In 1979, I was pretty sure I could unplug a phone in the top floor of a 7-story building, throw it out the window, go down and pick it up from the sidewalk, carry it into a different building, plug it in, and get it to work properly on the first try. I’d pick up the receiver, hear a dial-tone, punch (or dial) in the number of my buddy across town, and we’d be connected and talking. I’d never conceive of the need to call customer support for a problem with my phone.
My expectations for my computer in 1979 were very different. In a pristine environment with a clean power supply, I’d delicately connect and double-check everything using my pre-EE super-powers. Data was stored on an audio cassette, and I’d employ masterful tuning skills in finding exactly the right recording and playback levels to give me some chance of recovering my data once saved. My default expectation was that my computer wouldn’t work at all. If I managed to coax something like functionality out of it, I was very proud indeed.
Starting from roots like these, our expectations are formed for devices like telephones and computers. Throughout their history, computers have been complicated, unreliable, clunky, and obscure. We assume from the beginning that we’ll need to be on the phone with someone who knows more than we do, getting technical assistance for whatever problem we’ve bumped into most recently. In any given day, we’d never be willing to bet more than a small sum that we would have reliable computer operation for the entire day. Our expectations were low, and computers have historically done little to change them. While things have arguably gotten gradually better, we still harbor no illusions that a computer (particularly participating in a global network) is a rock-solid dependable system.
Our expectations of the telephone are coming from the other end of the spectrum and moving in the opposite direction. With the migration from landlines to cell phones, we’ve shifted from die-hard dependable communication within fixed boundaries to a platform with a plethora of issues including sketchy carriers, bad reception spots, unintelligible signals. With the addition of advanced features, we’ve also given up the simple 13-button interface (12 keys and a hook) to a complex, menu-driven, modal interface with innumerable capabilities and almost infinite impetus for consumer confusion.
Neither of these networks has been immune from abuse and security concerns. Even the most rudimentary adolescents of old quickly found ways to take advantage of the anonymity provided by the phone network. “Is your refrigerator running? … Well, you better go and catch it!” From prank calling to phone phreaking, the hostile attack exploiting the vulnerabilities of the network goes back to at least the 1950s with the phone system. With computer networks, hacking and virus attacks have been with us almost since we first started connecting computers together.
Today, we sit at the juncture of these two technological threads. Devices with cultural roots that go back to the telephone are now taking on computing and networking roles migrated from the computer network world. In both of these communities, security measures have always proved inadequate to stop determined vandals, criminals, and subversives, but here at this historic intersection, the problems are particularly prickly. Providing security for mobile embedded systems is a substantial technical and cultural challenge and one that will be a significant barrier to the proliferation of key capabilities in connected mobile devices.
“Mobile devices face unique security challenges,” says Adrian Turner, CEO of Mocana. “We are moving toward a world where non-PC devices are connecting to the network at an incredible pace, and soon networked non-PC devices will outnumber both PCs and servers.” Those unique security challenges include things like a heterogeneous computing architecture, a variety of operating systems, small memory footprints, limited storage, limited processor power, and transient network connectivity, with the device continually moving between networks. “The antivirus model used on PCs won’t work on a handset,” Turner continues. “The registry of known viruses is too large to reside on handsets, pattern-matching is impractical, and you aren’t protected against zero-day attacks [attacks for which solutions are not yet known].”
Indeed, before customers can have telephone-like confidence in their new, super-connected mobile devices, significant security challenges must be overcome. The scenario of losing your mobile device or having it fall into malicious hands is much more likely than with PCs. Before the phone-frightened public will be willing to trust these devices for their most important transactions or expose themselves to certain perceived risks, the embedded industry will have to produce a far better track record than the networked-PC folks have managed thus far. This most likely involves a level of cooperation and standardization not yet evident in the industry.
To date, the mobile phone industry has kept somewhat of a lockdown, allowing only proprietary applications of known origin to participate in any security-enabled tasks. Opening up the field for third-party applications in a multi-network environment makes the security challenge much more complex. A system of certificates is required that is both solid and flexible, allowing a device to authenticate itself on multiple networks and providing the capability for the certificate to be voided, network access prevented, and user data secured or destroyed upon an event like the detection of a hostile attack or the loss of control of a device.
The solution to security concerns will have both a device-specific component that’s embedded (the mobile handset) as well as network applications. “Security software has to be small with a high level of scalability and an event-driven asynchronous architecture,” Turner explains. “For example, Mocana’s Device Security Framework includes embedded security software as well as security capabilities delivered across the network by network applications. Mocana’s framework supports 15 different operating systems and 50 different CPUs. It takes only a couple of hours to port to a new operating system.” In the embedded mobile device world, the proliferation of platforms makes that kind of portability a requirement.
One of the key challenges of mobile security is the compute-intensive nature of cryptography. The normal solution to this is to accelerate the crypto function in hardware where it not only can be completed faster; it also offloads the application CPU and consumes less power than in software-based crypto. It is likely that crypto-acceleration IP will become standard on connected handsets.
A second ancillary security concern for mobile devices is removable storage. With a large number of mobile platforms now supporting removable media like SD flash cards, the security of the flash data becomes a concern as well. The tradeoff between interoperability and sharing of data on the one hand, and security on the other, poses another significant challenge for the industry and for the end user.
Recently, we are seeing industry alliances between security-focused companies like Mocana and hardware and OS providers like Freescale and QNX. These types of alliances will create the kind of cooperation needed to give a level of standardization to security in an industry that’s far from standardized. With the current trends toward open-source handsets being deployed with third-party application software on multiple service networks from different service providers, some level of standardization is needed to gain an acceptable level of security amidst the chaos. Our customers will demand it.