TimesEV
TimesEV
TimesEV
TimesEV
TimesEV
TimesEV
More
    HomeEV BusinessVeridify, Overcoming the challenges of OT security in building automation with an...

    Veridify, Overcoming the challenges of OT security in building automation with an STM32

    Despite popular belief, it is possible to secure legacy embedded systems properly, even if they lack today’s iron-clad cryptographic capabilities, the latest protections, or expansive computational units. In a nutshell, that’s what Veridify Security, a member of the ST Partner Program, promises with Device Ownership Management and Enrollment (DOME™) solution. The technology provides secure device-to-device communication without needing hands-on onboarding procedures, powerful microcontrollers, or access to a cloud. The video below demonstrates DOME’s capabilities in the context of ST control units for cars. Today, we’ll see how Veridify Security is tackling a new challenge: operational technology (OT) and building automation.

    Table of Contents

    OT security and building automation

    What is OT?

    The Gartner Glossary defines operational technology as the “hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes, and events.” While, as the name implies, information technology (IT) focuses on data manipulation and dissemination, OT concerns the tracking and the governance of systems with physical impacts, such as grids, manufacturing plants, transportation systems, and more. Consequently, as Adam Hahn of Washington State University explains1, “OT security focuses almost exclusively on availability and safety.” As Hahn explains, while protecting the integrity, confidentiality, and availability of data is still critical, just like in IT, OT must also guard physical processes to ensure their safety, environment, dependencies, and regulation.

    Failure to properly secure OT can lead to catastrophic effects. Hahn gives the example of the explosion of a gasoline pipeline that took place in Bellingham, Washington, USA, in 1999. The supervisory control and data acquisition (SCADA) system regulating the infrastructure suddenly became unavailable, which caused the gasoline inside the pipeline to ignite, leading to a massive explosion that took the lives of three people and was responsible for massive physical and environmental damage. Moreover, there are countless attacks that receive a lot less coverage but still have catastrophic effects. For instance, in 2016, a hack took down the central heating system in two apartment buildings in Finland for more than a week in the middle of winter.

    Indeed, while most in the industry understand the importance of securing major infrastructures, like pipelines, many vastly overlook residential buildings. However, attacking such infrastructure could compromise lighting, heating, cooling, security controls, and more. Put simply, the case studies above demonstrate the critical nature of OT security, which is why Veridify Security is now turning to building automation, a domain vastly overlooked due to inherently complex challenges.

    What are the inherent challenges to securing building automation?

    One of the biggest challenges when bringing security to building automation is to overcome ignorance by educating owners and managers. For instance, the 2020 pandemic revealed significant security flaws in many buildings’ operational technologies that had been historically ignored. Consequently, it is critical to provide solutions that help change mindsets. There are also technical challenges inherent to building automation, such as a lack of encryption. In many instances, data is transmitted in plain text. Consequently, anyone with a basic network sniffer could intercept the information and use it to hack the system, creating massive disruptions. Additionally, the lack of common certifications worldwide further complicates the creation of a standard security solution.

    Veridify Security: DOME on STM32

    How to protect legacy solutions?

    The thermostat demo running the DOME from the Veridify Security library on an STM32

    Veridify Security explained that it created a DOME library for STM32 microcontrollers to solve this challenge. For instance, recent demos showed a DOME Sentry.

    In a nutshell, the product from Veridify serves as an intermediary between the network and an unsecured legacy smart thermostat to protect it from attacks. As the ST Authorized Partner explained, the large memory and development ecosystem of the STM32 microcontroller vastly helped development operations. The company used ST’s low-level libraries to create firmware that’s as close to the bare metal as possible. Moreover, to ensure DOME runs on the broadest gamut of STM32 devices, Veridify Security doesn’t rely on cryptographic accelerators or other hardware IPs.

    How to create new solutions?

    The same demo also showed a smart thermostat using the DOME library. The configuration is far more unusual and demonstrates how new products can adopt the technology immediately. In this instance, the thermostat application and the security system ran on an STM32H7. Traditionally, smart home systems don’t integrate extensive security mechanisms because they would require more powerful processors that would significantly increase the bill of materials. However, in this instance, Veridify is showing how an STM32 MCU can easily run the control system and the DOME library for far greater security. Additionally, developers don’t have to worry about cloud access or onboarding mechanisms since DOME doesn’t require any of them, thus reducing overall costs.

    Author: STMicroelectronics

    Read the full article at https://blog.st.com/veridify/

     

    Himanshu Vaibhav
    Himanshu Vaibhavhttps://www.timesev.com/
    Himanshu Vaibhav is a distinguished Technology Journalist associated with ELEtimes.com and TimesEV.com. With expertise in researching, writing, and editing, he demonstrates a deep understanding of technology, particularly in the EV industry. His continuous updates on EV, Automotive, and E-mobility industries reflect his commitment to staying at the forefront of emerging trends.

    Related Post

    Most Popular

    Best Picks

    Aimil Ltd.: Setting the Benchmark for Instrumentation Solutions at Auto EV India 2023

    Aimil Ltd., an ISO 9001:2015 certified company with a heritage tracing back to 1932, holds a prominent position as a leading provider of cutting-edge...

    Electrify Your Future: A Thriving Career in the E-Mobility...

    In an era where sustainability and innovation reign supreme, the E-Mobility sector has emerged as the driving force behind a transformative shift in the...

    X0115ML, the smallest SCR now supports a surge peak...

    Author: STMicroelectronics The X0115ML is our first compact silicon control rectifier (SCR) for ground fault circuit interrupters (GFCIs) and arc-fault circuit interrupters (AFCIs) that can withstand a...

    Exploring the Future of Electronics: Unveiling the Power of...

    In a recent interview conducted by technology journalist Himanshu Vaibhav of eletimes.com and timesev.com, Dr. John W. Mitchell, President & CEO of IPC, discussed...

    Navigating Defense Challenges: Insights from Chris Peters, USPAE Founding...

    In a recent interview conducted by technology journalist Himanshu Vaibhav from eletimes.com and timesev.com, Mr. Chris Peters, the Founding Executive Director of the U.S....

    Driving Innovation: Cientra’s Leadership in Automotive and Telecom Technology...

    Cientra stands as a prominent leader in the realm of technology solutions. Consistently, they innovate and advance their proprietary technologies to cater to the...

    STM32Wx microcontrollers is an ideal fit for RF designers...

    The STM32Wx microcontrollers enable wireless connectivity supporting the sub-GHz band and the 2.4 GHz frequency range. STM32 Wireless MCUs are highly integrated and reliable...

    Tsuyo’s Vision for Future Manufacturing: Incorporating Emerging Technologies and...

    Tsuyo Manufacturing is deeply committed to offering highly reliable, robust, and durable products designed to withstand a wide range of exposure and service conditions...

    Revamp Moto’s Vision for Advanced EV Features and Industry...

    Revamp Moto is a dynamic and forward-thinking electric vehicle (EV) startup, firmly committed to providing sustainable and adaptive E-mobility solutions. Their primary focus centres...

    Must Read