Israeli startup to secure IoT binary code natively
Due to their massive spread, Internet of Things (IoT) devices have become a pervasive entry point to many networks. So many entry points delivered by so many different manufacturers make them difficult to control individually, from a security standpoint. Now Sternum CEO and Co-founder Natali Tshuva, claims her company can work with all the different manufacturers to embed security fixes on the devices themselves, at the binary code level. Through reverse engineering and binary code analysis, the startup claims it can prevent cyber attacks against all low-cost IoT devices.
“We have solutions that can determine what is a legitimate execution flow and identify any deviation from that”, explains Tshuva.
Sternum’s embedded integrity verification (EIV) analyzes the device’s binary code and embeds protection within the code, including 3rd party libraries and closed-source code (after a non-disclosure agreement has been signed). It can be applied across any operating system and enables manufacturers to update their existing devices’ firmware protection. By focusing on low-level code vulnerabilities and device manipulations, the platform prevents attacks before they proliferate, regardless of device or OS type.
Once installed, the EIV sits on the device, provides insight to data, and maps all components in use. Sternum’s Real-Time Event Monitoring System (RIEMS) then monitors operation of the OS, memory usage, CPU usage, if the device uses encryption/decryption, how much data is being accessed/sent, if a device is communicating with a new/unknown IP address, and more. The monitoring system also continuously scans for and alerts on known common vulnerabilities and exposures (CVEs). This approach delivers true vulnerability-agnostic device protection. The dashboard then displays network events, cryptographic events, OS-related events and gives administrators control over prevention and response policies. Sternum integrates with most security information and event management solutions.
One key aspect in making the solution work across the broadest range of IoT devices was to keep runtime overhead in the single-digit range. The company offers an SDK tool available for download, which potential partners can use to experiment with the solution. From there, the startup operation is license-based.
Earlier this year, the company has partnered with Telit to secure it’s xE910 module family, giving customers in-depth visibility and security for their entire device fleet. The EIV will validate every operation within any IoT device where Telit’s module is installed, operating like an on-device firewall. Telit plans to offer these security enhanced modules to manufacturers of cellular-enabled products across industries, including medical, industry 4.0, smart cities and more.
Sternum – www.sternumiot.com