M2M refers to communication between machines without any human intervention. It is based on Telemetry which is the technology that allows remote measurement and reporting of information. Traditional telemetry applications (e.g. weather forecasting data collection) used proprietary radio signals via satellite communications. M2M, on the other hand can use any existing network such as the Internet to transmit data from the sensor to an application server that can utilize it in a meaningful way.
M2M communication is access technology agnostic and can use wide variety of fixed and wireless technologies such as Cellular, Wi-Fi, DSL, satellite, etc. Deeper penetration of the mobile technology, coupled with rapid development of wireless data access technologies such as 3G & LTE have established a strong platform for M2M. As a result, a number of Mobile Service Providers are already trumpeting their service portfolios with the M2M tag.
At the heart of an M2M solution is a module – called MCIM (M2M Communications Identity Module) that will piggyback on the M2M device. The ubiquitous SIM card (called the Universal Integrated Circuit Card – UICC) that makes it so easy for mobile users to quickly subscribe to a cellular service was one of the first choices to place this M2M module. But the same ease of use also raises some of the security concerns.
The security challenges as such remain more or less similar – “How do you ensure secure encryption and transmission of data? How do you prevent theft & manipulation of the MCIM & data?” The answers have to be sought in a new application domain now.
Securing communication can be achieved by leveraging prevalent cryptographic standards used in the mobile industry. The challenge lies in management of life cycle of security credentials that are stored at the service provider’s end as well as on the M2M devices. This will also enable secured authentication of the M2M devices.
But M2M, by nature, implies lack of human interaction. So, there is a higher possibility of unauthorized party being able to remove or change the UICC from an unmanned, remote location where the device is deployed. In the healthcare industry or automobile industries where the M2M device can be assumed to be stationary or fixed to a location, this could be handled by sealing the card or even soldering directly on the PCB. So, the UICC could be mechanically attached to the M2M device in such a way as to make it infeasible to remove the UICC, or where removing the UICC would render it permanently unusable. Developing enough intelligence to compensate for the absence of human intervention is a big security challenge.
There are a few more differences when compared to the standard cellular services. Take example of your cellular voice service. You have a mobile phone and a SIM card supplied by the service provider. If you want to switch the service provider, all you need to do is open your mobile phone and replace the SIM card. Now, consider a Smart Electricity Meter that communicates power consumption readings to the central billing application using M2M. The company may have signed a contract with one service provider and deployed the meters. After 5 years, if they decide to change the mobile service provider, they would need to spend enormous efforts to visit each and every Electricity meter and replace the SIM. So, it is necessary to be able to remotely change the mobile service provider. In terms of security requirements, this necessitates an even stronger trust relationship between mobile service providers – technical as well as commercial. Since the service provider switch-over has to happen remotely without human intervention, strict controls over processes must be implemented. The systems must also be scalable enough to tackle the load of switching over large number of remote change subscription requests.
In fact, this applies to initial provisioning process as well. The geographical market where the M2M device will be sold and the mobile service provider that the device will use to connect to the network are unknown at the time of manufacturing the M2M device. For example, the Smart electricity meters may be manufactured in Japan and the actual meter deployments may happen in France. If the manufacturer is embedding the M2M communication module in the SIM card, there is no way they can keep the control information of the mobile service providers in France. They could be sold to any other country as well. So, an M2M device must support selection of a mobile service provider after purchase and upon device deployment. The manufacturers also need to ensure security of initial security credentials burnt in to the M2M device.
Industry leaders are already talking of an exponential growth in connected devices - 15 billion by year 2015 and 50 billion by year 2020, with an attractive growth in revenue, too. Telecom Service Providers will need to enhance their security posture to deal with the new risks arising out of this exponential scaling of connected devices. This will have to be a judicious mix of revisiting the existing security controls to tune to the new environment and also introducing new controls to ensure that the security triad of confidentiality, integrity and availability is maintained firmly.