SlideShare a Scribd company logo

5G and IoT Security

N
NUS-ISS

This document discusses the integration of 5G technology with Internet of Things (IoT) security, highlighting the potential of 5G to enhance connectivity for IoT applications. It emphasizes the urgency of addressing security vulnerabilities in IoT devices and networks, with many existing applications currently lacking adequate security measures. The document also outlines the roles of various stakeholders, including system owners, product developers, and security professionals, in creating a comprehensive secure ecosystem for 5G and IoT.

Technology
1 of 80
Downloaded 74 times
1
2
3
4
5
6
7
Most read
8
9
10
11
12
13
14
15
16
17
18
19
Most read
20
Most read
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
5G and IoT Security Nicholas Ho, NUS-ISS Ng Kok Leong, NUS-ISS 11 August 2020 #ISSLearningFest
Agenda • Introduction to IoT & 5G – Dr Nicholas Ho • 5G and IoT Security – Ng Kok Leong #ISSLearningFest
Introduction to IoT & 5G Nicholas Ho, NUS ISS 11 August 2020 #ISSLearningFest
About Nicholas Ho • nicholas.ho@nus.edu.sg • Lecturer at NUS ISS; Courses covered include: Envisioning Smart Urban IoT Solutions Humanizing Smart Systems Autonomous Robots and Vehicles • BEng and PhD degree from School of Mechanical Engineering, NUS • Specialized in architecture, design & development Internet-of-Things (IoT) & Cyber-Physical System (CPS) Augmented/Virtual Reality Artificial Intelligence #ISSLearningFest
Contents • What is IoT? • Possible IoT Involvement in Autonomous Systems? • Introduction to 5G • 5G Involvement in the IoT Realm #ISSLearningFest
What is IoT? This section will enable you to briefly understand what IoT is and its applications #ISSLearningFest
Introducing Internet-of-Things (IoT) What is IoT? Internet connects all people, so it is called “the Internet of People” IoT connects all things, so it is called “the Internet of Things” Remember the key elements of IoT: 1. Connect devices 2. Process (i.e. data collection, analysis and management) 3. Act #ISSLearningFest
IoT Example 1: Tado° Smart Thermostat #ISSLearningFest Source: https://www.youtube.com/ watch?v=lYUmnxndHg4
IoT Example 1: Tado° Smart Thermostat #ISSLearningFest • Full features • Full controls • More potential usability issues • Little features • Limited controls • Less potential usability issues
IoT Example 2: Berg Cloud Wash #ISSLearningFest Source: https://vimeo.com/87522764 Mechanical Washing Machine Panel Cloud- connected Washing Machine Panel School of thought: What major problem could IoT possibly solve?
Opportunities in the IoT Realm #ISSLearningFest
Possible IoT Involvement in Autonomous Systems? This section will explain how IoT can be involved within autonomous robots and within autonomous vehicles in the far future #ISSLearningFest
IoT Application Example in Autonomous Robots #ISSLearningFest Source: https://www.youtube.com/ watch?v=Mog3UgQvHIo Is IoT crucial in the autonomous movement here? In which areas IoT is crucial within this autonomous security robot?
Current Autonomous Vehicle (AV) System #ISSLearningFest Source: https://www.youtube.com/ watch?v=x4jg4E7LrZE Is IoT crucial in the autonomous driving here?
IoT can Help Shape the AV Industry #ISSLearningFest Interaction model for IoT-based ecosystem for an autonomous vehicle
IoT can Help Shape the AV Industry (Cont) #ISSLearningFest Is the current technology good enough that we can implement this concept? Why or Why Not? What's the solution to this problem?
Introduction to 5G This section will enable you to briefly understand what 5G is and its applications #ISSLearningFest
What is 5G? #ISSLearningFest 5G uses radio waves or radio frequency (RF) energy to transmit and receive voice and data connecting our communities 5G = 5th generation of mobile networks, an advanced version of the 4G LTE networks Designed to meet the very large growth in data and connectivity of today’s modern society, IoT with billions of connected devices, and tomorrow’s innovations 5G will initially operate in conjunction with existing 4G networks before evolving to fully standalone networks in subsequent releases and coverage expansions
Summarized Advantages of 5G 1. High bandwidth (how big is the “data door”? Affects the data speed) • At least 1GB/s 2. Low latency (how fast can the data move from one source to another?) • Can be as low as 1 ms response time 3. Dense connections (how many devices can be connected at the same time?) • Can connect up to 100 times more than 4G allows • Highly supports mass IoT adoption #ISSLearningFest
5G vs 4G vs 3G #ISSLearningFest
Some of the Technologies that Made 5G Possible #ISSLearningFest Millimeter Waves (spectrum above 6 GHz) Small Cell Networks (Limited range per small cell [aka mini base station]: 10 meters to a few hundred meters)
Applications of 5G #ISSLearningFest 5G will provide the speed, low latency and connectivity to enable a new generation of applications, services and business opportunities that have not been seen before
5G Involvement in the IoT Realm This section will explain how 5G can be involved within the IoT World in future #ISSLearningFest
5G Supporting a Smart City #ISSLearningFest Source: https://www.sageautomation.com /blog/what-will-5g-mean-for- smart-city-transport-infrastructure
5G Supporting Urban Farming IoT #ISSLearningFest https://www.channelnewsasia.com/news/singapore/covid10-singapore-food- security-farming-innovation-12649468 5G could also play an important role to sustain and ensure feasibility of Urban Farming operations in SG
