Q&A: Here’s how the “Matter” protocol will soon reduce vulnerabilities in smart home devices

After years of competitive jockeying, major tech giants have agreed to embrace a brand new open source standard – called Matter – that will allow consumers to mix and match smart home devices and platforms.

Related: The crucial role of “digital trust”

After numerous delays and course changes, the Matter protocol is expected to roll out this fall, in time for the 2022 holiday shopping season. be affixed with a Matter logo.

Matter is intended to drive smart home device interoperability – so a homeowner can stick to a single voice assistant platform and have the freedom to choose from a wide selection of smart devices emblazoned with the logo. Matter.

This means that a consumer living in a smart home filled with Matter devices would no longer be forced to use Amazon’s Alexa to control certain devices, while having to switch to Apple’s Siri, Google Assistant or Samsung’s SmartThings. to operate other devices. No surprise: Amazon, Google, Apple and Samsung are the biggest names on a list of 250 companies supporting the Matter rollout.

Eligible types of smart home devices, to start with, include light bulbs and switches; smart plugs; smart locks; smart window coverings; garage door openers; thermostats; and HVAC controllers. If all goes well, surveillance cameras, smart doorbells and robot vacuums will soon follow.

DigiCert, the Lehi, Utah-based certificate authority and service provider for managing public key infrastructure, helped develop Matter’s privacy and data security components. I had the opportunity to discuss the broader importance of Matter with Mike Nelson, Vice President of IoT Security at DigiCert. Here’s what we discussed, edited for clarity and length.

OL: When a consumer sees a smart home device with a Matter logo this fall, what do you hope it conveys?

Nelson

Nelson: The Matter logo represents seamless interoperability for consumers, enhancing user experience and control. It also represents digital trust [insert the way we are defining DT] between all compliant devices from different manufacturers.

OL: What was the main security issue to address when branching out from Matter?

Nelson: Security challenges present in many smart home devices include device identity, proper authentication (user and device), privacy of sensitive data, and software integrity.

The Matter specification focuses on establishing a robust, immutable identity for each device and requires all participants to use security credentials (digital certificates) that are chained to secure roots of trust. This practice ensures that only trusted devices can identify and interact with other Matter-compliant devices.

OL: How did the alliance solve this fundamental security problem?

Nelson: The Matter security specification has been developed in collaboration with many industry players over the past few years. The Matter specification takes a secure-by-design approach to ensure device reliability throughout its lifecycle. The security specification is a layered approach with strong, easy to implement, resilient and agile security approaches.

The security specification raises the bar for IoT security and privacy through the following approaches:

• Establish a strong device identity so that only trusted devices can join a smart home

• Secure standard software updates to ensure integrity

• Validation of each device to ensure that it is authentic and certified

• Secure unicast and group communications

• Easy, safe and flexible commissioning of the device

• Up-to-date information via distributed compliance register

OL: What was the main privacy issue and how was it resolved?

Nelson: There are a number of privacy threats with smart home devices. Security cameras, smart speakers, and other surveillance devices could give a bad actor access to spying on members of a house. Additionally, data theft could reveal sensitive consumer information.

OL: Short term – can you paint a picture of a likely adoption scenario in 2022 and 2023? (For example, would the alliance be happy if Matter won over smart home platform vendors and device makers?)

Nelson: We see many CSA members participating in Matter moving quickly to comply with the specification. I think we’ll see Matter-compliant devices on the shelves before the end of the year.

OL: Long term – what is a plausible and hoped-for outcome; how does Matter connect to progress in advanced IoT systems?

Nelson: IoT security has finally evolved to a state where manufacturers are no longer just concerned with securing their devices. Industries are begging to see how to securely connect with devices from other manufacturers to improve end-user experience. Matter is leading the way with this effort and I think we will see other industries follow. ASC also plans to expand Matter beyond the smart home and into smart commercial buildings and potentially other industries.

Acohido

Byron V. Acohido, Pulitzer Prize-winning business journalist, is dedicated to educating the public on how to make the Internet as private and secure as it should be.


(LW provides advisory services to the vendors we cover.)

*** This is a syndicated Security Bloggers Network blog from The Last Watchdog written by bacohido. Read the original post at: https://www.lastwatchdog.com/qa-heres-how-the-matter-protocol-will-soon-reduce-vulnerabilities-in-smart-home-devices/

Source link