Design With Security in Mind: Why Manufacturers Need to Plan for IoT Device Security from the Beginning
Article #5 Electronics Innovation Series. IoT security is a shared responsibility between chip manufacturers, hardware designers, and the consumer.
This is the fifth article of a 6-part series looking at innovation in the electronics industry.
The Internet of Things (IoT) is growing rapidly. According to Statista, there are 42.62 billion IoT devices, sensors, and actuators worldwide as of 2022 – up from 35.82 billion in 2021 and 30.73 billion in 2020, respectively – and projected to grow to 75.44 billion by 2025.
With this massive adoption also comes an increase in security vulnerabilities, as well as cyberattacks targeting IoT devices, which are growing in number and sophistication. According to a Kaspersky analysis shared with Threatpost, the firm detected more than twice the volume of cyberattacks in 2021 compared to 2020. Notorious high-profile attacks from the Stuxnet worm to the Mirai botnet have led to a growing awareness of the need for more developed IoT security practices.
Why are IoT devices so vulnerable? Whose responsibility is IoT security? And what can manufacturers do to design more secure connected devices? In this article we examine these questions and offer some guidance for understanding the complexities of IoT security.
The Importance of IoT Security
IoT devices are both smart and connected, gathering and sharing mass amounts of data on a near constant basis. This makes them a valuable target for bad actors who want to access devices and their data or as a potential back door into their organization’s network. The rise in connected devices increases the size of the network, which also increases the attack surface and potential entry points to that network. The growth in data captured and transmitted also grows the amount of data that is stored, processed, and shared, creating more data that can be compromised. These small devices represent a massive increase in potential targets for malicious third parties.
Compromises to IoT by threat actors can create a wide array of negative impacts, such as IP theft, damage to brand image, regulatory non-compliance and legal consequences, alteration of proprietary data, sensitive and personal data leaks, total ecosystem unavailability, and more. Furthermore, IoT security differs from traditional data breaches in that the IoT provides a bridge between digital and physical, making it possible for hackers to wreak havoc in the physical world—such as taking control of a vehicle or causing a nuclear power plant to melt down. As stated by the World Economic Forum, “hacking the location data on a car is merely an invasion of privacy, whereas hacking the control system of a car would be a threat to a life.”
Why Manufacturers Can Mishandle Security for Connected Devices
Manufacturers are creating IoT-connected devices at a rapid pace, but in the process are leaving gaping security holes such as weak passwords and unidentified backdoors. As products are designed to be deployed quickly and win the race to market, security often takes a backseat. According to a Forrester cybersecurity report, “Firms are developing IoT firmware with open source components in a rush to market. Unfortunately, many are delivering these IoT solutions without good plans for updates, leaving them open to not only vulnerabilities but vulnerabilities security teams cannot remediate quickly.”
It’s not just the rush to market that allows vulnerabilities to go undetected in the product design phase. In a competitive market, competitive advantage is often sought through adding more smart features and connecting products to the Internet and/or local networks. However, as new features and connections are added, security is usually downgraded as the attack surface expands.
Also, IoT-enabled devices and systems consist of various elements that span different hardware, network types, collected data, software features, and user experiences. Manufacturers often lack the security expertise to plan ahead for such a diverse set of components and potential vulnerabilities. Compared to enterprise IT, IoT is still in its infancy, lacking the same developed and widespread industry best practices.
Furthermore, IoT solutions are often deployed in large numbers, sometimes in hard-to-reach physical locations. These factors make it all the more challenging for IT security teams at end user companies to manage potential vulnerabilities, especially as they are often stretched to the limit as it is, and non-IT employees may lack the education to follow security practices for new IoT deployments. Default configurations or an inability to update from manufacturers can lead to security problems for the end user.
Who’s Responsible for IoT Security?
When it comes to ensuring the security of IoT devices, where does the responsibility lie? Is it with the consumer or end user? The enterprise or systems integrator? The government?
