Greater security for wireless IoT networks is coming with the new IQRF OS v4.0, says Dr Sulc

Dr. Vladimir Sulc, CEO of MICRORISC

The brand new concept of “Interoperable – Simple – Secure” solution of the IQRF technology, a Wireless Platform for IoT, was presented in the end of the 2016. Now, it is being fulfilled by new versions of the OS v4.00 and the DPA protocol v3.00 bringing higher safety of wireless communication, security of transferred data and higher comfort for users. Interoperability of the whole IQRF Ecosystem is being presented via solutions and IoT applications by the IQRF Alliance members on a daily basis.

“Every wireless system is exposed to potential OTA attacks. But IQRF OS v4.00 brings ultimate security based on industrial standards. Security in IQRF does not mean just an encryption but a complex approach to avoid potential vulnerabilities,” explained CEO of MICRORISC, inventor of the IQRF technology, Dr. Vladimir Sulc.

This complex approach consists of packets consistency checking, three levels of AES-128 encryption, and dynamic passwords and keys generation.

Packets consistency checking

Security starts at basic trust to received data. To avoid transmission errors and process valid data only, IQRF strictly checks all received packets against bit error failures using several block checksums. Additionally, complete packet is protected by standard IBM CRC-16.

Encryption

Sensitive data should be hidden for unauthorised users and systems. Encryption is a way how to protect such sensitive data. IQRF utilises AES-128 encryption, industrial standard for wireless communication. Besides hiding sensitive data, control data encryption increases consistency protection.

There are three different protections based on AES-128 encryption.

    • Network communication protection

Protection of standard network communication is the most important as it continues during the whole system life. Protection is based on AES-128 encryption standard. Thus, only systems/users having valid network Password may join network communication and process data. To avoid wrong implementations all network communication has been forced to be encrypted automatically.

    • Unauthorised access protection

Only authorised devices may join the network and only authorised users may have maintenance access to network devices. As communication during bonding and maintenance is encrypted by AES-128, only authorised devices and users with valid access Password are able to join the network or to maintain network devices. Sensitive data, such as network Passwords, exchanged encrypted during bonding, are well protected.

    • User´s data protection

Besides protection of network communication there is an optional way to increase privacy by adding another encryption shield. It utilises AES-128 and user Key defined by the user to protect sensitive user’s data. This protection is fully under user’s control and may be used to add extra network protection or to hide sensitive data even from the IQRF platform as shown in the schematics below.

Scheme of the various levels of the IQRF wireless system protection

Password and Keys manipulation

Keys compromising is very frequent source of security problems. Therefore IQRF minimised and protected also manipulation with keys – network and access keys are not known during physical manipulation as they are generated from respective passwords. Network password is generated randomly with high entropy. The encrypted password is provided to devices that are joining the network during bonding.

Future upgrades

Threats coming in the future from more powerful attacking tools and from discovered vulnerabilities should be fixed. All IQRF software layers enable upgrades to keep system secure.

Further information:

    • Register for a webinar to learn all about new features in the IQRF OS 4.0 30th March, 2017 – 13:00 to 14:30 CET.
    • Detailed technical information is available here.

IQRF technology selected features:

    • Ultimate security: based on industrial standards (AES-128)
    • Extra low power: < 100 nA standby, 15 µA receiving in XLP mode
    • Simple integration in a few weeks and simple control with DPA protocol (SPI, UART)
    • Sub-GHz ISM bands: 433 / 868 / 916 MHz
    • Range: 500 m with small PCB antenna
    • Easily connectable to Arduino, Raspberry Pi, chipKIT etc.

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Actility and Helium Network announce roaming integration to scale IoT coverage

Posted on: October 18, 2021

Actility, the provider of IoT connectivity solutions and LPWA technology, and Helium have launched a roaming integration partnership, unlocking affordable and ubiquitous coverage for millions of IoT devices.

Read more

Future of data integration: 2022 and beyond

Posted on: October 18, 2021

Traditional methods including manual creation of scripts, scrubbing the data, and later loading it into a data warehouse or ETL, (extract-transform-load) was used to integrate data from different sources. These methods were adopted in the era of resource constraints and have now become very time-intensive, expensive, and error-prone, says Yash Mehta, an IoT and big

Read more