Protecting IoT devices from cyberattacks: A critical missing piece: Page 13 of 13

August 10, 2017 //By Alan Grau, Icon Labs
When it comes to protecting IoT devices from cyber attacks, both device hardening and security appliance approaches each has its supporters, but there are trade-offs between “device-centric” and “appliance-centric.”

Security appliance approach versus device hardening

Two important tradeoffs in considering the hardware versus software approach to IoT security are economic consideration and the protections that can be built into low-cost sensors.

As IoT devices proliferate, the number of required security appliances could explode. The economics of adding security appliances to every IoT device are simply prohibitive.

While this can be addressed with software security built directly into the device itself, this is not without cost of its own. Security software requires additional memory and processing power, and imposes additional overhead on network resources which can dramatically impact battery life for lower power devices. As a result, you are limited in how much security can be added to low end devices such as sensors.

 

Summary

One of the unique challenges of the IoT is that the network perimeter is often blurry. Network security appliances can protect cloud-based computing resources and any IoT devices that happen to reside within the network perimeter, but do little to protect mobile devices or IoT endpoints located in the field. So while security appliances play a critical role in protecting the IoT, they do not provide the complete solution.

Ultimately, some combination of hardware and software will be required, but building software into IoT devices is a critical missing piece that must be addressed.

 

About the Author

Alan Grau is president and cofounder of Icon Labs. He also is the architect of Icon Labs’ Floodgate Firewall. He has 20 years of embedded software experience. Prior to founding Icon Labs he worked for AT&T Bell Labs and Motorola. He has an MS in computer science from Northwestern University.

Design category: