Secure your Smart City Infrastructure

AmbiSecure

Securing smart cities

 

The cities are vulnerable to threats such as signal jamming, remote systems or data manipulation, Denial of Service (DoS), malware attacks and the recent rampant ransomware and wiping attacks. There is a need therefore for comprehensive smart city plans to minimize cybersecurity risks and protect critical infrastructure in smart cities so as to defend stakeholders, ranging from residents to private and public service providers.

 

Smart cities’ virtual doors will need virtual keys and locks controlled through remote communications. In real sense, these virtual doors to smart cities are never fully locked, creating loopholes cyber attackers will sure attempt to exploit. This, then means smart cities are not safe until proven, hence measures must be put in place, spanning physical security and network security, to continuously ensure, guarantee and verify key components of the infrastructure never fail.

 

Security in LoRaWAN

 

The LoRaWAN specification has been designed from the outset with security as an essential aspect, providing state-of-the-art security properties that meet the needs of highly scalable low-power IoT networks. Unlike many other IoT technologies, the LoRaWAN specification already offers dedicated end-to-end encryption:

 

The specification defines two layers of cryptography:

  • Using a unique 128-bit network session key shared between the end-device and network server
  • Using a unique 128-bit application session key (AppSKey) shared end-to-end at the application level

AES algorithms are used to provide authentication and integrity of packets to the network server and end-to-end encryption to the application server. By providing these two levels, it becomes possible to implement “multi-tenant” shared networks without the network operator having visibility of the users’ payload data. The devices can be activated by Personalization on the production line or during commissioning, or can be over the air activated (OTAA) in the field. OTAA allows device sessions to be rekeyed if necessary.

LoRaWAN relies on symmetric cryptography, which requires sharing keys in a safe and secure way. To further aid with this process, LoRa Alliance members have developed:

  • LoRaWAN backend interfaces that isolate the storage of root keys in the join server, so that becomes a trusted player, regardless of network
  • Secure element solutions that provide additional hardware physical protection against tampering

Though LoRaWAN is inherently secure, the LoRa Alliance is constantly reviewing, designing and implementing security enhancements and best practices to ensure LoRaWAN stays ahead of the changing security landscape and Ambimat offers itself as an aide in this process with a value added solution.

Ambimat’s solution for your LoRaWAN

Ambi-Secure is a hardware-software solution based on 3 decades of experience in the field of IoT. The solution is a combination of a System on Chip (SoC) and Ambimat’s firmware residing on it which helps cater to almost all of the challenges present on your IoT (read: LoRa) device

Our Ambi-Secure acts as a secure hardware memory to help customers store their AppKey, NwkKey, AppSKey and other keys used for the communication in a secure location outside the memory of the main controller

Our Ambi-Secure can also help generate the most secure keys for your application while communicating with the gateway or the network server.

Ambi-Secure can confirm the authenticity and the validity of the source of the Firmware sent over the air for updation.

Ambi-secure implements the encryption algorithms in itself taking away the need to implement such algorithms in the main controller thereby providing more security to the solution as well as more flexibility to choose the controller of choice.

Ambi-Secure protects your infrastructure as well as your customers’ infrastructure from any challenges arising from a security perspective for the entire lifetime of your product.


AmbiPower – Giving Power Back in The Hands of The Utilities
AmbiSecure’s Validation server