The European Union Agency for Cybersecurity (ENISA) has published its guidelines for securing the internet of things supply chain. Kaspersky ICS CERT experts were among the contributors to the development effort.
The supply chain reference model for IoT covers the entire lifecycle of IoT systems and components, from the conceptual phase to retirement. An analysis of relevant threats has been performed for each stage of the lifecycle. The document presents the findings of an analysis of risks associated with the supply chain, which was based on cutting-edge research of modern threats affecting supply chain participants, processes and technologies. This threat analysis is used to make conclusions on applicable best security practices.
We believe that all those who are interested in issues related to internet of things security will find these Guidelines helpful.
“Securing IoT solutions requires reconciling a multitude of architecture and implementation related aspects. Security should be part of the equation from the start, from the stage of creating the concept of a solution. This is particularly important for the development of new platforms and frameworks: in the process of choosing a strategy that a solution will follow in its evolution, its developers equip it with open interfaces and extended features based on various assumptions as to the future needs of users that will require more extensive functionality, ensuring compatibility with new solution components, and interaction with new external infrastructures in the rapidly evolving internet of things ecosystem. This usually results in the final solution being highly complex, while implicit and false assumptions, missed details and deferred tasks cause many security issues,” says Ekaterina Rudina, information security analysts group manager at Kaspersky ICS CERT. “Such factors as numerous connections and dependencies at the distribution and logistics stage, non-transparent logistics procedures, vulnerabilities and flaws in the network infrastructure supporting the exchange of digital assets, will make assuring a high level of security at that stage all but impossible, unless these and many other factors are taken into consideration at earlier stages.”
Based on analysis results, it is concluded that the following security strategies should be implemented:
- Forge better relationships between supply chain actors
- Continuously and comprehensively enhance the cybersecurity expertise of system developers and users
- Adopt security-by-design principles
- Adopt a comprehensive and explicit approach to security: all relevant threats should be explicitly accounted for and the corresponding measures should be explicitly taken
- Leverage existing security standards and good practices
“The most essential practice is to develop an appropriate trust model, which can then be used to implement a comprehensive approach to setting up a secure supply chain using state-of-the-art security techniques,” explains Viacheslav Zolotnikov, head of technology associations, analytics and standards at Kaspersky ICS CERT. “The trust model should have appropriate measurement mechanisms to track a system’s security throughout its lifecycle and risk management practices should include reviewing the model’s parameters every time the system is modified or reconfigured, for example as part of doing maintenance or upgrading the system. The approach to security proposed by ENISA should provide the foundation for such a trust model. Of course, there should be guarantees that, in addition to supply chains being protected, the entire system is safe and resilient by virtue of its architecture and implementation.”
The full text of the ENISA Guidelines for Securing the Internet of Things – Secure Supply Chain for IoT report is available on the ENISA website.