Those of you that have seen the original film version of The Italian Job will remember that the bank robbers interfered with the traffic lights that brought Turin to a standstill enabling them to make their getaway to Switzerland. They jammed the CCTV cameras that monitor traffic and substituted the traffic light program (on tape!) to cause widespread traffic chaos. That was filmed in the 1960s.
In the 2003 remake, a new character and computer expert called ‘Napster’ created a green wave to help the criminals evade the traffic. While this is fiction, this cyber intervention is something that is a growing threat in today’s connected world.
With more cities deploying smart IoT solutions, we risk creating environments that make us more vulnerable. Consider, for instance, a smart city scenario where street lights, traffic lights, traffic flow sensors and other devices are connected into a ‘smart city network’. Cities run the risk of each system being unable to speak to each other if they buy multiple solutions from multiple vendors. The more devices that are connected the greater the risk of introducing security vulnerabilities, leaving the network susceptible to cyber criminals.
Threats to consider
Wireless networks, essential for large-scale IoT connectivity can be overheard and interfered with. Example attack models include message injection, such as putting bogus control information into a data stream, which could be used to disable or re-sequence traffic lights; eavesdropping, where an ‘attacker’ can monitor traffic flow, store it and analyse it for later use; and node capture, where hackers take over a node and use it to control or do something else to a network.
The Mirai botnet-type attack adopted this approach where hackers scanned the Internet for unsecured IoT devices, logged in with default passwords, and then took control to instigate a massive DDoS (Distributed Denial of Service) attack that brought services to a halt. These attacks are going to become more prevalent as there are more IoT solutions in the world.
Solution – Identity is critical to security
The first step in securing an IoT network is to ensure that the IoT devices joining it are exactly who and what they say they are. This can be achieved using a cryptographically verifiable method to ensure the device identity.
The basis of ensuring device identity is the inclusion of a digital certificate in every device. The global standard for device certificates is the X.509 certificate, defined by the International Telecommunications Union (ITU) and used by many Internet and other protocols. It can be thought of as a device passport, and holds information – such as owner, manufacturer, operator – to which it binds a cryptographical public key. Each X.509 certificate uses public key infrastructure (PKI) to verify the identity of the computer or device on which the certificate is preconfigured. These certificates can hold other information, including firmware signing, which can be used to ensure that a product has not been hacked and reprogrammed.
Authentication – when a device joins a network, it will connect with an AAA (authentication, authorisation and accounting) server and exchange certificates that have been issued by a mutually trusted certificate authority. This authentication is the first step in securing the communications channel between two parties.
Many utilities have deployed and rely on large-scale wireless mesh networks, including Florida Power and Light, which initially deployed approximately 4 million smart meters in the Miami area and then some years later added 500,000 street lights on to the same network. The Wi-SUN Field Area Network (FAN) wireless mesh network is a highly secure IoT network solution for smart cities. But how a Wi-SUN FAN operates, and why it’s secure, is a topic for another article.
In short, Wi-SUN FAN mesh networks are massively scalable, resilient and secure. Supported by a robust certification programme, Wi-SUN member organisations deliver interoperable products for inclusion on FAN networks. Using digital certificates, with firmware signing, ensures that even if a device is compromised, it will be unable to adversely affect the network. Wi-SUN Alliance has established an agreement with GlobalSign, a global certificate authority, which is organised in a way to deliver very large volumes of digital certificates to Wi-SUN member companies at very low costs.
The data rate and resilience of the Wi-SUN FAN mesh network provides support for over the air upgrades, enabling manufacturers to provide support for security patches and bug fixes on a live network.
Future-proofing – Why do many cities begin with street lights in their IoT deployments?
The IoT provides a means to interconnect inanimate devices – ‘Things’ – and allows them to communicate with each other and also with a control centre. Smart Cities are deploying more IoT in their infrastructure with the aim of making them more efficient, environmentally clean and secure.
Street lighting is a great place to start in making a city ‘smart’, as the business justification for upgrading street lights to LED street lights is easily made; cities save both on operational costs and maintenance and these savings quickly offset the cost of the initial capital investment for LED street lights. Using a Wi-SUN FAN mesh for the street light communications network makes it straightforward to add further devices in the future, including traffic signals, traffic sensors, environmental monitoring, and people sensors. These additional devices can then intercommunicate, providing opportunities for local, devolved applications, such as dynamically adjusting street light levels based on the presence of traffic or pedestrians.
Copenhagen is a case in point. It began with an initial deployment of 20,000 street lights and then added traffic and people sensors. Typically brightness levels of street lights are reduced by up to 50% at night, but when a sensor detects a pedestrian or cyclist the light level is automatically increased.
There are those that attempt to promote “security through obscurity”, but that just doesn’t work. If your network is important enough, then someone will hack it. It is far more secure to use technology that’s been validated by 100s of millions of devices across global networks based on designs that have been verified by a global engineering community.
Phil Beecher, is President and CEO of the Wi-SUN Alliance. This is based on his talk at TEISS in February 2019.