The latest consumer “must have” appears to be a wearable device. Whether you seek the style of an Apple Watch, a sports performance fitness band or an immersive gaming headset you’ll have an immense choice. While many of these devices are aimed at extending the reach and usefulness of your smartphone (Figure 1 illustrates the diversity of wearable devices), there is another emerging sector of wearables where the emphasis is on knowing the location of the wearer. These personal trackers, or mobile personal emergency response systems (MPERS) are finding adoption for tracking children, elderly relatives and lone workers. In addition to being able to track the wearer they also provide a ‘Help’ button function so that the wearer can communicate the fact that they are ill, lost or their life is under threat.
Needless to say, connectivity is omnipresent for any wearable device. Typically, short-range Bluetooth and Wi-Fi communications are used, of which Bluetooth is probably the most common when using a smartphone for local storage, data presentation and as a gateway to a cloud-based analysis application. Equally, cellular is the prime requirement for other applications, such as the MPERS example, which requires full mobility of communication.
In common with Internet of Things (IoT) devices, the mention of connectivity goes hand-in-hand with that of security. Most wearable devices will contain some personal data, and in the case of a fitness monitor, heart rate, or blood glucose measurements may be taken. Time-stamped location information will also be present, and potentially login profiles and passwords to cloud platforms too.
At a high level a developer, when working on any wearable project, should keep in mind the security topics of device, application and service. The design phase requires thought and a careful appraisal of potential security attack points. In a perfect world, a design could be built from scratch with every functional block designed and developed within one team. However, the pressures of time-to-market and embracing a higher level of integration using, for example, pre-certified and type approved wireless modules, means that a more holistic approach to security needs to be considered. Security needs to be implemented with an end-to-end approach. Potential places for a security attack, an attack surface, could include the sensors, local storage, compute processing, device configuration, authentication methods and data transport.
To understand some of the security concepts, let’s first look at the functional parts of our example MPERS wearable device, see Figure 2. There are four key component parts, namely, the sensors that detect the person’s heart rate, temperature etc, location information received through a global navigation satellite system (GNSS), wide area connectivity typically provided by a cellular/LTE module, and, if required for indoors / home proximity detection, a short range communication method that is typically provisioned by a Bluetooth module. Examples of the wireless components used for this device might include a u-blox LARA-R211 multiband LTE module and a u-blox EVA M8M GNSS device.