Security in the connected space?

This text is written by Anders Holmberg, IoT Product Manager at IAR Systems.

There's been a lot of focus on cyber security in the general sense concerning how to protect your data in a connected world, and rightly so. But the latest cause for concern is the threats to connected devices, including everything from smartphones to industrial equipment and toys.

In the end of 2015, it was revealed that toy maker VTech had suffered an attack from hackers stealing personal information of more than 6 million children. Mattel has also been in the spotlight after experts claim that the Wi-Fi-enabled Barbie can be hacked. Unfortunately there's nothing indicating that these incidents are isolated or unique for the toy market. Rather to the contrary, it seems that there's a trend in companies rushing products to the market. And if security issues are even present in the requirements specification, they are far down on the list.

So how can we cope? On way is to start taking security into account when setting the feature list of our connected devices. In this area, there's a lot to learn from the Functional Safety community – If you're to design and implement a piece of equipment or functionality that must at all times prevent damage to people or property, you start out by doing a very thorough analysis of potential risks due to a malfunctioning device. Such an analysis will result in a set of specific safety requirements. One important aspect of such requirements is that they are seldom contributing to the coolness of the product. But if they're not properly taken care of, things can go horribly wrong. The same often goes for security requirements.

As a starting point, here's a partial list of things that might need a bit of thinking:

  • Is personal information stored, transferred or in some other way dealt with on the device or on servers that your device communicates with? If this is the case, then you are a highly likely target for an attack if your product is a success. How does this affect handling and storage of information on the device or the server?
  • If a device carries out some important task, let's say on a factory floor or in peoples’ homes, how do I ensure that a specific device that adds itself to the network is a legitimate device? The reverse situation also needs consideration - What happens if someone establishes contact with a device, posing as a server?
  • If encryption is used, how do you deal with keys? Encryption in itself might stop a casual, opportunity driven attacker, but if a serious attacker gets hold of a device, can this person for example read encryption keys in clear text by poking directly into device memory?
  • Are you planning on supporting over-the-air firmware updates? How do you ensure firmware integrity after an update? This issue might very well turn out to be the trickiest of them all to solve to satisfaction - of course depending on the level of security you decide is enough.
  • Security through obscurity is seldom a good thing, but sometimes technological choices can have an impact on how susceptible a device is to break in attempts. Do you really need full IPv6 connectivity over 802.11 Wi-Fi, or is some other communication standard fully adequate?

The important thing is not to solve all security issues in the world, but rather to create a list of potential security issues that might affect your system and then consciously decide if this is something you must deal with. And you better let at least 50% of that decision be guided by long-term business considerations. Otherwise you might find yourself at the wrong end of a media frenzy or even litigation, and that can easily kill your market.