TPM 2.0: Securing IoT Deployments at the Edge
Leaps in connectivity and the growing reliance on exhaustive data and real-time situational response have led to the explosion of the Internet of Things (IoT). Experts predict the number of deployed IoT devices to reach 73 billion by 2025. Many of these will be deployed at network outer perimeters, where powerful edge computers locally collect volumes of data connected devices transmit for storage, processing, analysis and response commands. Each component, device or sensor connected to the IoT, however, provides a fresh endpoint that malicious actors can attempt to exploit. If successful, a malicious actor may then exfiltrate or alter sensitive data, manipulate commands to physical systems, inject malware into networks, or conduct myriad other cyberattacks.
Compounding the threat of IoT compromise is the “trusted status” connected devices share on a network. The unmonitored remoteness of many edge computer deployments means that malicious actors may have opportunities to physically access a device when a network connection is unavailable. A single exploited endpoint can potentially grant malicious actors the freedom to access connected databases, wearable or implanted medical devices, automobile control system or manufacturing floors. To combat the evolving threat of increasingly-sophisticated cyberattacks, edge computer manufacturers are integrating trusted platform modules (TPMs) directly into their hardware.
What is TPM?
The Trusted Computing Group (TCG) conceived the idea of a hardware security anchor to remedy the technology vulnerabilities revealed with the rise of the Internet and e-business of the 1990s. The TPM was to be physically fixed to the device motherboard by the manufacturer, establishing a chain of trust for the product, helping to secure firmware and software that would be subsequently applied. Security features implemented at the OS level could build on the protective foundation TPMs would provide. For example, Windows 10 from Microsoft features an entire suite of security features that can be built on top of security-enabled hardware and firmware.
The module was first standardized in 2009, and TPM 1.2 provided several system safeguards:
- Identification: A unique, unalterable root key is burned into the chip that irrefutably identifies the device. This function has edge implications in device authentication.
- Encryption: TPMs use the root key to encrypt keys used for encrypting files, folders and full system disks. Space limitations in TPMs restricted their key housing to their single root key, however by lending its foundational security to further encrypt encryption keys, the resulting key products could be safely stored outside the module.
- Entropy: TPM’s have a random number generator to inject entropy into encryption functions, reducing brute-force hacking attempts to futile guesswork.
- Boot Security: While malware can operate below the OS level — avoiding software cybersecurity solutions that boot further down the line — TPMs contain Platform Configuration Registers that store measurements representative of a safe boot process. Any aberrations in these measurements cause the device to abort the boot process to enter its last known good state.
TPM 1.2 technology provided a foundational system security that manufacturers and users had been lacking. Advancements in computer processing power, however, reduced the TPM algorithm's effectiveness. The TCG responded with TPM 2.0.
Where Does TPM 2.0 Improve on TPM 1.2?
TPM 2.0 better steeled computer security by implementing several new features:
- Algorithm interchangeability: TPM 1.2 was locked into a single hash algorithm, SHA-1. When SHA-1's effectiveness became questionable, it was apparent the next standard needed to accommodate the possibility of eventual algorithm retirement. TPM 2.0 can host variety of algorithms in the event one installed becomes unserviceable against threats.
- Enhanced signature data: Basic verification signatures can now support additional information like PINs, as well as biometric and GPS data.
- Password authentication: Passwords can spare complexity and costs of authentication software in deployments where they are unnecessary to adequate protection.
- Improved key management: Keys can be delegated for limited, conditional use.
- Feature Flexibility: TPM 2.0 lets manufacturers implement only the security features the deployment requires. This flexibility allows TPM integrations in resource-constrained IoT devices.
How Do TPMs Safeguard the IoT?
TPMs can ensure the soundness of Industrial IoT (IIoT) technology integrated in facilities and within critical infrastructure. Edge computers aggregating and analyzing data in industrial deployments need to reliably perform as intended without the threat of malware or infiltration affecting processes. In these deployments, aberrant code capable of manipulating machinery may cause catastrophic kinetic responses. Properly secured industrial edge computer can prevent physical injury, equipment and product damage, and environmental harm.
In terms of information protection, TPMs are instrumental in helping organizations comply with the growing number of data privacy controls. Many controls grant “safe harbor” from costly and reputation-damaging breach reportage if accessed data was encrypted (and therefore useless to unauthorized parties). For edge computer deployments, much of the data collected from connected devices can form the basis of privacy violation suits if improperly handled, leaked or breached. Edge computers are often deployed to collect biometric data, financial information or even video images — all of which may contain personally identifiable information (PII) and/or protected health information (PHI) covered by controls like GDPR, HIPAA or PCI-DSS. TPMs enable effective encryption for this sensitive data, protecting consumers as well as those responsible for safeguarding their information.
Edge computers' ability to be deployed to environments where critical functions and data processing must be performed when hardware inaccessibility cannot be ensured makes the need for a security trust anchor essential. TPM technology established and maintains unshakable integrity for IoT connected systems. By instilling this trust anchor at the manufacturing level, edge computer providers deny malicious actors any openings through which they might wage cyberattacks.