The importance of security in machine-to-machine (M2M) applications cannot be overstated. Many M2M applications transmit confidential information, monitor valuable assets, and control mission-critical devices. Securing these systems end-to-end is an essential task for any M2M developer or solution provider. Here are 5 things to consider prior to deployment that can help secure your application:
1) Data Encryption
Encryption is necessary for any M2M application transmitting confidential information through the network, examples include: POS system (credit card information), Usage Based Insurance (GPS coordinates & VIN#), and mHealth (patient data). Most M2M applications that utilize cellular connectivity transmit data over 3 networks: the mobile network operator (T-Mobile, Sprint, etc), the M2M operator (RACO Wireless) and the Internet. Developers must consider each segment when designing the security of the application.
The first thought of many developers who come from a wired/web world may be to simply use SSL for secure communications. However, using SSL for M2M applications can be problematic. First, many M2M devices may not have the additional processing power and memory required to support SSL. Secondly, SSL introduces more network communications overhead, resulting in additional wireless data costs.
If the device or remote host runs a fully featured operating system such as Linux, it may be possible to initiate a VPN tunnel from the device to the server. Unfortunately most M2M devices have very limited capabilities and the ability to encrypt on the device may not even be possible. Device side encryption is also very processor intensive and can deplete device battery life very quickly.
One solution is to create a site-to-site VPN tunnel from the M2M operator to the backend server’s network. This ensures encrypted data transmission over the most vulnerable segment of the network path, the Internet. A site-to-site VPN also offloads all encryption and decryption processing to powerful network appliances. There is also no increase in the amount of wireless data consumed. When choosing this solution, a developer must assume that the networks of the MNO and M2M operator are trusted and be comfortable with the encryption algorithms used to secure wireless communications between the connected endpoint and the MNO’s systems.
2) Controlling Access to the Hardware
When designing the hardware it is important that the internal components that allow for wireless connectivity be enclosed and protected. For GSM devices with removable SIM cards it is recommended that the SIM is not easily accessible. A stolen SIM could result in unexpected wireless data charges or even worse allow a hacker to have direct access to your backend application servers.
3) Monitor Device Behavior at Every Layer
Solution providers can only do so much to secure the device hardware and prevent an end user from removing the SIM. There must be monitoring systems in place to detect when such an event has occurred. Once the event has been detected a responsive action must be triggered to prevent any malicious use of the device or active SIM.
First and foremost, the backend application should have functionality in place that logs abnormalities found in the data it is receiving. If a device is programmed to send sensor data every hour but inexplicably starts sending random or malformed character strings non-stop, the system should notify systems administrators immediately and if possible block the device from communicating with the server. One advantage of having the site-to-site VPN tunnel in place between the application server and the M2M operator is that the misbehaving device will have a fixed IP address, making it easier to isolate & block.
Additionally, the M2M operator should offer alerting tools that can be used by the solution provider to assist with fraud detection and prevention. The Omega Management Suite can send alerts when a device’s data usage has surpassed a user defined threshold. If a device is consuming an abnormal amount of data one can assume the device is malfunctioning or has been compromised. OMS can also notify system administrators when a SIM’s source IMEI has changed – allowing the solution provider to know when a SIM has been transferred to another device. If an alert is detected, a developer can utilize the Omega Ricochet API’s to automatically suspend the data service associated with the impacted device(s).
4) Secure the Network
As previously mentioned, M2M application traffic will typically traverse 3 private networks managed by 3 separate organizations. It is important that each network is as secure as possible. The application developer or solution provider is encouraged to perform their own due diligence to verify that any networks managed by third parties meet the necessary security requirements. Here is a small sampling of questions that should be asked as part of the security due diligence:
1) Are all servers and network components within the organization’s network updated with the latest security patches and updates?
2) Is there a process in place to apply new patches and updates in a timely manner?
3) What model firewalls are used?
4) Is there an Intrusion Prevention System (IPS) in place?
5) Is there a DDoS defense system in place?
6) Are background checks performed on all individuals with root access to servers and network devices?
7) Are all security events logged? How long are those logs kept?
8) Is there a SIEM solution in place to provide analysis and correlation of security events?
9) How often are root passwords changed?
10) What systems are in place to secure & authorize access to physical servers and network components (PIN code, ID badge, biometrics, etc)
5) Dedicate Someone to Security
If possible, assign at least one member of the development team to be focused on the security of the application. This individual should determine any security risks present and recommend any design modifications or solutions to avoid them. It is highly recommended that this individual procure an industry standard security certification such as the Certified Secure Software Lifecycle Professional (CSSLP).
The Internet of Things is quite possibly the most exciting technology movement happening right now, but everyone must remember that we are enabling connectivity to devices and objects that weren’t connected before. Things that were isolated but secure before will now be vulnerable to a myriad of remote attacks. It is critical that all these new, exciting applications are reliable and secured.