Security is a significant challenge for the Internet of Things. In fact, it is probably the single largest challenge. IoT is – by its very nature – linked to business-critical processes, and therefore, the entire end-to-end chain must be fully secure, if it is to gain the trust of the business community.
This in itself, presents a series of challenges. IoT significantly broadens the surface of attack, due to the sheer scale and complexity of the network. By giving IP addresses to facets of business that were once closed systems, the threat level inherently increases. Every device and every sensor is a potential point of vulnerability.
Sigfox recognises the importance of security and addresses these challenges through a systematic process. The company has brought on a world-class security team, drawing on experience from the likes of Airbus, Motorola, Freescale Semiconductors, NXP, STMicroelectronics, Gemalto, and Oberthur Technologies.
The team’s disciplines are far reaching and include cyber security, device security, Hardware Security Module (HSM) usage, Public Key Infrastructure (PKI), cryptography. On top of this, Sigfox has developed key partnerships with internationally recognised security companies.
The Sigfox protocol and infrastructure is built on ‘security by design’ principles. Sigfox applies these design principles to all the components offered to Sigfox Network Operators, device manufacturers and end customers. This end-to-end methodology ensures that the complete IoT chain, including devices, network infrastructure, cloud-based services and IoT applications, remains secure.
Sigfox approach to security
The Sigfox network is unique in design and one of the most secure platforms available today. How can we be so sure? By design, Sigfox Ready devices are shielded from the internet by a very strict firewall.
While Sigfox Ready devices are IoT objects, the fact is, they do not connect directly to the Internet and do not communicate using internet protocols (TCP/IP). Moreover, Sigfox Ready devices are not permanently connected to any network or base station.
Sigfox devices operate predominantly offline, with built-in behaviours. When this behaviour requires data to be transmitted or received from the Internet, the device broadcasts a radio message. This message is picked up by several base stations and is then transferred to the Sigfox Core Network, which in turn delivers it to the relevant IoT application. If the Sigfox Ready device requires a response, the application has a limited time window to deliver the data, once again, through the Sigfox Core Network and base stations.
This network architecture effectively provides an airgap, making it impossible to maliciously access an endpoint via the internet.
Security of data in motion
Another important factor to consider is the security of data in motion. Again, the design of the Sigfox protocol provides security by default. During the manufacturing process, each Sigfox Ready device is provisioned with a symmetrical authentication key. Because the key is unique, if one device were compromised, it would have a limited impact. Every message sent or received by the device contains a cryptographic token that is computed based on this authentication key. The token is used to authenticate the sender (the Sigfox network for a downlink message or the device for an uplink message), as well as the integrity of the message. Each Sigfox message contains a sequence counter which is verified by the Sigfox Core Network in order to detect replay attempts.
Most end-point IoT devices are reliant Over The Air (OTA) patches to address security vulnerabilities. Such mechanisms are expensive to maintain and could in fact provide another point of vulnerability for hackers to exploit.
Because Sigfox devices are not IP addressable, the need for such a mechanism is redundant. This not only makes the network incredibly secure, but is one of the primary reasons why Sigfox has a lower TCO than any other IoT technology available today.
The final piece of the puzzle is encryption. Rather than trying to develop a one-size-fits all solution, Sigfox works on the basis that security is relative and should therefore be adaptable to the meet the threat requirements of any given application. For many applications, encryption is an unnecessary expense; for others, it’s critical.
Our LPWAN UK customers can therefore choose whether or not they want to use an encryption solution provided by the Sigfox protocol. The encryption technology was designed in collaboration with CEA-LETI, specifically for use with short Sigfox messages. If customers prefer, they can even use their own end-to-end encryption solutions.
Is Sigfox secure?
Sigfox and WND UK understand that in order for the Internet of Things to become truly pervasive, the entire end-to-end IoT chain must be secured. Our partners and customers must trust that devices are authorised to communicate on the network, that data is fully secured, both in motion and at rest; and that data integrity is guaranteed.
We also understand that security requirements change based on use cases and that risks must be balanced against other factors. By building security into the foundations of the protocol and network architecture, and offering optional features for those that need them, Sigfox is the most flexible and inherently secure IoT technology on the market today.