5G Supporting VR/AR Systems #ISSLearningFest https://www.hollywoodreporter.com/behind-screen/fifa- world-cup-bbc-testing-live-vr-hdr-streaming-1115756 https://cnalifestyle.channelnewsasia.com/travel/ virtual-reality-travel-12601122
SUMMARY - Key Element of 5G & IoT • While the internet connects all people, IoT connects all things • Key elements of IoT: Connect, Process, Act • AVs are unable to fully rely on the current LTE networks for driving purposes because of its insufficient levels of real-time capability and robustness of connectivity. Hence, the need for 5G • 5G is an advanced version of the 4G LTE networks; known as the 5th generation of mobile networks • Main advantages of 5G include: (a) High bandwidth (b) Low latency, and (c) Dense connections • 5G plays a very crucial role, especially for IoT applications within the communities and businesses/industries in the future #ISSLearningFest
5G and IoT Security Ng Kok Leong, NUS-ISS 11 August 2020 #ISSLearningFest
About Ng Kok Leong • kokleong@nus.edu.sg • Lecturer at NUS ISS; Courses covered include: Information Systems Security (ISC2 CISSP) Cloud Security (ISC2 CCSP) Systems Security (ISC2 SSCP) Security Architecture IoT Security • Master degree in Computer Science & Information Systems, NUS • Master degree in Business Administration, University of Melbourne #ISSLearningFest
Community effort to establish a secure 5G/IoT ecosystem #ISSLearningFest
2017: 80% of IoT apps left unsecured #ISSLearningFestSource: www.iottechnews.com
2020: 83% of IoT transaction are not secure #ISSLearningFestSurce: www.zscaler.com
Security by design – what happen? #ISSLearningFestImage: www.uscybersecurity.net
Now, add autonomous systems & 5G #ISSLearningFest Image: www.cpomagazine.com Increase insecurity ! Solution?
IoT ecosystem #ISSLearningFest Cloud Service Providers (AWS, Azure) IoT IoT / Gateway Short range (BLE, ZigBee, 5G) Long range (NB-IoT, Sigfox, 4G/5G) Devices Network Applications
5G Security Standards - Examples • Inherited protection since 3G • Mutual authentication between device and network • Integrity protection of signaling • Incorporate IPsec, EAP, TLS • Network slicing #ISSLearningFest
5G Security Issue – Deployment Model #ISSLearningFest Non-Standalone (NSA) deployment Standalone (SA) deployment Image: gsma.com
5G Security Issue - Standards #ISSLearningFestImage: ericsson.com
5G Security Issue – More Software #ISSLearningFest Image: infocus.delltechnologies.com • 5G network utilizes NFV and SDN. Going software will increase attack surface at telecom backend. • Telecom operator will have to ensure setup and operation are secured.
CVE registered vulnerability trend, Oct 2019 #ISSLearningFest Image: https://portswigger.net Software Challenges • Many high profile compromises, local and abroad, can trace the root causes to inadequate practices of security controls. • To address a software backend, 5G telecom operator has allocate adequate resources to gain assurance in cyber security.
IoT Network – short range & long range #ISSLearningFestImage: www.embien.com Protocol standard creators design security into zigbee protocol, sigfox protocol etc.
Network equipment #ISSLearningFest Equipment product builders develop security into ZigBee equipment, Sigfox equipment, 5G equipment etc Image: www.elprocus.com http://v14.thingsboard.io
Expect vulnerability • Vulnerability from design flaw and implementation flaw. • Known and unknown vulnerability. #ISSLearningFest • On defense side, • Discover and mitigate vulnerability • Build in multiple layers of defense, e.g. Vulnerability != compromise Preventive => Detective => Corrective
IoT ecosystem #ISSLearningFest Cloud Service Providers (AWS, Azure) IoT IoT / Gateway Short range (BLE, ZigBee, 5G) Long range (NB-IoT, Sigfox, 4G/5G) Devices Network Applications
AWS Cloud: MQTT over TLS #ISSLearningFestYoutube.com “Connecting Digi XBee3 Cellular to AWS IoT with MQTT”
Azure Cloud: CoAP over DTLS #ISSLearningFestImage: https://blog.cloudflare.com
OSCORE: application layer protection #ISSLearningFestImage: https://www.u-blox.com OSCORE protects the application layer request/response message between the endpoints.
IoT ecosystem #ISSLearningFest Cloud Service Providers (AWS, Azure) IoT IoT / Gateway Short range (BLE, ZigBee, 5G) Long range (NB-IoT, Sigfox, 4G/5G) Devices Network Applications
IoT device #ISSLearningFest Image: https://mitechnews.com IoT product builders develop security into IoT device
Mirai attack #ISSLearningFestImage: www.fortinet.com Has IoT devices became more secured?
IoT device #ISSLearningFest Researcher & Security Specialist Image: accdocket.com Who discover new vulnerability and attack vector?
Autonomous System security issues #ISSLearningFest Eykholt et al. (2018). Physical Adversarial Examples for Object Detectors. Examples, • Use physical adversarial patch to cause failure to see stop sign (refer image on left). • Fake sensor information to confuse neighboring vehicle.
IMDA IoT Cyber Security Guidelines #ISSLearningFest Examples of clauses, 1) Secure remote management of devices including support software / firmware updates using cryptographically secure methods. 2) Employ proper key management (generation, exchange, storage, use, destruction, replacement, etc) techniques 3) Establish hardware root of trust. 4) Employ anti-tamper mechanisms for resistance, evidence, detection, and / or response.
Constrained Devices #ISSLearningFestImage: www.cisoplatform.com Security features commonly found in gateways and smart devices cannot to be assumed to be available in constrained devices.
Secure firmware update #ISSLearningFest Image: www.slideshare.net/ARMHoldings/
