Internet of Things (IoT) solutions promise to improve productivity, enhance safety, and provide advances in comfort and convenience. In this way, IoT solutions are intended to radically improve the quality of human life. Predictions abound on both the potential and the pitfalls of IoT. As we enter this era of IoT, interconnected cyber-physical systems have the potential of changing the world we live and work in.
By applying a secure engineering methodology to the design, development, delivery, operations, management, and usage of these systems we can protect against identified threats and be prepared to detect, react, and recover from threats which are invented and discovered after the devices are introduced into the working environment. But what does this entail? Here is a brief list to get teams started:
- Establish a secure hardware/software development process which includes code management, automated build and automated testing, and streamlined packaging and software delivery mechanisms. Include source code analysis to identify vulnerabilities as well as security-related testing to identify runtime vulnerabilities. Software delivery also applies to device firmware/software updates as well. As more and more software is running in a wide range of distributed IoT devices, the need to update that software in a secure, timely, and cost-effective way also increases in importance. A secure, verifiable, and audited software/firmware update is part of a secure development and deployment process.
- Utilize authentication and authorization (access control checking) for devices, users, and applications which will interact with one another as part of the Internet of Things solution. Mobile security factors into this since many of the user interfaces for these IoT-related applications will be surfaced via mobile devices.
- Insert auditing/logging of both successful and unsuccessful requests for processing and utilize monitoring and alerting technology distributed across the set of computing systems. This implies that there should be some level of audit logging and monitoring in-vehicle, in-network, and in-mobile devices. Also necessary is detection of denial-of-service and distributed denial-of-service attacks against devices and the systems which support these devices.
- Secure all communications channels such that sensitive information is protected from observation, change, or corruption. Validate input and output parameters to ensure that inadvertent command invocation or escalation of privilege is not possible. Mobile security also applies to communications security since in some solutions mobile devices act as gateway systems to enable communications between connected devices and applications running remote from the devices.