Guidance on Secure by Design for Video Surveillance Systems
Realising the benefits of connected devices, deployed at scale, requires experience across a range of technology disciplines. This has been demonstrated by the release of new guidance regarding the security considerations around video surveillance systems.
Citing two of the many attacks on cameras (Mirai and Reaper) the guidance addresses a range of issues such as default credentials and passwords as well as inadequate patching of exposed code weaknesses. Driving by the new Biometrics and Surveillance Camera Commissioner appointed it identifies minimum requirements that relate to both technology components and the behaviour of systems. These requirements ensure that components and systems are secure by design and arrive in a secure by default state. Table 1 shows the nine elements with notes on their implementation provided in the guidance.
Table 1: Secure by Design Guidance for Video Surveillance Components and Systems
It can be seen that the guidance ranges over aspects such as credentials and passwords, to exposed interfaces and patching and updates. In the range of considerations to achieve secure by design and secure by default are a set of interlocking disciplines. These disciplines are recurring themes In the general case for IoT and include security, scale, and edge versus cloud considerations. For connected devices the components and system comprising the solution sit at the intersection of these three areas of expertise.
Figure 1: Interlocking Disciplines Affecting Connected Devices and Systems
In the case of video, cameras, and surveillance all three of the disciplines in Figure 1 are affected by the type of data that is being handled. Video introduces a further set of challenges.
This article will bring together material published by Consult Red in support of better understanding the demands of secure by design and secure by default. This will be from the perspective of security, scale, and Edge vs cloud for the particular case of video processing and transmission.
Security
Arriving at a security mindset requires planning and preparation. Security needs to be a first not last thought when developing a secure, smart product from concept all the way through to operation, including manufacture and over the air (OTA) updates.
Secure by Design guidance in the UK is currently based on thirteen principles. Consult Red produced a seven-stage approach to considering the principles and incorporating them into your design.
IoT Secure by Design – Quick Guide
This quick guide is accompanied by a security checklist for each stage.
IoT Security – Checklist
This seven-stage approach was used to consider the question “will your new IoT device break your business?” in the following webinar.
IoT Security Webinar – “Will your new IoT device break your business?”
Together this content addresses not only four common mistakes found when addressing IoT security.
IoT Common Security Mistakes
It also addresses the security aspects of the Surveillance Camera Commissioners requirements for securing Video Surveillance System products.
Incorporating secure by design and secure by default interacts with scale of production and deployment. The next section explores scale and its relationship to security.
Scale
Scale is a particularly challenging aspect of connected devices and systems. The assumption that a proof of concept is a linearly scalable approach to deploying a product at scale is a common mistake. Coupled with the requirement that many IoT solutions require scale to make the business case stack-up means that incorrect assumptions can make or break a business model.
Consult Red charted a six-step journey from proof of concept to scale in the quick guide below.
Scaling IoT – Quick Guide
This was accompanied by a detailed playbook that reviewed, in much greater detail, the kinds of questions that should be addressed at each of the six steps.
Scaling IoT – Zero-to-Hero Playbook
This content provides context for the interaction between scaling a solution and ensuring that the security remains proportionate, manageable and at the centre. Security aspects such as ‘make or buy’ and the impact on vulnerability disclosure, along with security key management, are considered as solutions scale.
Aspects such as secure data communication to the cloud and privacy become of growing importance at scale. This is particularly true in the case of video which may be feasible to stream at small scale but requires different approaches on a large scale. The next section will consider how security and scale relate to the balance between the edge and the cloud.
Edge vs Cloud
The cloud provides many benefits for quickly developing, deploying and scaling solutions. Cloud capabilities are also evolving rapidly to absorb common and specialist services. At the edge, the rapid evolution of both processing capabilities (such as AI) and enabling connectivity such as 5G are providing ways to innovate. This is providing new opportunities for solutions but requires optimisation between the cloud and Edge in a highly dynamic environment. Figure 2 explores some of the factors that trade-off in the balance of edge or cloud functionality. Trade-offs that impact upon total cost of ownership but change over time depending both on technology evolution and scale of solution.
Figure 2: The Edge vs Cloud for Functionality and Cost
An example of how the edge is becoming more performant is in the case of AI. The following content shows a snapshot of the breadth of AI processors as well as AI frameworks available.
Choosing the right edge AI processor
Choosing the right edge AI framework
Type of data also impacts upon the interaction between security, scale, and edge vs cloud. Low bandwidth, intermittent data that is not associated with identifiable people makes less demands on the three factors. Video and image data can contain high bandwidth information within which people may be identified and aspects of behaviours may be monitored by humans or AI/ML.
Video and Smart Cameras
The following content considers the application of AI in the case of cameras.
