Artur Szczybylo | Dreamstime.com
Wireless Security Promo 608c5276d44a4

How LPWAN Solutions Can Transform Cybersecurity

May 19, 2021
More complex IoT technology is leading to more sophisticated cyberattacks. To achieve the needed security levels for their systems and devices, designers are turning to the inherently secure LoRaWAN open protocol.

What you’ll learn:

  • The benefits of utilizing the LoRaWAN open protocol.
  • Benefits of using the LoRaWAN protocol over other networks.
  • Why proper implementation matters.

As Internet of Things (IoT) technology becomes more complex, hackers are getting more sophisticated, creating a need for higher levels of cybersecurity. This article will highlight the benefits of leveraging the LoRaWAN open protocol and LoRa devices to keep systems safe and secure.

As IoT solutions become widely integrated into our daily lives, cybersecurity concerns are on the rise for a variety of enterprises. According to Gartner, global cybersecurity spending is projected to exceed $170 billion by 2022, as the vast majority of business leaders face increasing cybersecurity risks. More specifically, research shows that enterprise ransomware infections are on the rise. Between the high prevalence of cyberattacks and the escalating costs required to protect against them, it’s clear that there’s a strong need for secure, yet cost-effective solutions.

To protect against the many cyberattacks targeting the IoT, security requires a strong protocol, implementation, and deployment. Common security concerns include having the same root keys for multiple end devices or those that can be easily guessed; having a fixed security session by using activation by personalization (ABP) instead of the more secure over-the-air activation (OTAA); reusing nonces for device activation or frame counters within a security session; and exposing root keys via email attachments, QR, codes, or invoices.

All of those issues can easily occur if a security system is incorrectly implemented. However, they can be avoided with proper setup and deployment.

Low-power wide-area-network (LPWAN) technology like LoRa and the LoRaWAN open protocol are secure by design using well-vested security primitives with authentication and encryption built into the specification itself. LoRaWAN is a messaging protocol on top of LoRa that’s responsible for defining what’s in messages and how the communication works between devices and the network.

LoRaWAN not only provides long range and ultra-low-power consumption, but also comes with an integrated end-to-end security feature that helps enterprises in all industries protect their personal data. Network protocols like this have additional unique capabilities that make them especially applicable for secure implementations, which includes the ability to be used across private and public sectors.

The Benefits of Utilizing the LoRaWAN Open Protocol

Over-the-Air Activation (OTAA)

OTAA, also known as the procedure that’s required for devices to join the network, is a mutual authentication process between the device and the LoRaWAN network. This process proves that both the end device and the network have the knowledge of the corresponding application key, ensuring that only genuine and authorized devices can join. After a device disconnects from the server and asks to rejoin, it’s given a new application session key so that the network can easily vet devices as they join.

Alternatively, users can choose to select the activation by personalization (ABP) join procedure. This is more convenient because not only does it allow the device to automatically connect to the LoRaWAN network like OTAA, but the user will merely need to provision and activate a given device on a single network. However, devices under ABP aren’t given a new application key for each session, making it more difficult for the network to detect unauthorized users and diminishing security as a result.

End-to-End Security

LoRaWAN networks are one of the few implementing end-to-end encryption. The low-power chirp spread-spectrum (CSS) signals that the LoRaWAN network relies on are challenging to detect, making it harder for hackers to intercept.

On the off chance that a hacker does detect the signal, the LoRaWAN network has two layers of encryption for both the network and the application. The network security layer verifies the authenticity of the node in the network, while the application security layer protects the end user’s application data. By splitting authenticity, integrity, and replay protection from encryption enables independence of the application data from a network operator.

Benefits of Using the LoRaWAN Protocol over Other Networks

  • Long range: LoRa and the LoRaWAN open protocol have a communication range that reaches over six miles. It was designed to serve specific use cases where devices need to be battery-operated and can last for long periods of time.
  • Cost-effective: As previously mentioned, dealing with cybersecurity concerns can get outrageously expensive. The LoRaWAN open protocol is ideal because it reduces up-front infrastructure investments and operating costs. It requires less energy than many alternative solutions, and its extensive battery lifetime of up to 10 years reduces costs over time.
  • Low data rates: The LoRa physical layer and LoRaWAN open protocol is intended for low data rates, which is a compelling security feature. The low data rate and relatively infrequent messages makes attacks more difficult, and therefore less compelling for would-be hackers.

Why Proper Implementation Matters

Some might think that the LoRaWAN network is an easy target for hackers, given that it offers low-cost, reliable connectivity over vast distances. However, this couldn’t be further from the truth. LoRaWAN networks are designed from the outset to take security into account. By following the proper specs closely, device manufacturers, network operators and users can easily set up the network correctly.

Overall, if users choose OTAA over ABP whenever possible and use challenging root keys that are effectively unguessable, LoRaWAN offers the utmost protection from cyber threats for public and private networks alike.

About the Author

Marc Pégulu | Vice President, IoT Strategy and Products, Semtech

Marc Pégulu has been vice president of IoT in the wireless and sensing products group at Semtech since June 2015. He held the position of vice president of wireless and sensing products from June 2014. Prior to this appointment, he held the position of director of marketing and applications. Pégulu joined the Company in March 2006 and was involved in several key technology initiatives, including LoRa wireless and software-defined modem technologies. Prior to joining Semtech, he held positions in chips and systems development at Thomson CSF, Thales, Atmel, and DibCom in France and China.

Pégulu holds a Master of Science degree in electronics and telecommunications from Institut National Polytechnique of Grenoble, France, and is a graduate of the Executive MBA program of ESCP Europe.

Sponsored Recommendations

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!