Trustzone Technology #ISSLearningFestSource: K5_Addressing_IoT_and_Embedded_Security_at_the_Chip_Level_Roni.pdf Arm Trustzone technology provides a cost-effective methodology to isolate security critical components in a system, by hardware separating a rich OS, from a much smaller secure OS
Trustzone Technology #ISSLearningFestImage: https://www.trustonic.com Provide hardware- based root of trust
Trustzone Technology Example: Netflix #ISSLearningFestImage: http://itersnews.com/?p=44991
Trustzone Technology Example: Samsung Pay #ISSLearningFest
“secure” chip for autonomous system #ISSLearningFestSource: ARM “how to make autonomous vehicle a reality with Arm”
ARM Processor Architecture #ISSLearningFestImage: www.anandtech.com
ARM Processor Architecture: M series Processor Usage Trustzone Tamper Resistance Cortex-M0 Smallest Arm processor available Cortex-M0+ Smallest footprint & lowest power requirements of Cortex-M processors Cortex-M1 Optimised for FPGA design Cortex-M3 Exceptional 32-bit performance with low power consumption Cortex-M4 Control and performance for mixed signal devices Cortex-M7 Highest performance Cortex-M processor Cortex-M23 Smallest and lowest power microcontroller with TrustZone security √ Cortex-M33 Ideal blend of real-time determinism, efficiency and security √ Cortex-M35P The first Armv8-M processor with tamper resistance built in √ √ Cortex-M55 Arm’s most AI-capable Cortex-M processor √ #ISSLearningFest
Chip with Trustzone for constrained IoT #ISSLearningFestSource: https://www.nuvoton.com/products/microcontrollers/arm-cortex-m23-mcus/ Micro chip for IoT with TRUSTZONE feature has became available; which provides Root of Trust. Hence, facilitating secure firmware update.
IMDA IoT Cyber Security Guidelines #ISSLearningFest Examples of clauses, 1) Secure remote management of devices including support software / firmware updates using cryptographically secure methods. 2) Employ proper key management (generation, exchange, storage, use, destruction, replacement, etc) techniques 3) Establish hardware root of trust. 4) Employ anti-tamper mechanisms for resistance, evidence, detection, and / or response. √ √
Hardware Root of Trust #ISSLearningFest Image: www.semanticscholar.org
Hardware Root of Trust #ISSLearningFest Image: www.synopsys.com
ARM Processor Architecture: M35P #ISSLearningFest Source: https://www.zdnet.com/article/arm-launches- cortex-m35p-processor-to-bring-security-to-silicon/
Chip with Trustzone for constrained IoT, since 2018 #ISSLearningFest Source: https://community.arm.com/developer/ip-products/processors/trustzone-for-armv8- m/b/blog/posts/microchip-release-first-arm-cortex-m23-based-chip- SAML11 has trustzone and crypto accelerators (AES, SHA), secure boot and secure key storage with added chip-level tamper detection capabilities, to establish a hardware root of trust and secure bootloader for secure firmware upgrades.
IMDA IoT Cyber Security Guidelines #ISSLearningFest Examples of clauses, 1) Secure remote management of devices including support software / firmware updates using cryptographically secure methods. 2) Employ proper key management (generation, exchange, storage, use, destruction, replacement, etc) techniques 3) Establish hardware root of trust. 4) Employ anti-tamper mechanisms for resistance, evidence, detection, and / or response. √ √ √ ?
FIPS 140-2 certification levels (IoT) • Security level 1 • Physical security cryptographic module has at least one approved security function or approved algorithm. • Security level 2 • Capability to illustrate evidence of tampering. • Security level 3 • Capability to detect access attempts and responding • Security level 4 • Capability to trigger immediate zeroization of all plaintext critical security parameters. #ISSLearningFest
FIPS 140-2 certification levels (Cloud) #ISSLearningFest https://aws.amazon.com/cloudhsm/ https://azure.microsoft.com/en-us/services/azure-dedicated-hsm/ To put in perspective, the Hardware Secure Module used in cloud is at level 3.
IMDA IoT Cyber Security Guidelines #ISSLearningFest Examples of clauses, 1) Secure remote management of devices including support software / firmware updates using cryptographically secure methods. 2) Employ proper key management (generation, exchange, storage, use, destruction, replacement, etc) techniques 3) Establish hardware root of trust. 4) Employ anti-tamper mechanisms for resistance, evidence, detection, and / or response. √ √ √ ?
IoT product builder • Do they have the tools to build, Secure firmware update? Secure key management? Hardware root of trust? Detect tamper at chip level (FIPS 140-2 level 2)? What % of IoT devices in the market are “secured by design”? #ISSLearningFest
5G & IoT security, where are the weak links? #ISSLearningFest
System owner: Define End-to-End security #ISSLearningFestImage: www.gadgeon.com
System owner: Where are the trust boundaries? #ISSLearningFestImage: www.engineering.com
Security goes beyond technology #ISSLearningFest Image: www.complianceforge.com Security professional Operation Audit Who ensure cyber security is being addressed holistically when deployed to enterprise?
Community effort to establish a secure 5G/IoT ecosystem #ISSLearningFestEnd-to-end security Security professional, Operation, Audit Protocol standard creator, Equipment product developer IoT product developer Application / Cloud Service Provider (shared responsibility model)
Thank You! Nicholas.ho@nus.edu.sg kokleong@nus.edu.sg #ISSLearningFest
Give Us Your Feedback #ISSLearningFest Day 1 Programme Festival Experience

