January 18, 2017

Improve IoT security by a one-way street

Mikko Peltonen

Lead Solution Architect, Security Services, Tieto

A true IoT breakthrough heavily depends on security. The lack of security standards is a well-known fact, but there are methods for protecting IoT, such as one-way networking.

Recently, several cases have painfully demonstrated how massive problems follow if poorly protected devices are connected to the internet. For example, the infamous Mirai botnet used IP cameras and DVRs to orchestrate the biggest DDoS attack ever.

Brand new devices and solutions may be less prone to attacks, as they are, hopefully, designed according to security first principles. But for industrial IoT this is not enough. There tends to be a wide mixture of machines, devices, and full automation systems representing different generations of cyber security. Connectivity becomes essential in these heterogeneous environments, as businesses go fully data-driven – and security issues must be solved rapidly.

What can be done? One method to secure critical assets is unidirectional networking. It means enabling only one-way transmission of data. In an IoT environment, data could flow only upstream from a sensored device and never the other way round.

This method is also known as a data or firewall diode. A diode is a basic concept of electronics, meaning a unidirectional electric current.

A data diode requires hardware devices and proxy servers which enforce one-way traffic only. The unidirectional flow of data is physically secured. Thus, a data diode will disconnect immediately if some hostile party tries to break it.

The power of simplicity

A data diode is certainly not a cutting-edge innovation nor a silver bullet. The idea originated in the 1960’s, and has been used in industrial control systems for more than a decade. But unidirectional networking could be utilized as a straightforward security solution for IoT as well.

For the critical infrastructure, a data diode could be the only possible method to allow connectivity in the first place. What about other use cases, both for enterprises and consumers? Could the same concept be applied?

Often, it can be perfectly OK to just get the data from the endpoints, such as sensor readings of temperatures, locations, pressures etc. There may never be any need to send data to the device or the sensor controller.

The method is simplistic, and it has several downsides. The worst problem is that data diodes are against the basic principle of TCP/IP, which has a feedback channel by default. Thus, they can not be used with any applications that require TCP.

Obviously, when a data diode is used, the sender side can never check whether the data was transmitted or not. To overcome this, an implementation typically includes software, which takes care of data integrity. Resending each transmission several times may be necessary.

Unidirectional networks prevent updating the device's software over the internet. In massive sensor networks this is a major setback, if a critical update is needed fast. Data diodes may also cause some pain in firewall configurations and they increase network complexity.

Still, I recommend the method as a valuable option, if absolute security of the perimeter must be ensured – and if it’s certain that one-way traffic fulfills the foreseeable needs. Unidirectional networking does improve security to a certain extent. At least the network can not be used as an attack vector, which is a clear benefit.

Read more how Tieto Security Services can help you manage your online security.

Stay up-to-date

Get all the latest blogs sent you now!