In-brief: Warning that the IoT ecosystem also comes with increased security risks, expanding the attack surface and increasing the need to protect assets, Intel announced changes to its IoT platform and development portfolio.
Chip maker Intel has upgraded its Internet of Things (IoT) platform to address security issues that may affect connected infrastructure, the company said this week.
Warning that the IoT ecosystem also comes with increased security risks, expanding the attack surface and increasing the need to protect assets, Intel announced changes to its IoT platform and development portfolio. The new features, many built around Intel’s Quark processors, will allow companies to sense motion and subtle changes in the function of machinery and match patterns with user-defined actions.
“If a pump starts vibrating in a certain pattern, you can tell it to slow down, speed up, shut down,” said CEO Brian Krzanich during the presentation.
Intel has unveiled new Quark chip processors – a line of low power chips for wearables and other embedded devices. Among other things, the Quark chips contain pattern matching capabilities that enable more complex kinds of alerting and data gathering.
The company also introduced two free, cloud-connected IoT operating systems, one for micro controllers: Wind River Rocket. The other is for application development: Wind River Pulsar Linux, which is based on the open-source Yocto embedded build system.
Speaking to the issue of securing connected infrastructure, Chris Young, Senior Vice President of Intel Security Group, said that “it now becomes an asset protection problem” in addition to an availability or unauthorized access problem. “I can bring down your plant, if it’s fully connected,” Intel Security Group VP added.
Young gave the example of an attacker targeting a car driving at high speed, when a response to illegal changes translates to instant protection in order to prevent physical damage, rather than identifying the problem and applying a correction.
To address the issue, Intel proposes an end-to-end security model built around a concept defined as the “threat/defense lifecycle.” It comprises features for protecting the environment against attacks, improving detection of an anomaly, and creating an appropriate response to the problem.
Achieving this type comprehensive protection requires full understanding of how security is implemented in the connected devices, covering everything from applications and firmware to software and updates.
Included in this approach is EPID (Enhanced Privacy ID) hardware-based technology, which was announced at IDF (Intel Developer Forum) in August. The architecture permits authenticating devices in the network that are part of a legitimate group, at the same time maintaining the privacy of the individual, if such need arises.
EPID is integrated into the processor and allows establishing trust with smart devices. To make its functionality more clear, Young offered the example of someone stopping at a smart traffic light, whose identity would remain anonymous while the device would continue to detect the vehicle and manage traffic, as intended.
Intel’s goal is to design security models for verticals, as each environment comes with its particularities, and make them available for both new types of endpoints as well as traditional ones, even if they are outside the corporate network. By choosing a cloud-oriented technology, the chip maker believes that the model can function efficiently even outside the traditional network.
Intel has been a leading player in promoting security for the Internet of Things. It is a top supporter – with Cisco, GE and Samsung – of the Open Internet Consortium, which has more than 100 members and promotes an open source approach to innovation on IoT. In August, the company announced a partnership with the National Science Foundation to fund research into securing cyber-physical systems connected to the Internet of Things devices.
The company has also partnered with The Atlantic Foundation that called for better security within the healthcare field for connected medical devices.