More Related Content

PDF
Telecom Security in the Era of 5G and IoT
PositiveTechnologies
 
PPTX
IoT Security
Peter Waher
 
PDF
Current Trends in Internet of Things (IOT)
Dr. Mazlan Abbas
 
PPTX
IoT security
YashKesharwani2
 
PDF
IOT Security
Sylvain Martinez
 
PPTX
Iot(security)
Shreya Pohekar
 
PPTX
Endpoint Security Pres.pptx
NBBNOC
 
PDF
Overview of IoT and Security issues
Anastasios Economides
 
Telecom Security in the Era of 5G and IoT
PositiveTechnologies
 
IoT Security
Peter Waher
 
Current Trends in Internet of Things (IOT)
Dr. Mazlan Abbas
 
IoT security
YashKesharwani2
 
IOT Security
Sylvain Martinez
 
Iot(security)
Shreya Pohekar
 
Endpoint Security Pres.pptx
NBBNOC
 
Overview of IoT and Security issues
Anastasios Economides
 

What's hot (20)

PPTX
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
PositiveTechnologies
 
PPT
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
PDF
IoT Security
Narudom Roongsiriwong, CISSP
 
PDF
Signaling security essentials. Ready, steady, 5G!
PositiveTechnologies
 
PDF
SS7 Vulnerabilities
PositiveTechnologies
 
PPTX
Security issues and solutions : IoT
Jinia Bhowmik
 
PDF
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
PDF
IoT Connectivity
Hitesh Mohapatra
 
PDF
Endpoint Security
Ahmed Hashem El Fiky
 
PDF
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
PPTX
Iot Security, Internet of Things
Bryan Len
 
PPTX
Wi Fi Security
yousef emami
 
PPSX
Next-Gen security operation center
Muhammad Sahputra
 
PDF
5G Security Briefing
3G4G
 
PDF
6G: Potential Use Cases and Enabling Technologies
3G4G
 
PDF
IoT Security: Problems, Challenges and Solutions
Liwei Ren任力偉
 
PPTX
presentation on Edge computing
sairamgoud16
 
PPTX
Presentation on 5G security
RanjitUpadhyay4
 
PPTX
Wifi Security
Shital Kat
 
PDF
Building A Security Operations Center
Siemplify
 
5G SA security: a comprehensive overview of threats, vulnerabilities and rem...
PositiveTechnologies
 
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
IoT Security
Narudom Roongsiriwong, CISSP
 
Signaling security essentials. Ready, steady, 5G!
PositiveTechnologies
 
SS7 Vulnerabilities
PositiveTechnologies
 
Security issues and solutions : IoT
Jinia Bhowmik
 
Cybersecurity Roadmap Development for Executives
Krist Davood - Principal - CIO
 
IoT Connectivity
Hitesh Mohapatra
 
Endpoint Security
Ahmed Hashem El Fiky
 
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Iot Security, Internet of Things
Bryan Len
 
Wi Fi Security
yousef emami
 
Next-Gen security operation center
Muhammad Sahputra
 
5G Security Briefing
3G4G
 
6G: Potential Use Cases and Enabling Technologies
3G4G
 
IoT Security: Problems, Challenges and Solutions
Liwei Ren任力偉
 
presentation on Edge computing
sairamgoud16
 
Presentation on 5G security
RanjitUpadhyay4
 
Wifi Security
Shital Kat
 
Building A Security Operations Center
Siemplify
 
Ad

Similar to 5G and IoT Security (20)

DOCX
5G_Upload.docx
Sun Technologies
 
DOCX
5G report 2
IGDTUW
 
PPTX
Evolution of Mobile Communication(1G-6G) and IoT
Md.Imtiaz Ahmed
 
PPTX
Introduction to IoT by Vectolabs
Vectolabs Technologies Sdn Bhd
 
PDF
5 g as a service (5gaas)
Luke Wang
 
PPTX
Presentation.pptx
ajaygreat321
 
PDF
What Makes 5G Network Different - Digital Nasional Berhad
DigitalNational
 
PDF
5G Network
DigitalNational
 
PDF
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
IRJET Journal
 
PPTX
India_has_made_massive_growth_in_the_global[1][1].pptx
ajaygreat321
 
PDF
How to deal with the impact of digital transformation on networks
Abaram Network Solutions
 
DOCX
Migration from 4G to 5G: A Complete synopsis guide on 4G to 5G migration.
Utkarsh Jaiswal
 
PDF
IoT with 5G-Network
Belal Ashraf
 
PDF
Ericsson Technology Review: Spotlight on the Internet of Things
Ericsson
 
PDF
Nanotechnology in 5G Wireless Communication Network: An Approach
IRJET Journal
 
PDF
What is the future of IoT connectivity.pdf
Ciente
 
PDF
The Future of 6G Wireless Networks Opportunities, Requirements, and Challenge...
ijtsrd
 
