Physical and hardware security
Many IoT deployments will be in remote and isolated areas leaving sensors and edge routers vulnerable to physical attack. Additionally, the hardware itself needs modern protection mechanisms common in processors and the circuitry of mobile devices and personal electronics.
The first layer of hardware security is the establishment of a RoT. The RoT is a hardware-validated boot process that ensures the first executable opcode starts from an immutable source. This is the anchor of the boot process that subsequently plays a role in bootstrapping the rest of the system from BIOS to the OS to the application. An RoT is a baseline defense against a rootkit.
- Boot from ROM or nonwritable memory to store the image and root key
- One-time programmable memory using fuse bits for root key storage...