introduction of ccds · guideline wg iot vuln. r&d unit no1, no2 ccds secretariat office car...

Copyright 2016 Connected Consumer Device Security Council Proprietary 1

Introduction of CCDS

- Toward Trustful IoT Life -

Connected Consumer Device Security Council (CCDS）

Tsukasa Ogino, Representative Director


Contents

• Recognition of Current issues

• CCDS Overview

• CCDS R&D

• CCDS Security Guideline Development

• CCDS IoT Vulnerability Testing PF Development

• CCDS other activities


ISSUE: Threats from Cooperated Devices

If even Single App is safe, but may be vulnerable in cooperated situation

3

AV, HomeAppliance Apps

OtherConsumerDevices

Energy, HEMSApps

ITS, VehicleApps Medical,

HealthcareApps

Server Cooperation

AppsCooperation

Intrusion via vulnerable app,Crack to cooperative app

A consumer device infected malware spread to other device and apps

Malware

Intrusion

Difference of security levelsbetween each apps domains


Trust(safety and security)Level Difference

安心・安全

安心・安全

Domain ＡProduct

Domain ＣProduct

Domain ＢProduct

①Different Level of RequirementFor Safety and Security Level

by product domains

安心・安全

連携連携

②Total Security Level will be leveled

at the lowest productWhen connected

Required or Demanding Level

Actual Product Level


Value and Cost Balance

IoT service value

＞Security

Protection Cost

Countermeasure

Also countermeasure by architecture and Usability

Quality

Keep Higher Quality

Function and Architecture

Cost Up by complex architecture

Comply Important Requirement

such as Safety

SafetyISO/IEC 61508 SIL 1～4

ISO 26262 ASIL QM, A～D, etc

SecurityISO/IEC 15408/CC EAL 1～7

FIPS 140-2 Level 1～4ETIS ITS/C2C-CC TAL 1～4, etc

Different Priority and Judgement levelProduct domain by domain


CCDS Overview

• Name: General Incorporated Association: Connected Consumer Device Security Council

• Establishment: October 6, 2014

• Chairman: Hideyuki Tokuda (Professor of Keio University, Cabinet Security Advisor)

• Representative Director: Tsukasa Ogino (Specially Appointed Professor, Kyoto University)

• Managing Director: Kosuke Ito (Zero-one Laboratory)

• Directors: Atsuhiro Goto (Professor, Institute of Information Security, SIP: PD)Katsutoshi Hasegawa (President, eSOL Co., Ltd.)

Hiroyuki Hattori (President, Witz Co., Ltd.)

• Number of members: 129(Official members or higher: 43, General members: 62, Academic members: 14, Liaison members: 10)

• Main businesses:

1. Internal/external trend investigation on security in various field of life devices, and

interchange/cooperation with internal/external organizations

2. Development of security technology which satisfies safety and security of life devices

3. Development of security design process, development/preparation of verification method

guidelines and promotion of international standardization

4. Preparation/control of life device verification environment, verification business and human

resource development on security, public relations/dissemination activity, etc.


SCOPE:

AV Network Medical/HealthcareNetwork

Home Gateway

HEMS Network

Power, Utility

HomeAppliance

EV/HV

SmartMeter

PV

HEMSConsole

WearableDevices

Healthcareserver

Care Robots

ITS＆Vechile Safety

Telematics, Eco,Drive Recorder, etc.

New Services

AfterDevices

ECU

V2X Communication

PotableDevices

Road SideUNIT

Automated Driving

4K・8KContents

HomeServer

HEMScompany

ContentsProvider

Medical, Healthcare

Cloud

Vehicle andTraffic Control

Convenienceお弁当セール

Public AreaDevices

ATM Remote Monitor/ Maintenance

Office AreaNetwork

MFPMedical, Healthcare

Devices

BatteryNetwork

Appliance

Embedded/IoT/M2M in general, Connected Consumer Deviceswhich are not operated (monitored and controlled) by professionals


R&D Center

Review Committee

IoT Security Guideline WG

IoT Vuln. R&D UnitNo1, No2

CCDSSecretariat Office

CarSub WG

ATMSub WG

POSSub WG

Home NWSub WG

Vulnerability Testing Center

Car-A: Vuln. Testing Tool for Com Unit (Navigation)

ATM: ①Tool for ATM,②Tool for USB Test PF

POS: Vuln. Testing tool for Open POS (Tablet type)

Home GW: Vuln. Testing Tool for Home NW Devices

Car-B: Vuln. Testing Tool for Body control ECUs

Platform for Vuln. Testing operation for IoT system

Administration

CCDS Organization

Usability WGSecurity

Tech. WG

Device Security

TechnologyWG


R&D Units activities

• Unit 1 (stationed in Okinawa):

– Unit Leader: Dr. Inoue, Assoc. Prof. of Hiroshima City Univ.

– R&D in Car Hacking (CAN) hacking, USB Hacking, Feedback fuzz

data processing function on fuzzing tool, etc.

• Unit 2:

– Unit Leader: Dr. Ogino, Kyoto Univ.

– R&D in Home GW vulnerability research, Auto Vulnerability

checker for Android apps, etc.


