Protecting IoT devices from cyberattacks: A critical missing piece: Page 2 of 10

August 04, 2017 //By Alan Grau, Icon Labs
Protecting IoT devices from cyberattacks: A critical missing piece
When it comes to protecting IoT devices from cyber attacks, both device hardening and security appliance approaches each has its supporters, but there are trade-offs between “device-centric” and “appliance-centric.”
in and outbound communications, and it must detect and report attempted cyber attacks. This can only be achieved by including security in the early stages of design.

While there is no one-size-fits-all security solution for embedded devices, solutions are available that provide a framework for OEMs. A security framework provides OEMs with the core capabilities required to protect their devices and the flexibility needed to customize the solution to the specific requirements of their device, while ensuring that critical security capabilities are included.


Figure1. Security framework for IoT devices

Device security requirements
Before selecting an IoT security framework, it is important to step back and look at the requirements at both device and system levels. Security requirements for IoT devices must take into consideration the cost of a security failure (economic, environmental, social, etc.), the likelihood of attack, possible attack vectors, and the cost of implementing a security solution.

Security capabilities needing consideration are:

Secure boot

Secure firmware updates

Secure communication

Data at-rest protection

Embedded firewall and intrusion detection

Key and certificate management

Authentication

Integration with security management systems

Security policy management

Security event reporting

A security framework, such as the Floodgate Security Framework, provides an integrated suite of security building blocks (Fig. 2).


Figure 2. An implementation of the necessary elements to provide security

Secure communication
When most engineers think of security, they typically think of secure communication protocols such as SSL/TLS, SSH, and IPSec. In recent years, support for secure communication has been added to many embedded devices. While these protocols provide a first level of defence against protocol-based cyber attacks, they leave other attack vectors unprotected.

Security protocols are designed to protect against packet sniffing, man-in-the-middle attacks, replay attacks, and unauthorized attempts to communicate with the device, providing a good starting point for building secure devices.

Small IoT edge devices are adopting wireless protocols such as ZigBee, Bluetooth Low Energy (BLE), and other wireless and mesh networking


Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.