Total cybersecurity — built-in from the ground up

 

Security is on everyone’s minds – whether it’s protecting our personal identities online, safeguarding confidential business communications or complying with regulations governing manufacturing partnerships.

 

Security is also our business and we are intimate with our customers and partners need to keep their operations protected. We put that knowledge to use building our Wisenet 7 System on Chip (SoC). To meet the requirements of the market, we’ve added more than a half dozen new features dedicated to improved system and device protection.

 

We started right at the beginning, establishing our own device certification issuing system to embed certificates and encryption keys into the chip during the manufacturing process. As a result, our “ground-up” security policies ensure end-to-end product cybersecurity at each step of a surveillance workflow, guaranteeing all video is securely stored, encrypted and accessible only by authorized users.

 

We started designing this new chip soon after Wisenet 5 came out in 2016. There was no time to take a break.” Almost immediately the market began compiling their wish list for the next generation. That was clear proof cybersecurity was becoming more and more important.

 

Wisenet 5 already included many new enhancements such as “secure by default,” making the camera’s out-of-the-box settings the recommended ones to use for installers. With Wisenet 7 we went even further to secure the hardware. Manufacturing our own SoC allows us this flexibility.

 

A huge part of our industry uses and mounts third-party chipsets to their devices. They source SoC’s and then write their code to it. But that places severe limitations on their capabilities, especially if the lower-level hardware doesn’t fully support the SoC.

 

When building our chips, we’ve adopted an approach common in the laptop market, using a TPM, or Trusted Platform Module. That’s embedded in nearly every laptop made today, mostly there for use by enterprise and government customers. It locks down the BIOS—the foundational level—to prevent tampering or malicious firmware being written.

 

With Wisenet 7, we’ve built a TPM platform into the camera, making sure the firmware is signed and encrypted. And these types of features are only possible to do when you’re assembling a completely new architecture, and not using somebody else’s chipset.

 

The chip is embedded in our cameras, so it’s built-in and always running. Now, essentially there are two different operating systems running. If there is an intrusion attempt, someone is only able to access the application side. They don’t have access to the raw hardware, or the chip side, which is protected. The TPM will stop any attempts to load unauthorized firmware. We’re able to sandbox the camera’s Linux operating system completely away from the backend chipset’s core functionality.

Supply Chain of Trust

This forms the Hanwha Techwin “Supply Chain of Trust.” We make the cameras, we make the chipsets, we assemble, design, fabricate and lay out the circuit boards. We control all those pieces. We even use our own Hanwha Precision Machinery chip mounters and other smart factory solutions to ensure quality and reliability, as well as a secure production line.


Hanwha Precision Machinery

Now, we have a complete view on not just cybersecurity, but also quality control and the software development life cycle. It’s a much different scenario from other manufacturers that OEM their components. They simply can’t accomplish what we can from a cybersecurity perspective.

Compliance is Key

Why is all this important? There is such heightened awareness of the security manufacturing process: What’s going into a chip? Who is building this part of a chip? Where are they based? Where are they from? What is being done behind the scenes?

 

When you add in the requirements for NDAA and TAA compliance, the stakes are raised even higher.

 

Another trend is the explosion of IoT (Internet of Things) devices. With these popping up everywhere, there’s this fear of, “We don’t want the next botnet attack coming from our devices.”

 

In terms of the general cybersecurity landscape recently, the biggest threats are twofold: Botnets, which take over or flood your network and cause denial of service, and ransomware. You’ve got many different devices or nodes on your network and you don’t want your device to be that “zombie” that’s now sending out infections or replicating viruses or malware all over the network.

 

An Industry Seal of Approval

As cybersecurity grows more complex and attracts more industry attention, industry standards also become more important. The UL is a well-recognized institution worldwide and they developed a standard for certifying a company’s level of security in its products. The work that went into developing Wisenet 7 resulted in Hanwha Techwin recently receiving UL CAP (Cybersecurity Assurance Program) certification for our recently launched range of IP cameras featuring the new chipset.

 

This process is intense. It looks at the way the coding is done. It tests the strength of encryption cipher algorithms. It tests against known databases of vulnerabilities and what versions of software we’re using. It’s really an industry stamp of approval that we can show to customers and partners to validate our stringent cybersecurity processes.

 

You can rest assured end users and channel partners are already writing their next wish lists for future generations of chip technology; the nature of any product-based industry. But with the features and protections built into Wisenet 7 those lists may not be needed for a long time.

 

To learn more about Hanwha Techwin’s Wisenet 7 SoC, visit hanwhasecurity.com

If you liked it, share it!