Earlier this week, Semiconductor Engineering interviewed Paul Kocher, president and chief scientist of the Rambus Cryptography division, about various security risks associated with the rapidly evolving Internet of Things (IoT).
According to Kocher, there are three primary trends the security industry needs to be cognizant of.
“One is that we’re putting more and more features in devices. This is what’s driving all the value in the electronics industry, but all of those features bring complexity, and with complexity comes bugs. Our brains aren’t capable of making enormously complex, perfectly bug-free anything, whether it’s software or books or anything,” he explained.
“We also have an exponential growth in the number of devices in these tech ecosystems. And we have rapid growth in the value of the information that’s on the devices. These are great trends on one level, but each of them creates problems. More features means more bugs, more devices mean more targets, and more value for the good guys means more opportunity for the bad guys to monetize what’s in these systems.”
As Kocher emphasizes, the number of breaches and related security incidents will continue to increase as long as the above-mentioned trends aren’t addressed.
“This year is worse than last year. Next year will be worse than this year. There isn’t any immediate technological solution that will stop these trends,” he said.
“From a big-picture perspective, we’re seeing more rapid growth in the consequences of insecurity than the value of the new features. If we can’t make the Internet-connected toaster more useful, it’s not a better toaster than one that isn’t connected. It’s really a question of how we reduce the risk.”
The problem, says Kocher, is that the current hardware paradigm provides less-than-stellar foundations for security, with chip architecture historically focused on maximizing functionality.
“We provide ways of achieving certain functionality but have very poor ways of regulating it. There are exceptions like NXP’s security chip, for example. If you add a security chip you can get a separate compartment, as well. But in general we’re just one software bug away from total compromise, and in a few cases we’re two or three bugs away,” he continued.
“We’ve pushed the complexity of the device far beyond where we can reasonably hope to secure them and we have to fix this. It will require fixes in the hardware so that the software developers can be human and make mistakes and it still doesn’t allow your toaster to burn down your house.”
The reality, Kocher concludes, is that the industry is still more concerned with making a chip work than securing it.
“[This] approach at some point has to change, but the question is how bad does it have to get before people really care,” he added. “[Of course], it also varies by market. A 20-year-old car might be a perfectly good car. But you wouldn’t want to run your connected critical infrastructure on Windows 95.”