There may not be one silver bullet for IoT security, but CableLabs is forging a new weapon that can take aim at malignant devices on home networks that are becoming increasingly difficult to govern as more and more connected devices are added to the mix.

Looking to proactively take on a security issue that's expected to become more pronounced in the years to come, CableLabs has developed a framework called "Micronets" that rearchitects the home network into smaller segments that can be managed individually and dynamically.

And the devices operating in those segments can likewise be regulated under separate sets of rules. And when a device misbehaves or there's reason to believe that it's been hacked or otherwise compromised, the system can isolate that device within its own micronet to limit the damage it might unleash -- sort of like placing it in a hockey penalty box where it can, you know… feel shame.

According to Mike Glenn, VP of security technologies at CableLabs, the need for the Micronets framework and a redesigning of the home network has materialized as more IoT devices are connected on the home network and it starts to act a lot more like an enterprise network. Therefore, CableLabs believes that home network is now in need of enterprise-grade protection.

"If we don't address this problem in the home, ultimately the home network becomes unmanageable," he said.

The framework itself aims to standardize an interface between the home gateway and a cloud-based microservices system. The home network would then be divided into an array of micronets governed by their own set of rules -- perhaps putting the home security system in one micronet, a medical device in another, and smart locks and light switches in yet another.

Figure 1: Segmenting the home network for different devices and the rules that govern them are key elements of CableLabs's Micronets framework. Source: CableLabs.

Using an onboarding process that identifies devices and understands their functions and capabilities, the Micronets approach, Glenn said, would allow a higher-value device, like a medical monitor, to receive a higher level of protection and ensure that it isn't exposed to other devices on the home network.

The combined system will factor in machine learning techniques that can use data to identify malicious traffic that is emanating from the home network and pinpoint the infected device and, if necessary, put that device in isolation and then alert the customer that something's gone awry and offer suggestions on how to handle it.

The Micronets framework will likewise ensure that each device is on its right segment of the network and has access only to what it needs to function rather that connect to everything else and possibly be susceptible to an attack, Darshak Thakore, lead architect, security technologies at CableLabs, said

CableLabs is spreading the word today about Micronets via a white paper that details the vision behind the project. The Louisville, Colo.-based organization is also working to release some proof-of-concept code and additional architectural detail so working groups can start to work on APIs. CableLabs said it is also working on an "easy-onboarding" framework that builds upon features from the Wi-Fi Alliance (specifically EasyConnect/WPA3 Security and with the Internet Engineering Task Force (IETF) .

CableLabs is hopeful that the Micronets framework focus on IoT security will help to prevent things like distributed denial-of-service (DDoS) attacks while also giving cable operators and other ISPs more visibility into the home networks, including third-party devices that might be generating malicious traffic. That enhanced visibility can also provide more detail to customers when an alert is sent and reduce call volumes to the ISP, Glenn said. (See DDoS Attacks Are Less Frequent, Much More Intense.)

Taking an angle of openness
Glenn envisions Micronets becoming an open spec like DOCSIS, but on a wider basis that involves device makers, security companies and cloud services.

"We do want to make it open; this needs to be broader than cable alone," he said.

The Micronets framework is far from a commercial reality, though CableLabs is building up the engineering and intellectual property that will shore it up. Glenn estimates that technology rollouts are still one to three years out.

But in addition to telling the world about the project today, CableLabs is actively seeking participation from the vendor and academic communities in the hopes that interface specs aimed at multivendor interoperability will emerge and establish the baseline for a competitive marketplace.

"We didn't want the industry to fragment into these little pockets of proprietary implementations, he said.

Glenn views Micronets as a "good step" toward device security management, as Internet security is a shared responsibility that spans ISPs, device makers and hosting providers.

"There's no silver bullet in security and certainly there's no silver bullet in IoT security," Glenn said.

— Jeff Baumgartner, Senior Editor, Light Reading