or

end-user operating the Endpoint

Reducing the potential for harm to individual end-users.

Ensuring that system integrity can be verified, tracked, and

monitored.

Low processing capability.Small amounts of memory.Constrained operating system.

No permanent power supplyPossibly permanent, but limited power supply.

Requires cryptographic design that lasts a lifetime.Manage security vulnerabilities which can’t be patched within the endpoint.

Access to local interfaces inside the IoT endpoint.Hardware components and interfaces potential target of attackers.

How to ensure

In services and devices that are

Critical RecommendationsFor IoT Service Platforms• 5.1 Implement a Service Trusted Computing Base• 5.2 Define an Organizational Root of Trust• 5.3 Define a Bootstrap Method• 5.4 Define a Security Infrastructure for Systems Exposed to the

Public Internet• 5.5 Define a Persistent Storage Model• 5.6 Define an Administration Model• 5.7 Define a Systems Logging and Monitoring Approach• 5.8 Define an Incident Response Model• 5.9 Define a Recovery Model• 5.10 Define a Sunsetting Model• 5.11 Define a Set of Security Classifications• 5.12 Define Classifications for Sets of Data Types• etc

For IoT Device Endpoints• 6.1 Implement an Endpoint Trusted Computing Base• 6.2 Utilize a Trust Anchor• 6.3 Use a Tamper Resistant Trust Anchor• 6.4 Define an API for Using the TCB• 6.5 Defining an Organizational Root of Trust• 6.6 Personalize Each Endpoint Device Prior to Fulfilment• 6.7 Minimum Viable execution Platform (Application Roll-Back)• 6.8 Uniquely Provision Each Endpoint• 6.9 Endpoint Password Management• 6.10 Use a Proven Random Number Generator• 6.11 Cryptographically Sign Application Images• 6.12 Remote Endpoint Administration• 6.13 Logging and Diagnostics• 6.14 Enforce Memory Protection• 6.15 Bootloading Outside of Internal ROM• 6.16 Locking Critical Sections of Memory• 6.17 Insecure Bootloaders• etc

Critical Recommendation: Trusted Computing Base

Critical Recommendation: Trusted Computing Base

Secure Hardware ElementSecure Hardware Element

Secure IdentitySecure Identity

Cryptographic FunctionsCryptographic FunctionsCredentials

TrustAnchor

Critical Recommendation: Trusted Computing Base

Isolated Environment

security

Secure Hardware ElementSecure Hardware Element

Secure IdentitySecure Identity

Cryptographic FunctionsCryptographic FunctionsCredentials

TrustAnchor

But How to Prove You are Secure?

Do I Have A Secure

Service?

DiverseUse Cases

Generic Building Blocks

Generic Security

Best Practice

Diverse Security Features

www.gsma.com/iotsa

GSMA IoT Security Assessment –The Next Step

15

Generic and Flexible

Covers security controls for the whole ecosystem

Establishes concise framework with consistent terminology

Provides a structured approach

Fits into a Supply Chain Model

Enables companies to explain the security measures they have taken to

protect their products and services from cybersecurity risk

A new approach to IoT Security evaluation

www.gsma.com/iotsa

IoT Security Assessment

Structured 

Referenced to Guidelines

Concise Questions

www.gsma.com/iotsa

GSMA IoT Security Assessment – How it Works

www.gsma.com/iotsa

Security Assessment Realising Real Value……

• Led by the Port Authority of Seville and Telefónica, the Tecnoport 2025 project uses IoT solutions to improve the efficiency of transport and logistics in South West Spain.

• This case study is shows how, using the GSMA IoT Security Assessment scheme, important security issues were resolved and new security measures were implemented.

www.gsma.com/iot/securing-port-future/

A Flexible IoT Security Framework is Key to Allow Service Diversity

FLEXIBILITY

Only flexible IoT security processes and recommendations can address the huge diversity in IoT services that will come to market in the next few years

www.gsma.com/iotsa

Other IoT Security Resources

IoT SecuritySelf-Assessment

IoT SecuritySelf-Assessment

Connection Efficiency Guidelineshttp://www.gsma.com/connectedliving/iot-connection-efficiency-guidelines-v4/

IoT SecuritySelf-Assessment

IoT SecuritySelf-Assessment

Solutions to Enhance IoT Authentication Using SIM Cardshttp://www.gsma.com/connectedliving/iot-connection-efficiency-guidelines-v4/

“Securing the Port of the Future” Case StudyExplains the benefits of the GSMA IoTSecurity Assessment Schemehttp://www.gsma.com/connectedliving/securing-port-future/

LPWA Technology Security Comparisonhttps://goo.gl/qO1xer