Five considerations when building secure IoT devices
The ongoing Internet of Things (IoT) revolution is bringing online billions of devices, from fridges to traffic lights, connected and controllable from afar. Industry verticals like Utilities, Telecom, and other service providers encounter increasing security regulations, and a need to automate field equipment reading, billing, and service status updates.
Industry adoption of IoT is going to grow. For example, it is expected that there would be more than 2.5 Billion IoT devices in Power and Energy vertical by 2023. These IoT deployments are a growing target for cybercriminals; exposing individuals, their data and their privacy to risk if security is left unaddressed. For example, 250,000 peoplein Ukraine were left without power when attackers used “Crash Override” malware to take control of power gridresulting in a shut down of 30 power substations. As a result, industries that deploy IoT will demand security that is integral to the devices and manageable through remote device management.
For device makers, this market trend underscores the need to ‘design in’ security into the devices.For example, an IoT device that has secure root of trust, remote authentication, over-the-air software patching capabilities, and other features that proactively mitigate security vulnerabilities. In order to minimize threats at each stage of a IoT device’s life cycle and to ensure security in every IoT deployment, we need to answer following key questions,
- How to efficiently store the secrets such as device keys?
- How to create secure processing environment for tiny IoT sensors?
- How to ensure the data I communicate between the device and the cloud is private?
- How to track abnormal behaviour of the device when it is compromised?
- How to securely update the firmware of a device?
This session will present these considerations to help you identify the best approach to secure your devices for scalable IoT.