08 May 2024
Related Blogs:
Sign up for blog updates
Get innovation delivered to your inbox. Sign up for our blog and stay on top of the very latest from Semtech.
08 May 2024
In the interconnected era of the Internet of Things (IoT), the stakes for cybersecurity have never been higher. As devices proliferate across homes, businesses and critical infrastructure, the potential for exploitation grows. Also, as IoT devices multiply year over year, the importance of reducing complexity has never been higher – and this is a call Semtech answers with conviction.
At Semtech, we believe that securing IoT devices should be straightforward and effective. Our commitment to simplifying IoT in general, and cybersecurity specifically, is evident in our solutions, which are designed for easy integration and deployment. This approach not only enhances security, but also reduces the burden on our customers, allowing them to focus on their core operations without the hassle.
The recent US Executive Order on improving the nation’s cybersecurity underscores the importance of informed consumer choices and robust security standards. Semtech stands firmly behind this initiative, offering transparency and support to our customers through our Secure Development Lifecycle Programs and Vulnerability Management Program. For example, our partnership with HackerOne and our status as a CVE-Numbering Authority (CNA) are but two examples demonstrating our dedication to proactive security measures. As part of our secure product development process, we implement static code analysis through tools such as Synopsis Coverity.
LoRaWAN has defined strong end-to-end security that is compatible with the smallest and most power-efficient devices in IoT today
Encryption is employed both for network messages as well as for application security
The LoRa Alliance® security working group continues to advance security specifications to ensure threats are handled automatically by LoRaWAN networks
Semtech utilizes a Hardware Security Module (HSM) for secure device key provisioning at the production site
Semtech offers open source LoRaWAN Stack (LoRa Basics™ Modem) which meets the LoRa Alliance latest security specification including implementation of Firmware Update Over the Air (FUOTA) examples to support security patches and firmware updates for devices that are already deployed in the field
LoRa ICs security leverages the well-tested and standardized AES cryptographic algorithms
Specification releases are managed by the LoRa Alliance, a consortium of companies dedicated to a healthy and secure LoRaWAN ecosystem
LoRaWAN® is designed with low-cost, low-power scalability at its core. This is true for end-device operation and provisioning. During network authentication, end-device session keys are created for both network and application traffic flow. The mutual authentication is performed with prior secret key sharing between the server and end-device which enables a highly efficient power and network activation process. Once activated, a 32-bit frame counter is used to protect against replay attacks. Once messages are authenticated at the Network Server, the message is sent to an Application Server through a secured IP connection. The Application Server provides the end-device owner an independent way of encrypting the end-device data without additional payload overhead. The Application Server can decrypt the application payload independent from the Network Server thus ensuring end-to-end security from the end-device to a secure network component. From the Application Server, the decrypted data can be sent to the target application via a secure IP method for storage, display or additional processing. To support future versions of the LoRaWAN protocol, the LoRa Alliance has provided a FUOTA framework to enable end-devices to receive updates to both application and LoRaWAN stack to ensure robustness as the security protection evolves.
A major area of enhanced security protection for LoRaWAN devices over the past few years has been the utilization of advanced security protection such as Hardware Security Module (HSM) in the cloud and Secure Elements/Cryptographic compute modules on end-devices. Utilization of these technologies avoids the necessity of ever sharing the symmetric key information “in the clear”. The key data can be held in hardware without the ability of unauthorized entities to gain access to the values. The diagram below illustrates a secure key provisioning and activation as performed in Semtech’s 3rd Generation LoRa Connect™ Transceivers and the Location-aware LoRa Edge™ platform.
The journey toward a secure IoT ecosystem is ongoing, but with Semtech, businesses and consumers alike can navigate this landscape with confidence. By prioritizing simplicity, effectiveness, and continuous improvement, we are not just securing devices; we are securing futures. Join us as we continue to lead the way in making IoT cybersecurity easy and accessible for all.
Get innovation delivered to your inbox. Sign up for our blog and stay on top of the very latest from Semtech.