PDF
Defining Future 5G Networks - All Slides
Digital Catapult
 
PDF
Wi-Fi Controlled Car
IRJET Journal
 
PDF
Gemalto Review: 5G Feature
Nexus Publishing
 
5G_Upload.docx
Sun Technologies
 
5G report 2
IGDTUW
 
Evolution of Mobile Communication(1G-6G) and IoT
Md.Imtiaz Ahmed
 
Introduction to IoT by Vectolabs
Vectolabs Technologies Sdn Bhd
 
5 g as a service (5gaas)
Luke Wang
 
Presentation.pptx
ajaygreat321
 
What Makes 5G Network Different - Digital Nasional Berhad
DigitalNational
 
5G Network
DigitalNational
 
SECURING AND STRENGTHENING 5G BASED INFRASTRUCTURE USING ML
IRJET Journal
 
India_has_made_massive_growth_in_the_global[1][1].pptx
ajaygreat321
 
How to deal with the impact of digital transformation on networks
Abaram Network Solutions
 
Migration from 4G to 5G: A Complete synopsis guide on 4G to 5G migration.
Utkarsh Jaiswal
 
IoT with 5G-Network
Belal Ashraf
 
Ericsson Technology Review: Spotlight on the Internet of Things
Ericsson
 
Nanotechnology in 5G Wireless Communication Network: An Approach
IRJET Journal
 
What is the future of IoT connectivity.pdf
Ciente
 
The Future of 6G Wireless Networks Opportunities, Requirements, and Challenge...
ijtsrd
 
Defining Future 5G Networks - All Slides
Digital Catapult
 
Wi-Fi Controlled Car
IRJET Journal
 
Gemalto Review: 5G Feature
Nexus Publishing
 
Ad

More from NUS-ISS (20)

PDF
Designing Impactful Services and User Experience - Lim Wee Khee
NUS-ISS
 
PDF
Upskilling the Evolving Workforce with Digital Fluency for Tomorrow's Challen...
NUS-ISS
 
PDF
The Importance of Cybersecurity for Digital Transformation
NUS-ISS
 
PDF
Architecting CX Measurement Frameworks and Ensuring CX Metrics are fit for Pu...
NUS-ISS
 
PDF
Understanding GenAI/LLM and What is Google Offering - Felix Goh
NUS-ISS
 
PDF
Digital Product-Centric Enterprise and Enterprise Architecture - Tan Eng Tsze
NUS-ISS
 
PDF
Emerging & Future Technology - How to Prepare for the Next 10 Years of Radica...
NUS-ISS
 
PDF
Beyond the Hype: What Generative AI Means for the Future of Work - Damien Cum...
NUS-ISS
 
PDF
Supply Chain Security for Containerised Workloads - Lee Chuk Munn
NUS-ISS
 
PDF
Future of Learning - Yap Aye Wee.pdf
NUS-ISS
 
PDF
Future of Learning - Khoong Chan Meng
NUS-ISS
 
PPTX
Site Reliability Engineer (SRE), We Keep The Lights On 24/7
NUS-ISS
 
PDF
Product Management in The Trenches for a Cloud Service
NUS-ISS
 
PDF
Overview of Data and Analytics Essentials and Foundations
NUS-ISS
 
PDF
Predictive Analytics
NUS-ISS
 
PDF
Feature Engineering for IoT
NUS-ISS
 
PDF
Master of Technology in Software Engineering
NUS-ISS
 
PDF
Master of Technology in Enterprise Business Analytics
NUS-ISS
 
PDF
Diagnosing Complex Problems Using System Archetypes
NUS-ISS
 
PPTX
Satisfying the ‘-ilities’ of an Enterprise Cloud Service
NUS-ISS
 
Designing Impactful Services and User Experience - Lim Wee Khee
NUS-ISS
 
Upskilling the Evolving Workforce with Digital Fluency for Tomorrow's Challen...
NUS-ISS
 
The Importance of Cybersecurity for Digital Transformation
NUS-ISS
 
Architecting CX Measurement Frameworks and Ensuring CX Metrics are fit for Pu...
NUS-ISS
 
Understanding GenAI/LLM and What is Google Offering - Felix Goh
NUS-ISS
 
Digital Product-Centric Enterprise and Enterprise Architecture - Tan Eng Tsze
NUS-ISS
 
Emerging & Future Technology - How to Prepare for the Next 10 Years of Radica...
NUS-ISS
 
Beyond the Hype: What Generative AI Means for the Future of Work - Damien Cum...
NUS-ISS
 
Supply Chain Security for Containerised Workloads - Lee Chuk Munn
NUS-ISS
 
Future of Learning - Yap Aye Wee.pdf
NUS-ISS
 
Future of Learning - Khoong Chan Meng
NUS-ISS
 
Site Reliability Engineer (SRE), We Keep The Lights On 24/7
NUS-ISS
 
Product Management in The Trenches for a Cloud Service
NUS-ISS
 
Overview of Data and Analytics Essentials and Foundations
NUS-ISS
 
Predictive Analytics
NUS-ISS
 
Feature Engineering for IoT
NUS-ISS
 
Master of Technology in Software Engineering
NUS-ISS
 
Master of Technology in Enterprise Business Analytics
NUS-ISS
 
Diagnosing Complex Problems Using System Archetypes
NUS-ISS
 
Satisfying the ‘-ilities’ of an Enterprise Cloud Service
NUS-ISS
 

Recently uploaded (20)

PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Approach and Philosophy of On baking technology
30anthuong17
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 

