Strategies to achieve better IoT security in Wi-Fi modules

Article By : Chris Jones

A look at the architecture of Wi-Fi modules and the opportunities for designers to improve IoT device and network security by using the resources available in these modules.

Within industrial IoT deployments, wireless technologies (excluding low power) can be broadly classified as cellular or short-range wireless. Short-range wireless encompasses Wi-Fi, Bluetooth, Zigbee and various other protocols.

Rather than design wireless communications circuits from scratch, embedded system designers often decide to use ready-made and certified wireless modules. Some of these now accommodate a variety of frequencies and protocols within a single module. This article discusses the architecture of Wi-Fi modules and the opportunities for designers to improve IoT device and network security by using the resources available in such modules. In practice, the same general approach may be applied to other modules, regardless of the wireless protocols involved.

What is a Wi-Fi module?

A Wi-Fi module comprises a wireless transceiver for 2.4GHz or 5GHz bands (or both), an antenna, and a microcontroller to run firmware, enable the radio to receive and transmit data, and operate protocols. The external interface to the microcontroller will usually be SPI, I2C, USB or a UART.

Wi-Fi module security figure 1
Figure 1: The basic elements of a wireless module.

Connecting a Wi-Fi module to a network

Wi-Fi modules need to run several different protocols defined by IEEE 802.11 standards to connect to a network. Once connected, they must also run the required machine-to-machine protocols. A typical set of protocol stacks and functions for connection to a cloud server might include:

  • TLS
  • TCP/IP
  • HTTP/S
  • FTP
  • MQTT
  • Certificate handling (security)
  • Cryptographic keys usage (security)

The devices within Wi-Fi modules often have limited resources due to cost and power constraints, so it is common to offload some of the network protocols to the host applications processor. Like a modem, the Wi-Fi module makes use of AT commands over a UART interface. As the modules have become more sophisticated, the AT commands have become more powerful, and the application processor workload reduced.

Wireless system partitioning

From a security perspective, an important consideration is where each protocol stack and security function should reside. Early IoT devices would typically have the TCP/IP and HTTP protocols running on the Wi-Fi module, while HTTP commands, customer applications and security certificates were handled by the application processor.

As the HTTPS protocol took over from HTTP to ensure encryption of data sent over the internet, the HTTPS protocol stack was often included in Wi-Fi modules, but the HTTPS commands came from the applications processor. HTTPS is secured by the TLS protocol, requiring the use of cryptography. Cryptographic keys are usually stored by the application processor in its local secure memory. However, a secure element connected to the application processor is often used as an alternative secure storage mechanism.

Wi-Fi module security figure 2
Figure 2: Where to store the various protocol stacks, certificates and keys is a security-critical decision.

The great weakness of the approach described above is that data transmitted over the UART/SPI link is typically in the clear. This means that cryptographic keys cannot be sent over it securely. This challenge is amplified where the wireless module is connected to an IoT device, such as a sensor, and you then need to store root certificates, URLs, and APIs, in addition to cryptographic keys, for any software platform used to securely manage such devices when they are connected to services and applications.

Architecting a Wi-Fi module to accelerate IoT device management

Software security platforms such as Crypto Quantique’s QuarkLink (QL) can save months of effort in implementing the complex stacks required to connect to a cloud server securely. This provides firmware APIs and example projects targeting popular microcontrollers. The -platform offers onboarding and lifetime management of IoT devices via a simple graphical user interface. Users need little security expertise. Thousands of IoT devices can be securely connected to on-premises or cloud-based servers in just a few minutes.

More sophisticated Wi-Fi modules may be configured to enable the use of QuarkLink in a network if sufficient resources are available within their microcontrollers to store the elements needed to facilitate secure connectivity. Such modules will also have an encrypted link to the application processor. The partitioning of functions would then be configured as shown in figure 3.

Wi-Fi module security figure 3
Figure 3: A wireless module with the QuarkLink resources needed to simplify device onboarding and lifetime management.

Choosing your Wi-Fi module: selection considerations

When selecting a Wi-Fi module for secure IoT applications, choose one with sufficient processor and memory resources to store and process the elements of your chosen security platform within the module itself, rather than in the application processor. This will reduce the complexity and the engineering resources needed to develop a reliable IoT product.

Engineering effort can then be focused on the core application without the need to debug complex, secure communication software stacks. The result is a more secure and reliable outcome that eliminates the need for overly complex communication between the Wi-Fi module and the application processor.

This article was originally published on Embedded.

Chris Jones is Crypto Quantique’s IoT security specialist. Following a 28-year career in project management and field applications engineering, Chris spent two years as a senior application engineer at Secure ThingZ in Cambridge, U.K., working in IoT security. He joined Crypto Quantique in May 2020. Chris holds a BSc in electrical and electronic engineering from the University of Coventry, U.K.


Leave a comment