Cyber Security Policy for Vitalizing Society and its sustainable development by NISC

出典：NISC:サイバーセキュリティ戦略（案）より

Security By Design (SBD)System Design with Security Consideration from planning and design stage

Preparation of the general guidelinesto affect security on IoT system

Enforcement of the technology development and proof trialin consideration of the characteristic (long life cycle, limit of the processing capacity) of the IoT system, importance of the hardware genuine nature


CCDS External Cooperation

IoT Security Guideline Dev.

IoT Vuln. Evaluation PF Dev.

・Design Process Guide = Security by Design・Security Testing Guide ->International Std.

toward the safe and secure IoT service/product development!

・Vulnerability Testing Tool Development・Testing Scenario DevelopmentDeveloping the Security Testing Platform

WG on the Development Guideline for the Smart-society


PLAN: Security Development Guideline Definition

EmbeddedDomain

Cyber System Domain

V2X, Probe

Remote Access,Control

for Automated Drv.

Vehiclecommon part

Health Data

Wearable Comm.

HealthcareDevices

common part

Remote Access,Control

HEMS Cooperation

Home Appliance

common part

Public Space Devices(ATM, etc.)

EmbeddedSystems

common part(Base) Cooperated

Servicescommon part

Arrange basicitems for

embed devices

Discuss Integratedsituation includes

cyber space

Office Devices (MFP, etc.)

Arrange each common partAs a beginning,

Discuss for each Apps

Security Development Guideline

Per Domains Common


CCDS life device security guideline for each field v1.0

Since threats for each product field vary,

security actions are summarized in view

of each field based on IPA "Development

guideline of connecting world" to easily

disseminate the security-by-design

concept in the industry.

Purpose

Target field

Onboard unit

IoT gateway

Major contents of guideline

・ Target system configuration

・ Anticipated security threat

・ Security action in each phase of product

life cycle

(Relationship with IPA "Development

guideline of connecting world")

・Threat analysis/risk evaluation method

・ 3rd party security evaluation for entire

product and security measure functionFinancial terminal(ATM)

Accounting terminal(POS)

Onboard system configuration POS system configurationATM system configurationIoT-GW: Home GW case

English Version are coming soon!


Position of guideline for each CCDS field (private opinion)

CCDS

Onboard

unit

CCDS

IoT-GW

CCDS

ATM

CCDS

Open

POS

IoT security

guideline

IoT Promotion

Consortium

MIC and METI

IoT service

provider

IoT platform

/network

provider

IoT system

vendor

IoT security

general

framework

NISC

Safe and secure IoT system development guideline

which can be used across product fields

(checklist)

Specific threat or risk point in view

of each product field

Summary of security review points

from design stageCooperation

for

industry

deployment

Security guideline for all layers of IoT service

relevant persons

Cyber security

strategy

NISCClarification of general basic requirements related to

design, building and operation of the IoT system

International deployment

of Japanese idea

Proposal of IoT system

development by Security-by-

design concept

Re

fer to

revie

w fo

r

co

op

era

tion

.

Proposal

Reference

Development

guideline of

connecting

world


Founding the 3rd Party Security V&V Evaluation Center

Okinawa Pref.

ＣＣＤＳ重要生活機器連携セキュリティ協議会

IoT Vuln. Testing Ctr. R&D Center

IoT Security Guideline

Development WG

Testing

Tool Dev.

Testing DB

Dev. & Ope

Vuln.

Evaluation

Platform

Testing

Process Dev.

Trial Testing（Training)

3rd Party

Testing

Service

ＩＰＡ

Venders in Okinawa

Automotives

Home

Financial Terminals

ATM/POS

Evaluation Testing

Platform System

On-Board Head Units, Body Control ECUs

Home GW, IoT GWfor sensor network

ATM/POS

IoT Evaluation Test ScenarioAnd Test result Integration

Participants from Major Brands

Certification

Authority

(Future)

FY2015～FY2017

Working Group on

Development Guideline

for Smart-Society

3rd Party Security

V&V Evaluation Ctr

(Future)

V&V: Verification and ValidationVuln: Vulnerability


CCDS IoT Vulnerability Testing Units

BBTower

Omron SW

JVC Kenwood

Hitachi Omron

IoT Vuln. Testing Platform System

Automotives

Home HITACHI

ATM

POS(Point of Sales)

Witz

Review Committee

Test Tool Development TeamProduct Testing Team







Other CCDS activities

• Usability WG

– Objective: Discussing UI design as a part of security

countermeasures to keep the IoT devices in secured

• Collaboration with HCD-net（人間中心設計推進機構）

– Leader: Ueyes’ Design

– Kicked off in Aug., 2016., participating about 20 members

• Device Security Technology SWG

– Objective:

• Building comprehensive security countermeasure technologies MAP

(categorizing) for IoT devices

• Envisioning to develop the Implementation Guideline for IoT

security countermeasures in future

– Leader: SELTECH, Deputy Leader: DNP (Dai-Nippon-Printing)

– Kicked off in Jun., 2016., participating about 35 members

introduction of ccds · guideline wg iot vuln. r&d unit no1, no2 ccds secretariat office car...

Documents