5G and IoT Security

  • 1. 5G and IoT Security Nicholas Ho, NUS-ISS Ng Kok Leong, NUS-ISS 11 August 2020 #ISSLearningFest
  • 2. Agenda • Introduction to IoT & 5G – Dr Nicholas Ho • 5G and IoT Security – Ng Kok Leong #ISSLearningFest
  • 3. Introduction to IoT & 5G Nicholas Ho, NUS ISS 11 August 2020 #ISSLearningFest
  • 4. About Nicholas Ho • nicholas.ho@nus.edu.sg • Lecturer at NUS ISS; Courses covered include: Envisioning Smart Urban IoT Solutions Humanizing Smart Systems Autonomous Robots and Vehicles • BEng and PhD degree from School of Mechanical Engineering, NUS • Specialized in architecture, design & development Internet-of-Things (IoT) & Cyber-Physical System (CPS) Augmented/Virtual Reality Artificial Intelligence #ISSLearningFest
  • 5. Contents • What is IoT? • Possible IoT Involvement in Autonomous Systems? • Introduction to 5G • 5G Involvement in the IoT Realm #ISSLearningFest
  • 6. What is IoT? This section will enable you to briefly understand what IoT is and its applications #ISSLearningFest
  • 7. Introducing Internet-of-Things (IoT) What is IoT? Internet connects all people, so it is called “the Internet of People” IoT connects all things, so it is called “the Internet of Things” Remember the key elements of IoT: 1. Connect devices 2. Process (i.e. data collection, analysis and management) 3. Act #ISSLearningFest
  • 8. IoT Example 1: Tado° Smart Thermostat #ISSLearningFest Source: https://www.youtube.com/ watch?v=lYUmnxndHg4
  • 9. IoT Example 1: Tado° Smart Thermostat #ISSLearningFest • Full features • Full controls • More potential usability issues • Little features • Limited controls • Less potential usability issues
  • 10. IoT Example 2: Berg Cloud Wash #ISSLearningFest Source: https://vimeo.com/87522764 Mechanical Washing Machine Panel Cloud- connected Washing Machine Panel School of thought: What major problem could IoT possibly solve?
  • 11. Opportunities in the IoT Realm #ISSLearningFest
  • 12. Possible IoT Involvement in Autonomous Systems? This section will explain how IoT can be involved within autonomous robots and within autonomous vehicles in the far future #ISSLearningFest
  • 13. IoT Application Example in Autonomous Robots #ISSLearningFest Source: https://www.youtube.com/ watch?v=Mog3UgQvHIo Is IoT crucial in the autonomous movement here? In which areas IoT is crucial within this autonomous security robot?
  • 14. Current Autonomous Vehicle (AV) System #ISSLearningFest Source: https://www.youtube.com/ watch?v=x4jg4E7LrZE Is IoT crucial in the autonomous driving here?
  • 15. IoT can Help Shape the AV Industry #ISSLearningFest Interaction model for IoT-based ecosystem for an autonomous vehicle
  • 16. IoT can Help Shape the AV Industry (Cont) #ISSLearningFest Is the current technology good enough that we can implement this concept? Why or Why Not? What's the solution to this problem?
  • 17. Introduction to 5G This section will enable you to briefly understand what 5G is and its applications #ISSLearningFest
  • 18. What is 5G? #ISSLearningFest 5G uses radio waves or radio frequency (RF) energy to transmit and receive voice and data connecting our communities 5G = 5th generation of mobile networks, an advanced version of the 4G LTE networks Designed to meet the very large growth in data and connectivity of today’s modern society, IoT with billions of connected devices, and tomorrow’s innovations 5G will initially operate in conjunction with existing 4G networks before evolving to fully standalone networks in subsequent releases and coverage expansions
  • 19. Summarized Advantages of 5G 1. High bandwidth (how big is the “data door”? Affects the data speed) • At least 1GB/s 2. Low latency (how fast can the data move from one source to another?) • Can be as low as 1 ms response time 3. Dense connections (how many devices can be connected at the same time?) • Can connect up to 100 times more than 4G allows • Highly supports mass IoT adoption #ISSLearningFest
  • 20. 5G vs 4G vs 3G #ISSLearningFest
  • 21. Some of the Technologies that Made 5G Possible #ISSLearningFest Millimeter Waves (spectrum above 6 GHz) Small Cell Networks (Limited range per small cell [aka mini base station]: 10 meters to a few hundred meters)
  • 22. Applications of 5G #ISSLearningFest 5G will provide the speed, low latency and connectivity to enable a new generation of applications, services and business opportunities that have not been seen before
  • 23. 5G Involvement in the IoT Realm This section will explain how 5G can be involved within the IoT World in future #ISSLearningFest
  • 24. 5G Supporting a Smart City #ISSLearningFest Source: https://www.sageautomation.com /blog/what-will-5g-mean-for- smart-city-transport-infrastructure
  • 25. 5G Supporting Urban Farming IoT #ISSLearningFest https://www.channelnewsasia.com/news/singapore/covid10-singapore-food- security-farming-innovation-12649468 5G could also play an important role to sustain and ensure feasibility of Urban Farming operations in SG
  • 26. 5G Supporting VR/AR Systems #ISSLearningFest https://www.hollywoodreporter.com/behind-screen/fifa- world-cup-bbc-testing-live-vr-hdr-streaming-1115756 https://cnalifestyle.channelnewsasia.com/travel/ virtual-reality-travel-12601122
