Everyone agrees that IoT security is important, but how do you get it right? The implications for getting IoT security wrong are well understood, especially if you operate oil pipelines or make Jeeps or medical devices. In other words, compromised internet of things devices impact brand image, customer loyalty, and top-line and bottom-line results.
So how do you get it right? Here are a few points to keep in mind:
- Security is a strategy, not a checkbox
- Security must be foundational and part of the initial design
- Security must be propagated through the device … and beyond
Let us take these one at a time.
IoT security is a strategy
Whether you have one product or a product portfolio, you have to think holistically about security, often involving use cases beyond the device itself — particularly for connected devices. Additionally, a well-thought-out IoT security strategy has the potential to simplify product development economics over time. Taking a strategy perspective allows defining a framework that is flexible yet standardized enough to develop in-house expertise and reduce costs over the long term.
Approaching IoT security as a strategy forces you to think about what is really worth protecting. Even if your company has multiple products that have different applications, you will find something common to them that represents your company’s intrinsic value. If, for example, you develop security webcams, then regardless of the product model, keeping the device from getting hacked and used as a trampoline is central to your brand’s reputation. If, on the other hand, you make industrial robots, your navigation and mapping algorithms are probably worth protecting. Recognizing and defining what is worth protecting is the first step towards a security strategy.
Built-in, not bolted-on
Once you know what needs protecting, the next step is to build security into the foundation of the device. By definition foundational security begins at the chip level and involves several measures:
- Devices must implement a “root of trust” as a trustworthy measure of integrity and authenticity. A root of trust, once established, is unchangeable and is therefore always reliable and trustworthy.
- Secure interaction between devices on a network is necessary. Implement mechanisms enabling mutual device authentication.
- Isolation and separation are well-accepted principles of security. Isolating sensitive information such as encryption keys, proprietary algorithms or other information raises the difficulty level for an attacker and minimizes the impact of a breach.
- Separate application functions critical to security. Execute such functions in isolated and secured memory regions to prevent compromise.
- Choose hardware platforms that include tamper resistance features. Such features protect against physical device tampering by destroying critical information such as encryption keys before hackers are able to access them.
These are not abstract concepts, but real measures that must be taken to ensure IoT security. For example, devices using microprocessors should implement technologies like ARM TrustZone. TrustZone is a secure enclave on the primary processor that provides an isolated area for storing sensitive information and conducting secure transactions. Only applications with special privileges can access information and functions in TrustZone.
Device security and beyond
An IoT security strategy should look beyond the device to include the system within which it exists. Simply put, if malware and threats can be propagated beyond the device, then so should security. In other words, device security should provide for system-wide security. This includes the ability for devices to mutually authenticate each other, verify payloads, rotate keys and provide other mechanisms to limit a hacker’s ability to inflict widespread damage.
The good news is that IoT security is achievable. It requires device makers to accept a “security first” approach to their design and approach security as a strategy, not as a check box.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.