While the responsibility must be shared among all parties, device manufacturers bear much of the responsibility. Manufacturers must ensure that affordability concerns and the rush to market don’t override security concerns, integrating a focus on security from early in the design process. The decisions made during the design phase set the horizons for the decisions and capabilities available after deployment.
Manufacturers have been collaborating to establish standards for IoT security, and IoT security standards are making their way into law. In 2018, California passed SB 327, an IoT security law which requires manufacturers to provide ‘reasonable’ security features such as unique passwords. As IoT devices become more widely integrated into everyday life, so will regulations targeting manufacturers to ensure basic security measures.
However, manufacturers can go further to design devices with security from the very beginning of the design process. Security-by-design is an approach designers can take to build security into the product from the ground up, making decisions about product development using cybersecurity best practices. This includes minimizing the potential attack surface area, which is composed of all entry and communication points in the software, hardware, and network integrations. The more sensitive an IoT device is, the more security features it should have. Protection mechanisms should be in place in all entry points, by taking steps such as making sure there is no excess code, encrypting traffic, and encrypting binaries.
Despite protections delivered in the design process, security can always be diminished by actions of the organization or end user. That’s why it’s critical for manufacturers to survey any potential risks and effectively communicate them to the integrator or end user. This includes best practices for organizations (such as documentation, firmware updates, and vulnerability testing), and for end users (such as disabling default credentials, using strong passwords, and staying alert for suspicious activity). Working together, manufacturers and users can ensure a more stable and secure system.
Design with Security in Mind
The threat landscape is always changing. For manufacturers and product designers, staying aware of the latest security trends and incorporating them into the design process is key. The best way to stay attuned to these developments and maximize product security is to have the right advisors and trusted industry support. Designers need to be able to rely on good, up-to-date advice from component suppliers and consultants in order to stay ahead of the curve and make good choices when designing new products. By utilizing cutting-edge industry experience, manufacturers can ensure their products are designed with the latest security measures from the beginning.
The choices made during the manufacturing phases are crucial, as they determine the characteristics and capacities of the device. Some of these will be immutable throughout the life of the device and will impose strong constraints for the lifecycle of the device. Planning for security from the requirements phase through to the design and architecture phase will enable a strong basis for security to development, integration, deployment, and beyond.
Designing a secure connected IoT product requires extensive thought and planning. Security implementation draws upon a multitude of factors, including the type of data being stored and transmitted, the regulatory requirements of the device, the hardware and design limitations, the manufacturing location, expected lifecycle of the device, and more. There is no ‘one-size-fits-all’ solution; however, designers can draw on support to integrate the latest best practices and developments.
Design in collaboration: Thoughts from Okdo Applications Engineer Raul Hernandez Fernandez
I still remember the spring of 2018, when the news of a careless deployment of a Raspberry Pi created a portal through which a hacker was able to steal files from the Jet Propulsion Laboratory (JPL), probably the most recognizable of NASA’s labs. The hacker was able to easily expand their access through the JPL network due to the fact that the Raspberry Pi was already connected to it.
According to the BBC, the hacker was able to steal restricted information in relation to international traffic in arms regulation and the Mars science laboratory mission, and temporarily to disconnect several space flight related systems from the JPL network. Consequently, one might think that if NASA was hacked what would be my chances of deploying a secure IoT device? At OKdo we recommend the following steps to have better protection than JPL had:
- Keep your system updated
- Do not auto-login or use empty passwords in your IoT devices
- Change the default password. At OKdo, as responsible manufacturer and distributer, we only distribute sd cards with software images with a unique password procedure
- Disable the default user. At OKdo, as responsible manufacturer and distributer, we only distribute sd cards with software images without a default user
- Stop unnecessary services
- Make sudo required password
- When using SSH prevent root login
- When using SSH change the default port
- Use SSH keys rather than passwords
- Install brute-force attacks detectors like Fail2ban
- Install a firewall like ufw
- Back up your system
Learn more about the services and products of Okdo here.