  • 27. SUMMARY - Key Element of 5G & IoT • While the internet connects all people, IoT connects all things • Key elements of IoT: Connect, Process, Act • AVs are unable to fully rely on the current LTE networks for driving purposes because of its insufficient levels of real-time capability and robustness of connectivity. Hence, the need for 5G • 5G is an advanced version of the 4G LTE networks; known as the 5th generation of mobile networks • Main advantages of 5G include: (a) High bandwidth (b) Low latency, and (c) Dense connections • 5G plays a very crucial role, especially for IoT applications within the communities and businesses/industries in the future #ISSLearningFest
  • 28. 5G and IoT Security Ng Kok Leong, NUS-ISS 11 August 2020 #ISSLearningFest
  • 29. About Ng Kok Leong • kokleong@nus.edu.sg • Lecturer at NUS ISS; Courses covered include: Information Systems Security (ISC2 CISSP) Cloud Security (ISC2 CCSP) Systems Security (ISC2 SSCP) Security Architecture IoT Security • Master degree in Computer Science & Information Systems, NUS • Master degree in Business Administration, University of Melbourne #ISSLearningFest
  • 30. Community effort to establish a secure 5G/IoT ecosystem #ISSLearningFest
  • 31. 2017: 80% of IoT apps left unsecured #ISSLearningFestSource: www.iottechnews.com
  • 32. 2020: 83% of IoT transaction are not secure #ISSLearningFestSurce: www.zscaler.com
  • 33. Security by design – what happen? #ISSLearningFestImage: www.uscybersecurity.net
  • 34. Now, add autonomous systems & 5G #ISSLearningFest Image: www.cpomagazine.com Increase insecurity ! Solution?
  • 35. IoT ecosystem #ISSLearningFest Cloud Service Providers (AWS, Azure) IoT IoT / Gateway Short range (BLE, ZigBee, 5G) Long range (NB-IoT, Sigfox, 4G/5G) Devices Network Applications
  • 36. 5G Security Standards - Examples • Inherited protection since 3G • Mutual authentication between device and network • Integrity protection of signaling • Incorporate IPsec, EAP, TLS • Network slicing #ISSLearningFest
  • 37. 5G Security Issue – Deployment Model #ISSLearningFest Non-Standalone (NSA) deployment Standalone (SA) deployment Image: gsma.com
  • 38. 5G Security Issue - Standards #ISSLearningFestImage: ericsson.com
  • 39. 5G Security Issue – More Software #ISSLearningFest Image: infocus.delltechnologies.com • 5G network utilizes NFV and SDN. Going software will increase attack surface at telecom backend. • Telecom operator will have to ensure setup and operation are secured.
  • 40. CVE registered vulnerability trend, Oct 2019 #ISSLearningFest Image: https://portswigger.net Software Challenges • Many high profile compromises, local and abroad, can trace the root causes to inadequate practices of security controls. • To address a software backend, 5G telecom operator has allocate adequate resources to gain assurance in cyber security.
  • 41. IoT Network – short range & long range #ISSLearningFestImage: www.embien.com Protocol standard creators design security into zigbee protocol, sigfox protocol etc.
  • 42. Network equipment #ISSLearningFest Equipment product builders develop security into ZigBee equipment, Sigfox equipment, 5G equipment etc Image: www.elprocus.com http://v14.thingsboard.io
  • 43. Expect vulnerability • Vulnerability from design flaw and implementation flaw. • Known and unknown vulnerability. #ISSLearningFest • On defense side, • Discover and mitigate vulnerability • Build in multiple layers of defense, e.g. Vulnerability != compromise Preventive => Detective => Corrective
  • 44. IoT ecosystem #ISSLearningFest Cloud Service Providers (AWS, Azure) IoT IoT / Gateway Short range (BLE, ZigBee, 5G) Long range (NB-IoT, Sigfox, 4G/5G) Devices Network Applications
  • 45. AWS Cloud: MQTT over TLS #ISSLearningFestYoutube.com “Connecting Digi XBee3 Cellular to AWS IoT with MQTT”
  • 46. Azure Cloud: CoAP over DTLS #ISSLearningFestImage: https://blog.cloudflare.com
  • 47. OSCORE: application layer protection #ISSLearningFestImage: https://www.u-blox.com OSCORE protects the application layer request/response message between the endpoints.
  • 48. IoT ecosystem #ISSLearningFest Cloud Service Providers (AWS, Azure) IoT IoT / Gateway Short range (BLE, ZigBee, 5G) Long range (NB-IoT, Sigfox, 4G/5G) Devices Network Applications
  • 49. IoT device #ISSLearningFest Image: https://mitechnews.com IoT product builders develop security into IoT device
  • 51. IoT device #ISSLearningFest Researcher & Security Specialist Image: accdocket.com Who discover new vulnerability and attack vector?
  • 52. Autonomous System security issues #ISSLearningFest Eykholt et al. (2018). Physical Adversarial Examples for Object Detectors. Examples, • Use physical adversarial patch to cause failure to see stop sign (refer image on left). • Fake sensor information to confuse neighboring vehicle.
  • 53. IMDA IoT Cyber Security Guidelines #ISSLearningFest Examples of clauses, 1) Secure remote management of devices including support software / firmware updates using cryptographically secure methods. 2) Employ proper key management (generation, exchange, storage, use, destruction, replacement, etc) techniques 3) Establish hardware root of trust. 4) Employ anti-tamper mechanisms for resistance, evidence, detection, and / or response.
  • 54. Constrained Devices #ISSLearningFestImage: www.cisoplatform.com Security features commonly found in gateways and smart devices cannot to be assumed to be available in constrained devices.
  • 55. Secure firmware update #ISSLearningFest Image: www.slideshare.net/ARMHoldings/
