How is the security of the Internet of Things achieved? CEO of European semiconductor manufacturers discuss the solution path

Stefan Auerbach, head of operations security at Giesecke and Devrient (G&D), a German smart card/security technology provider, emphasizes the importance of "end-to-end security" and expresses his understanding of hardware and Software collaboration and the belief that a scalable solution is needed; but these are obviously much easier than doing it.

Frank Fitzek, a non-industrial representative of the CEO Forum, professor of Technical University Dresden in Germany, pointed out that 5G communication will bring, for example, software-defined networking (SDN), network function virtualization (NFV). And other functions that help to quickly identify and invalidate security risks: "Communication must become a mesh, not a centralized honeycomb system. This is also an opportunity."

For the question of the host "Who is the enemy?", Fitzek said that the first thing that threatened cybersecurity was the student who played the hacker. Now everyone has it, and even government agencies may be the culprit. But don't forget The technology itself may also go wrong: "Airbus will use five computers to perform the same operation on different platforms to correct errors at a time; it is time to invest in the security of the global network, which is a bit like the work of the police. "

According to Carlo BozotTI, CEO of STMicroelectronics (ST), security must be embedded in all layers of abstraction, including chips, boards, devices, and the entire network. G&D's Auerback emphasizes that the SIM card industry manufactures 5 billion SIM cards a year, and because these cards are adhering to standards, they are very secure.

When asked about the difference between 4G and 5G, Fitzek joked: "The difference is a G;" but quickly added that each generation of communication technology is to solve the communication between people: "5G will There are billions of links with different KPIs (key performance indicators) in terms of latency, performance and security."

He said that Paul Baran, the father of the Internet, proposed a security solution in 1964. There are many ways to achieve security, but at the moment it has not been implemented by network security experts, mainly because they are not enough. Ability: "We just need to find ways to increase the cost of participating in the hacking activities."

Another topic that was raised at this CEO forum is that security needs to be addressed in a comprehensive end-to-end approach, but no single company or companies have enough weight on this issue to specify a Solution; NXP's Clemmer observation pointed out that the safety of the automotive field is not yet complete, but because the car has been attacked by hackers, forcing car manufacturers to step up.

Infineon CEO Reinhard Ploss observed that consumers are not or have not yet been sensitive to IT security - this raises the idea that a label or security certification may be a safety awareness Method; but should this be driven by industry or by governments?

Clemmer doesn't think responsibility is on either side, but believes that brand owners can inspire confidence because brand builders can provide huge benefits by providing safe products. The ST's BozotTI position is more positive. He believes that it should be the responsibility of government agencies, and the industry must work together: "Our responsibility is to ensure a culture of safety is more popular."

Fitzek of Dresden University of Technology agreed with Clemmer that corporate brands are a conduit for the importance of disseminating security. Clemmer also said a few words for NXP's new buyers, saying that machine learning will play a key role, and Qualcomm can provide high-end security processing technology for countless applications in addition to 4G/5G data machine technology.

Some listeners at the scene suggested that the consumer may buy a networked home appliance without knowing that they might be used as a DDOS attack. Therefore, a security certification label will be needed, but it should not be promoted by the government. Because the speed will be too slow. In this regard, Clemmer said that semiconductor manufacturers operate behind the scenes and do not directly connect with end consumers; therefore, he believes that if such security labels are promoted by semiconductor manufacturers, the probability of success will be low.

Infineon's Ploss believes that security should not be static, so if connected appliances become a problem, there should be a mechanism for their security protection to be upgraded or forced offline. Fitzek also agrees: "Of course we can emphasize that every connected home appliance is a supercomputer. Semiconductor manufacturers will like this statement, but in fact we need smarter networks, self-monitoring, and exclusion of security risks. Networked device."

Unfortunately, even if the participants of the CEO Forum agree that controlling end-to-end security is the key to the success of the Internet of Things, there is not much practical use for this vague problem; perhaps it can be said that this is correct. The topic is just not discussed on a correct occasion?

High GT

Maskking(Shenzhen) Technology CO., LTD ,