Freely subscribe to our NEWSLETTER

The Internet of Things (IoT) refers to billions of objects connected to each other and to the network, which exchange data on a daily basis. The rise of IoT is a phenomenon that holds great promise for society by introducing new uses and new services in many sectors such as transportation, industry, health, etc.
However, mass deployments of connected objects and wireless networks are bound to fail if they are not supported by a comprehensive security approach that would include sophisticated system management, authentication services for connected objects, commissioning and upgrades, and monitoring of the data exchanged to ensure integrity and confidentiality. Indeed, more and more advanced cyber-attacks exploit configuration problems or vulnerabilities to take control of these objects and, for instance, to impersonate someone else, to steal information or to modify the exchanged data.

Attacks have been successfully carried out on almost all wireless communication standards in recent years (LoRaWAN, 4G, Wifi, Bluetooth, etc.).

SECURING COMMUNICATIONS AND IoT SYSTEMS

In order to meet these new challenges, the research work led by b<>com and conducted in collaboration with Secure-IC has made it possible to remove technological barriers in the field of long-range and low-power networks for the Internet of Things.

With expertise in embedded cybersecurity and a commitment to advancing a relevant normative framework, Secure-IC’s teams were focused on the security
aspects.

The main objective of the collaboration between the different partners (b<>com, Centrale-Supélec, the École Nationale Supérieure des Sciences Appliquées et de Technologie de Lannion, Orange, TDF and Secure-IC) was to identify ways to secure IoT communications and systems by developing an efficient management system for these systems (which are themselves managing entire fleets of connected devices). The results of the partnership between the two entities are applicable to the market of connected objects intended to be deployed in the field over large time periods (generally more than ten years) and with limited connectivity requirements in terms of bandwidth. Those results enable to improve existing communication technologies and to deploy innovative technologies for monitoring and analyzing security breaches, as well as the implementation of adequate countermeasures.
Beyond the scientific and technological advances, this collaboration aims to support the changes brought by the Internet of Things towards new reference systems that are essential for their security.

MODEL THE THREATS TO BETTER IMPLEMENT THE APPROPRIATE COUNTERMEASURE

Secure-IC has tackled various issues such as physical attacks (electrical, mechanical stimulation, jamming) and/or logical attacks (protocol attacks, software compromise, etc.) threatening IoT systems. Secure-IC has established a comprehensive threat model coupled with a set of countermeasures to secure Internet of Things devices, including:
? The exhaustive analysis of the vulnerability of LPWA networks and the categorization of the most probable attacks (risks and associated impacts and elaboration of attack trees) allowing to provide preventive measures and new implementations at the hardware level so that connected objects will be more resistant to physical attacks,
? The development of a security qualification and monitoring tool combining prediction, detection and remediation capabilities,
? The development experimentation helped unfold the different attack scenarios, verify the immunity of the tested networks and implement a set of countermeasures in an LPWAN and 5G context.

The collaboration with b<>com, of which Secure-IC has been a member since its creation in 2012, continues and the architecture put in place is now entering the industrialization phase. This next step consists in particular in establishing an IoT and 5G network monitoring system to detect attacks, at an early stage, in 5G and tomorrow, 6G contexts.