More
    HomeEV BusinessVeridify, Overcoming the challenges of OT security in building automation with an...

    Veridify, Overcoming the challenges of OT security in building automation with an STM32

    Despite popular belief, it is possible to secure legacy embedded systems properly, even if they lack today’s iron-clad cryptographic capabilities, the latest protections, or expansive computational units. In a nutshell, that’s what Veridify Security, a member of the ST Partner Program, promises with Device Ownership Management and Enrollment (DOME™) solution. The technology provides secure device-to-device communication without needing hands-on onboarding procedures, powerful microcontrollers, or access to a cloud. The video below demonstrates DOME’s capabilities in the context of ST control units for cars. Today, we’ll see how Veridify Security is tackling a new challenge: operational technology (OT) and building automation.

    Table of Contents

    OT security and building automation

    What is OT?

    The Gartner Glossary defines operational technology as the “hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes, and events.” While, as the name implies, information technology (IT) focuses on data manipulation and dissemination, OT concerns the tracking and the governance of systems with physical impacts, such as grids, manufacturing plants, transportation systems, and more. Consequently, as Adam Hahn of Washington State University explains1, “OT security focuses almost exclusively on availability and safety.” As Hahn explains, while protecting the integrity, confidentiality, and availability of data is still critical, just like in IT, OT must also guard physical processes to ensure their safety, environment, dependencies, and regulation.

    Failure to properly secure OT can lead to catastrophic effects. Hahn gives the example of the explosion of a gasoline pipeline that took place in Bellingham, Washington, USA, in 1999. The supervisory control and data acquisition (SCADA) system regulating the infrastructure suddenly became unavailable, which caused the gasoline inside the pipeline to ignite, leading to a massive explosion that took the lives of three people and was responsible for massive physical and environmental damage. Moreover, there are countless attacks that receive a lot less coverage but still have catastrophic effects. For instance, in 2016, a hack took down the central heating system in two apartment buildings in Finland for more than a week in the middle of winter.

    Indeed, while most in the industry understand the importance of securing major infrastructures, like pipelines, many vastly overlook residential buildings. However, attacking such infrastructure could compromise lighting, heating, cooling, security controls, and more. Put simply, the case studies above demonstrate the critical nature of OT security, which is why Veridify Security is now turning to building automation, a domain vastly overlooked due to inherently complex challenges.

    What are the inherent challenges to securing building automation?

    One of the biggest challenges when bringing security to building automation is to overcome ignorance by educating owners and managers. For instance, the 2020 pandemic revealed significant security flaws in many buildings’ operational technologies that had been historically ignored. Consequently, it is critical to provide solutions that help change mindsets. There are also technical challenges inherent to building automation, such as a lack of encryption. In many instances, data is transmitted in plain text. Consequently, anyone with a basic network sniffer could intercept the information and use it to hack the system, creating massive disruptions. Additionally, the lack of common certifications worldwide further complicates the creation of a standard security solution.

    Veridify Security: DOME on STM32

    How to protect legacy solutions?

    The thermostat demo running the DOME from the Veridify Security library on an STM32

    Veridify Security explained that it created a DOME library for STM32 microcontrollers to solve this challenge. For instance, recent demos showed a DOME Sentry.

    In a nutshell, the product from Veridify serves as an intermediary between the network and an unsecured legacy smart thermostat to protect it from attacks. As the ST Authorized Partner explained, the large memory and development ecosystem of the STM32 microcontroller vastly helped development operations. The company used ST’s low-level libraries to create firmware that’s as close to the bare metal as possible. Moreover, to ensure DOME runs on the broadest gamut of STM32 devices, Veridify Security doesn’t rely on cryptographic accelerators or other hardware IPs.

    How to create new solutions?

    The same demo also showed a smart thermostat using the DOME library. The configuration is far more unusual and demonstrates how new products can adopt the technology immediately. In this instance, the thermostat application and the security system ran on an STM32H7. Traditionally, smart home systems don’t integrate extensive security mechanisms because they would require more powerful processors that would significantly increase the bill of materials. However, in this instance, Veridify is showing how an STM32 MCU can easily run the control system and the DOME library for far greater security. Additionally, developers don’t have to worry about cloud access or onboarding mechanisms since DOME doesn’t require any of them, thus reducing overall costs.

    Author: STMicroelectronics

    Read the full article at https://blog.st.com/veridify/

     

    Himanshu Vaibhav
    Himanshu Vaibhavhttps://www.timesev.com/
    Himanshu Vaibhav is a distinguished Technology Journalist associated with ELEtimes.com and TimesEV.com. With expertise in researching, writing, and editing, he demonstrates a deep understanding of technology, particularly in the EV industry. His continuous updates on EV, Automotive, and E-mobility industries reflect his commitment to staying at the forefront of emerging trends.

    Related Post

    Most Popular

    Best Picks

    “India’s Electric Vehicle Revolution: Navigating Challenges and Seizing Opportunities in a Shifting Automotive Landscape”

    The EV industry of the nation is witnessing a tectonic boom. With the advent of government policies about a clean and green environment, the...

    Wireless Power in the Kitchen

    Authors: Akshat JAIN, STMicroelectronics India, Fabrizio Di FRANCO, STMicroelectronics, Italy, Martin DENDA, Rene WUTTE, STMicroelectronics Austria, Bruno TISSERAND, STMicroelectronics, France Wireless power is going to...

    MWC Shanghai 2024: 3 demos that are about improving...

    Author: STMicroelectronics MWC Shanghai 2024 should be memorable, thanks to more than 30 innovative product showcases and demonstrations, nine applications on display, and more than...

    AEKD-TRUNKL1: one power liftgate demo can transform how engineers...

    Author: STMicroelectronics The power liftgate built on the AEKD-TRUNKL1 is always a highly popular and easily recognizable demo, as its loud beeps alert attendees that the trunk...

    STMicroelectronics offers Cost-Effective, Fastest, and First STM32 MCUs to...

    STMicroelectronics is a global leader in the semiconductor space developing customer-centric and sustainable products. Their STM32 Portfolio is a hugely popular highly reliable and...

    India’s Promising EV Market is Lending Hope for an...

    The world faces serious environmental concerns that require immediate attention and progressive solutions. The human civilization is at a crossroads where every decision will...

    Sustainability is not just a corporate responsibility, but a...

    STMicroelectronics, a global semiconductor leader serving customers across the spectrum of electronics applications is among the early changemakers in the ongoing sustainability issue. The...

    Balancing Currents for Optimal Performance in Automotive Smart Drivers

    Author: Giusy Gambino, Marcello Vecchio, and Filippo Scrimizzi from STMicroelectronics, Catania, Italy When developing distributed intelligence for smart power switches in automotive power management systems, it...

    STM32CubeMX 6.11 opens its GUI to the boot flash...

    Author: STMicroelectronics  STM32CubeMX 6.11 is a new milestone as it allows developers to use the unique features of the new STM32H7R and STM32H7S. The software also continues...

    Must Read