Visual eyes: Boosting your IoT strategy with smart cameras and Edge AI
The use of video and smart cameras in intelligent systems exemplifies many of the benefits and challenges of security, scale, and Edge vs cloud. Cameras have a range of applications in a home and business environment from parking monitoring to facial recognition. Some of their uses raise issues of confidentiality, privacy, and surveillance. By adding some local intelligence to the camera, either within the camera itself or at a local gateway, many of the benefits above can be enhanced. Cameras are becoming a general-purpose sensor as their capabilities at the Edge are enhanced by AI.
Cameras at the Edge can enhance:
- Data Reduction: Through applying multiple AI models to the same image feed and only returning metadata to the cloud.
- Latency: By providing local processing that reduces roundtrip data transmission to the cloud.
- Privacy: By applying recognition processing local removing the need to transmit recognisable image data.
- Security: Reducing the amount of data transmitted and stored limits attack surfaces.
- Autonomy: Dependence on a cloud connection is not acceptable for some critical functionality. For example, something that is safety dependent.
- Connectivity: As the edge develops it is likely that local connectivity will become as important as cloud connectivity in providing services at the edge.
- Cost and Flexibility: As edge technology becomes more performant for the same cost the potential to build in stretch capabilities will increase. This enables evolving service models in the field.
These factors can balance/interact with services in the cloud such as:
- Compute — Real-time vs Batch: Processing large amounts of real-time data requires dedicated processing capability. Data that can be captured and processed when processing is cheaper can reduce cost.
- Storage — Structured vs Unstructured: The ability to capture large amounts of data of different types is attractive for certain applications. However, structured data is easier to process quickly and generally lowers storage requirements.
- Elasticity: A key feature of cloud services is that compute and storage can automatically flex in multiple dimensions to meet demand as it occurs. This means that services can scale without intervention to handle peaks whilst standing down in times of low demand.
- Server vs Serverless: The ability to implement solutions that do not require specification of full server environments provides a great way to get services up and running and scale as required. At larger scale this approach may become much more expensive than re-architecting the solution to use a server-based solution.
The delicate balance of these different (and there are many more) factors at the Edge and in the cloud means that the solution is highly dynamically interlinked. Video provides a use case where these factors are highly interdependent and the trade-offs around data processed at the Edge or in the cloud become scale dependent. Taming these trade-offs requires deep understanding of multiple technologies and approaches.
These trade-offs also play a key part in the way the solution operates as a system rather than as a set of components. The requirements of secure by design and secure by default enforce system level behaviours. An example is that of a vulnerability disclosure policy and vulnerability monitoring. Vulnerabilities are potential holes in security due to firmware or software.
A recent report states that more than 600 vulnerabilities were disclosed in the first half of 2021. Most are high or critical severity, can be easily and remotely exploited, and make the affected component completely unusable. One quarter have no fix or can be only partly remediated.
Vulnerability Disclosure Programs Need to Get Organised
The report goes on to note that vulnerability disclosure programs, which identify and catalogues vulnerabilities, are mostly run by third parties such as researchers. The result is a patchwork of how and where disclosures are recorded. Standardisation is still a way off in these early days.
There is also evolving guidance and frameworks for security such as those published by the IoT Security Foundation The foundation is a non-profit, vendor neutral organisation set up to drive security excellence by responding to the myriad of challenges and concerns over security in IoT.
IoT Security Foundation
It is not therefore possible to consider security in isolation of these many factors when considering the scaling up of solutions.
Conclusion
Security will continue to gain in importance as devices become more and more connected and form complex systems. The new guidance regarding the security considerations around video surveillance systems is an example of this. Having a commissioner for Biometrics and Surveillance Cameras in the UK is indicative of how important the Government considers the issue.
The guidance as it evolves is moving from specific technology related requirements to system-based requirements such as vulnerability disclosure and monitoring. Organisations such as the IoT Security Foundation are developing frameworks to support excellence in security. This places new requirements on companies producing connected devices and systems right from the design and development stage through to deployment and in-life monitoring and updates.
Optimising your solution regarding the trade-offs related to security, scale and Edge vs cloud is a dynamic and evolving endeavour. When the data concerned is video this brings another level of considerations and optimisations. Having a single partner that has experience at the intersection of these disciplines provides the optimal way to understand their complex interactions. From the components to the system level behaviour experience can de-risk the solution and reduce the time to market.
About Consult Red
Consult Red have been instrumental in bringing containerization technology to embedded devices. Together with Sky, Comcast, Liberty Global, Consult Red has brought production-quality support for standards-compliant container technology into the RDK-V open-source project.
Consult Red’s CTO, Rahul Mehra, chairs RDK’s special interest group for Downloadable Application Containerisation (DACs) – a technology now deployed in over 10m devices as a modular approach to deploy services and facilitate service upgrades.