Physical and hardware security
Many IoT deployments will be in remote and isolated areas leaving sensors and edge routers vulnerable to physical attack. Additionally, the hardware itself needs modern protection mechanisms common in processors and the circuitry of mobile devices and personal electronics.
Root of Trust
The first layer of hardware security is the establishment of a Root of Trust. The Root of Trust (RoT) is a hardware-validated boot process that ensures the first executable opcode starts from an immutable source. This is the anchor of the boot process that subsequently plays a role in bootstrapping the rest of the system from BIOS to the operating system to the application. A RoT is a baseline defense against a rootkit.
Each phase validates the next phase in the boot process and builds a Chain of Trust. An RoT can have different starting methods such as:
- Boot from ROM or a non-writable memory to store the image and root key
- One-time programmable memory using fuse bits for root...
