Tuesday, June 25, 2024

Navigating the Cyber Trust Mark: A roadmap for IoT device manufacturers

Share

There are more than 15 billion IoT devices worldwide, and that number is expected to reach 29 million by 2030, with consumer products like baby monitors, smartwatches, and fridges accounting for more than half. However, connectivity comes at a cost. Data usage, privacy concerns, and cyberattacks pose a serious threat to users and manufacturers. To address this, the government has implemented a Cyber Trust Mark Program to help people easily identify products that meet security standards. The initiative provides manufacturers with a roadmap to improve security and prepare for future requirements.

A key part of The Cyber Trust Mark program is that devices must pass tests designed to ensure security and data privacy. Securing connected solutions poses a unique challenge for manufacturers. While patching a network configuration issue is simple, software is often separated from connected device design workflows. This means security testing occurs in the final stages of product design, making it harder to build security from the ground up.

Unlike computers and tablets, IoT solutions typically rely on unique operating systems with nonstandard libraries and revisions, making it challenging to test for known vulnerabilities. Comprehensive evaluation involves verifying device interfaces against multiple encryption schemes, process versions, and attack vectors. Testing all possible configurations and interfaces can help determine the types of attacks the product may be vulnerable to. But how do you do that? Below are some of the most vulnerable components and the tools, technology, and tests needed to secure them.

Vulnerability scanners enable design teams to check if onboard components are susceptible to cyberattacks. These automated tools analyze connected devices to create an inventory of all software, firmware, operating systems, code, open ports, and user credentials. After cataloging the components, the scanner cross-checks the bill of materials against known security risks, including common vulnerabilities and exposures, weak credentials, and insecure network services.

These scanners are a first line of defense; however, they’re far from exhaustive. They are best used to quickly identify common vulnerabilities that would otherwise consume the majority of testing time. This allows teams to focus on uncovering hidden issues while R&D prioritizes fixes (as required by most device security standards).

Fuzzers are systematic, automated test tools that reveal some of the most well-hidden security vulnerabilities. They inject random, corrupted, or malformed data into a software program or device stack to check if the device under test behaves unexpectedly, such as crashing, disconnecting, or producing an error message.

It’s important to note that while testers view an irregular response as a defect, cybercriminals see a window of opportunity. Since IoT solutions lack multi-layered memory protections and security mechanisms, an error forced in one part will often impact others. Should this happen, a cybercriminal could take control of the device or disable it.

Brute-force attacks are among the oldest and simplest forms of cyberattack and remain popular as many IoT products ship with weak or default passwords or the onboard firmware fails to lock after repeated failed login attempts. Web scanners provide a simple way for manufacturers to defend against these attacks. These tools can test logins over multiple services, including SSH, FTP, FTPS, telnet, and Mongo, to ensure the device uses nonstandard, unique passwords by default. In addition, they can simulate repeated login attempts to validate that the device doesn’t allow more than three to five login attempts before locking out.

SSH, TLS, and SSL analyzers are network test utilities and are critical parts of a cybersecurity compliance stack. The Cyber Trust Mark requires proof that the product uses best-practice encryption for data in transit, and network test utilities are the best way to validate this. In addition to checking that a device uses the latest version of TLS, they scan for weak cryptography ciphers and algorithms.

Like network test utilities, firmware analyzers aren’t traditional security tools. However, they’re essential for validating aspects of the Cyber Trust Mark standard related to security by design. How else can you prove a device verifies the authenticity of software updates or stores sensitive parameters in a secure manner? Scanning the device’s source code demonstrates that design teams aren’t bolting things on late in the development lifecycle. Additionally, firmware analyzers can help teams easily spot overlooked issues, such as forgotten, built-in debug passwords.

The Promise and Pitfalls of Self-Certification

The final specifications for Cyber Trust Mark certification will be released in Q4 2024. The FCC is expected to offer manufacturers multiple paths toward compliance, including sending products to a certified lab or self-certifying them. The latter option will appeal to manufacturers, as they can purchase a pre-certified, off-the-shelf solution or build their own testing setup.

It’s possible to build a custom compliance solution using the above tools. However, stringing them together requires extensive management and maintenance. Without a significant investment in configuration and automation, planning, executing, and documenting the tests for certification is challenging.

Test management starts by linking the entire tool stack into a single test harness and dashboard. An API integration ensures your test management platform always calls the right tool to execute each test. You can then build automated scripts for each test and establish pass/fail criteria aligning with certification parameters. By doing this, you garner visibility into why tests failed and how to ensure they pass.

Maintenance is critical; you need to check each tool for updates, upload the latest version, and validate their work. This includes multiple rounds of regression testing to confirm there are no configuration issues.

The Power of Compliance

Cyber Trust Mark-certified products will make an indelible impact on the market. However, it’s important to recognize that there is no right or wrong approach to compliance. The key is to prioritize the security of IoT solutions, which is a win-win for all.

Mike Hodge is Cybersecurity Solutions Lead at Keysight. A self-professed geek, he believes you don’t need pretentous jargon to write about technology. Stripping complex topics like digital twins, cybersecurity, and software development down to layman’s terms, he’s never met a story he wasn’t interested in telling. When he’s not working, you’ll typically find Mike exploring Colorado’s wilds alongside his wife and floppy-eared hounds

Read more

Local News