  • 56. Trustzone Technology #ISSLearningFestSource: K5_Addressing_IoT_and_Embedded_Security_at_the_Chip_Level_Roni.pdf Arm Trustzone technology provides a cost-effective methodology to isolate security critical components in a system, by hardware separating a rich OS, from a much smaller secure OS
  • 58. Trustzone Technology Example: Netflix #ISSLearningFestImage: http://itersnews.com/?p=44991
  • 59. Trustzone Technology Example: Samsung Pay #ISSLearningFest
  • 60. “secure” chip for autonomous system #ISSLearningFestSource: ARM “how to make autonomous vehicle a reality with Arm”
  • 62. ARM Processor Architecture: M series Processor Usage Trustzone Tamper Resistance Cortex-M0 Smallest Arm processor available Cortex-M0+ Smallest footprint & lowest power requirements of Cortex-M processors Cortex-M1 Optimised for FPGA design Cortex-M3 Exceptional 32-bit performance with low power consumption Cortex-M4 Control and performance for mixed signal devices Cortex-M7 Highest performance Cortex-M processor Cortex-M23 Smallest and lowest power microcontroller with TrustZone security √ Cortex-M33 Ideal blend of real-time determinism, efficiency and security √ Cortex-M35P The first Armv8-M processor with tamper resistance built in √ √ Cortex-M55 Arm’s most AI-capable Cortex-M processor √ #ISSLearningFest
  • 63. Chip with Trustzone for constrained IoT #ISSLearningFestSource: https://www.nuvoton.com/products/microcontrollers/arm-cortex-m23-mcus/ Micro chip for IoT with TRUSTZONE feature has became available; which provides Root of Trust. Hence, facilitating secure firmware update.
  • 64. IMDA IoT Cyber Security Guidelines #ISSLearningFest Examples of clauses, 1) Secure remote management of devices including support software / firmware updates using cryptographically secure methods. 2) Employ proper key management (generation, exchange, storage, use, destruction, replacement, etc) techniques 3) Establish hardware root of trust. 4) Employ anti-tamper mechanisms for resistance, evidence, detection, and / or response. √ √
  • 65. Hardware Root of Trust #ISSLearningFest Image: www.semanticscholar.org
  • 66. Hardware Root of Trust #ISSLearningFest Image: www.synopsys.com
  • 67. ARM Processor Architecture: M35P #ISSLearningFest Source: https://www.zdnet.com/article/arm-launches- cortex-m35p-processor-to-bring-security-to-silicon/
  • 68. Chip with Trustzone for constrained IoT, since 2018 #ISSLearningFest Source: https://community.arm.com/developer/ip-products/processors/trustzone-for-armv8- m/b/blog/posts/microchip-release-first-arm-cortex-m23-based-chip- SAML11 has trustzone and crypto accelerators (AES, SHA), secure boot and secure key storage with added chip-level tamper detection capabilities, to establish a hardware root of trust and secure bootloader for secure firmware upgrades.
  • 69. IMDA IoT Cyber Security Guidelines #ISSLearningFest Examples of clauses, 1) Secure remote management of devices including support software / firmware updates using cryptographically secure methods. 2) Employ proper key management (generation, exchange, storage, use, destruction, replacement, etc) techniques 3) Establish hardware root of trust. 4) Employ anti-tamper mechanisms for resistance, evidence, detection, and / or response. √ √ √ ?
  • 70. FIPS 140-2 certification levels (IoT) • Security level 1 • Physical security cryptographic module has at least one approved security function or approved algorithm. • Security level 2 • Capability to illustrate evidence of tampering. • Security level 3 • Capability to detect access attempts and responding • Security level 4 • Capability to trigger immediate zeroization of all plaintext critical security parameters. #ISSLearningFest
  • 71. FIPS 140-2 certification levels (Cloud) #ISSLearningFest https://aws.amazon.com/cloudhsm/ https://azure.microsoft.com/en-us/services/azure-dedicated-hsm/ To put in perspective, the Hardware Secure Module used in cloud is at level 3.
  • 72. IMDA IoT Cyber Security Guidelines #ISSLearningFest Examples of clauses, 1) Secure remote management of devices including support software / firmware updates using cryptographically secure methods. 2) Employ proper key management (generation, exchange, storage, use, destruction, replacement, etc) techniques 3) Establish hardware root of trust. 4) Employ anti-tamper mechanisms for resistance, evidence, detection, and / or response. √ √ √ ?
  • 73. IoT product builder • Do they have the tools to build, Secure firmware update? Secure key management? Hardware root of trust? Detect tamper at chip level (FIPS 140-2 level 2)? What % of IoT devices in the market are “secured by design”? #ISSLearningFest
  • 74. 5G & IoT security, where are the weak links? #ISSLearningFest
  • 75. System owner: Define End-to-End security #ISSLearningFestImage: www.gadgeon.com
  • 76. System owner: Where are the trust boundaries? #ISSLearningFestImage: www.engineering.com
  • 77. Security goes beyond technology #ISSLearningFest Image: www.complianceforge.com Security professional Operation Audit Who ensure cyber security is being addressed holistically when deployed to enterprise?
  • 78. Community effort to establish a secure 5G/IoT ecosystem #ISSLearningFestEnd-to-end security Security professional, Operation, Audit Protocol standard creator, Equipment product developer IoT product developer Application / Cloud Service Provider (shared responsibility model)
  • 80. Give Us Your Feedback #ISSLearningFest Day 1 Programme Festival Experience