30.09.2014 10:55

by Rob Spiegel, Senior Editor, Automation & Motion Control

In order to keep an enterprise truly safe from hackers, cyber security has to go all the way down to the device level. Icon Labs is making the point that security has to be built into device components. Alan Grau, founder and president of Icon Labs, argues that design engineers cannot trust that the appliance or network designer, manufacturer, or network manager will be able to provide strong cyber defense.

A large enterprise network has many attack vectors to exploit. If devices are protected, they will be safe even if the big network is breeched. Currently, devices using Real Time Operating Systems (RTOS) are invisible to the enterprise’s management system. But they are visible to hackers. Icon is working to turn that around; making the device visible to the management system and invisible to the hacker.

Icon provides a suite of security solutions for OEMs that build embedded devices. The Floodgate product family provides intrusion detection and intrusion prevention capabilities that are designed specifically for use in embedded and RTOS-based devices. The products support management system integration for remote management and situational awareness. Icon also provides solutions to harden the device, secure communication channels, and block DOS attacks.

One way to protect the device is to give it the capability to alert management when it’s getting hacked. “We started to worry about situational awareness. It wasn’t there on embedded devices,” Grau told us. “If you have an embedded device and there’s an attack against that device, nobody is going to know about it. It doesn’t have the intelligence to know something is going on, and it can’t report back to the management station that something weird is going on.”

The idea for security embedded devices was spawned from a customer problem. “We had a customer with a specific denial of service problem. They had a bug that caused a packet flood. It was easier for them to have us write a device protector than to fix the bug,” said Grau. “When we fixed the bug, we realized we had a good framework for creating an embedded firewall. We started adding capability around that, and we added more pieces as we went.”

The concept behind protecting embedded devices is to take the security principles behind individual devices and apply them to embedded products. “A lot of what we’re trying to do is expand what people are trying to do to protect their desktops and then extend it to embedded devices,” said Grau.

Awareness of the importance of security has skyrocketed in recent years as headlines report intrusions almost daily. “Four or five years ago people thought, ‘This is an embedded device. Why do I need all this security?’ Now they’re beginning to recognize they need this,” said Grau. “Device makers are building devices that go into pharmaceutical plants and all sorts of control networks -- factories, oil, and gas. And even though they’re running high security, they realize that if there is a bus attack and they don’t have a firewall, they could be vulnerable.”

While Icon has developed firewalls for new embedded devices, they have also come up with a solution for devices that are already deployed without protection. “We have a hardware product for legacy equipment. Some equipment has been around for 10 or 15 years, and its vulnerable,” said Grau. “With this hardware device, you can take our software and add it as a bump in the wire, a firewall. It’s a small footprint that can protect a small enclave of devices.”

www.designnews.com