Embedded Security and Pager Explosions
Srinivasa Moorthy S A
Chief of Strategy Zettaone Technologies Private Limited, Technology Evangelist, SME for Automotive Electronics, EVs and ESDM
Last week, one of my close friends asked whether I could develop an Embedded Cyber Security course. I got interested in this topic when I started working on IoT products and biometric products.
What was most interesting to me was the way UIDAI has designed the Fingerprint Sensor security, especially the latest one which identified, tracked, authorised and is tamper-proof. A version of the specification is available ( Aadhaar_Registered_Devices_2_0_4.pdf (uidai.gov.in))
While discussing the design issues, I focused only on the electronics, firmware, manufacturing and usage vulnerabilities. While that itself was tedious I left the components and supply chain as the UIDAI's L1 specification has established a very good certification process where every microcontroller is numbered uniquely, and the process has to be done in INDIA and quality approved by STQC. The L1 specification is very robust changes of tampering are very difficult is what I thought till yesterday when the batteries were manipulated.
领英推荐
Without going into a whodunit, imagine if this could happen to any lithium battery-based product. The primary reason is all the Li-Ion batteries are imported from opaque sources. This now puts entire battery-operated systems at risk. Imagine, your EV 2-wheeler has a doctored battery. Starting from customs, the source of the batteries is not verified, and no one knows the place of origin!
This also puts a question mark on the non-electronic parts in the supply chain. I was telling my friend who wanted this course that the problem is now enlarged, and even the supply chain has to be designed from the point of origin to the point of use. As such the Indian electronics industry is plagued by fake components and copied parts, and if the battery gets added to the security ring, we will have a serious problem and product manufacturing costs will increase exponentially to ensure the safety of the user!
This also complicates the regulatory rules, and the coming days will be interesting to watch!
Chairman, IEEE India Region Center of Expertise (Industrial Electronics); Member India Work Group, IEEE Standards Association P1451.99 Project for Harmonization of Internet of Things(IoT)
6 个月Well said.