You can’t afford to wait for the gurus. Eventually a cybersecurity expert will come up with a solution to the security vulnerabilities in IoT networks. It may even be something so elegant and clever that everyone smacks themselves in the head and says, “Why didn’t I think of that?” But you can’t afford to wait until someone has that “Eureka!” moment and solves this for us. For now, security is a “you problem” and there are important steps your organization should be taking immediately to protect against the kind of IoT security breaches that have made so many headlines.
Don’t worry, I am not asking you to become a cybersecurity expert. Luckily, you don’t need to be one to make your sensor networks more secure. Full disclosure that I am not one of those security gurus. I don’t have the super-secret blackhat and whitehat hacking background to be a member of that that club of experts. But that is exactly the point. What I am is an engineer and manager whose job is to make wireless networks work not only as a network but as a part of companies’ overall IT infrastructure. And that is exactly what so many of you readers of Sensors Magazine are as well.
We have projects that are going to be deployed this week and next month and the month after that…and our clients and bosses want them as secure as they can be. We are the ones that will get the anxious calls and emails each time that an IoT security story is in the news, because this is our responsibility. We may not be able to create a definitive solution to these security vulnerabilities, but we can make our wireless devices and networks less vulnerable.
This two-part series of articles is written for two key audiences that read Sensors Magazine: the non-technical business people whose organizations are doing IoT deployments and the engineering teams who do the technical work to design and build sensor networks. What links Part 1 and Part 2 is a focus on very practical advice that can double as a checklist of steps that can be implemented by any reader of this magazine – with no cybersecurity expertise required.
Part 1 (which you are reading now) starts out at a higher level by mapping out key strategic steps that organizations should take to have a stronger IoT strategy, and that requires strong alignment and dialogue between business managers and the engineering teams. Part 2 (which will be published soon) will provide a technical deep dive on the more granular aspects of a security strategy, including best practices for threat modelling and the complex process of selecting and working with third party security companies.
Here is the initial checklist for more secure IoT projects, with more to come in Part 2 of this series:
Start Talking Security on Day 1
This will likely sound a lot simpler than it is, but the most important thing your company can do to make IoT more secure is to talk about security much sooner – as soon as Day 1 of the planning process for a new IoT project. So often, the early stages of planning focus on setting specifications, outlining budgets for security spending and selecting some key components. But those initial discussions should put a spotlight on security for both hardware and software. And that spotlight on security should shine on every stage of the project, including design, development, testing, production, deployment, service life, and even decommissioning.
Perform Threat Modeling
One of the most important steps your organization can take during the strategic discussions above is to commit to doing security and threat modeling that looks not only at the connected devices but also the environment they will live in. Performing that kind of modeling early in a project can identify vulnerabilities that your team can address during the development process that would be much harder to solve once a sensor network is deployed.
There are simple-to-use tools available from third-party security vendors that can help you perform this modelling yourself, and there are third parties that you can outsource that function to. Because most development teams are not security experts, and that many talented security firms offer this exact service, getting third parties involved to help with the security effort can be a real benefit that accelerates this process. Should you choose to go this route, get them involved early, and keep them involved throughout the program. I will dig into this process in greater detail in Part 2 of this article.
Don’t Forget about the Cloud
This is a corollary to the bullet above, but I will separate it out so it doesn’t get lost in the mix. One of the most common security-related mistakes that companies make is looking at their sensor networks in a vacuum without looking at the security foundation of how those devices send and receive information and instructions via the cloud.
Most IoT sensor network deployments are going to utilize the cloud as a way of achieving two-way communication and serving as an extension of a company’s IT systems, but too little attention is paid to the security of those servers and the bi-directional communications with sensor networks. Engineering teams should conduct a risk-benefit analysis of different models for cloud connectivity ranging from highly-secure private servers that may have a much higher cost to truly public cloud servers that have lower operational costs but that may have higher risks. There is no one-size-fits-all answer for every company, but discussing this will help your company strike the right balance between cost and security.
Don’t Let Firmware Updates Be Your Weak Link
For your IoT security strategy to be more secure, it is imperative that your organization build a process that allows for firmware updates to be delivered in the field. Once your sensor networks are deployed, you need a way to deliver security updates as new vulnerabilities are discovered. The embedded software in sensors and gateways must be updatable for you to help them keep pace with security threats.
Another important discussion point for your organization during the planning process is how those firmware updates will be delivered. Many wireless devices support firmware updates over the air (FOTA), making field upgrades a breeze for customers. This also presents additional attack surfaces for nefarious activity. Your firmware delivery process needs to be as secure as possible while also being practical at scale to hundreds or thousands of sensors that are in the field, and the best way to accomplish that is to address it early in the planning process.
Test, Test, Test!
Everything I’ve discussed above is about steps you should take early in the development process, but here is something that should come at the end…before you flip the switch and make sensor networks live. Of course, your engineers are unit testing, functional testing, and performing various security testing throughout the development process – but the testing at the end needs to be heavy and comprehensive. To be honest, though, this step is often the hardest because there is so much pressure to finish projects, turn the networks on, declare success and move on to the next project.
I strongly advise you and your team to resist that temptation to rush across the finish line and build in a final testing step that focuses specifically on security testing. The process doesn’t have to take long if you use automated tools or third-party services, so it won’t create unacceptable delays to your implementation timeline. But the findings can be significant security-wise by pointing out vulnerabilities you should address before turning a sensor network on.
What is involved in this final round of testing? Penetration testing (aka pen testing), fuzz testing (fuzzing), white box testing and black box testing. In the past, that kind of testing was time-consuming, but that is no longer an issue and shouldn’t stand in the way of your team building this into the schedule.
There are other important steps you can take – including making sure your component libraries have tracking and updating capabilities that ensure that security patches get delivered to sensors in the field – but this checklist is a solid one for starters. As you can see, there is a clear theme that comes through in these tips: Talk about security as early as possible, and continue to test security as late as possible. If you move forward with those guiding principles in mind, your company will achieve a big step up security-wise until these security vulnerabilities are solved once and for all.
About the author
Chris Cole is the Vice President of Technology for Laird’s Connectivity business unit, which provides a full range of modules and engineering services that simplify the process of using wireless technology. As VP of Technology, Chris is responsible for overseeing development of many of Laird’s most important IoT solutions initiatives. He has more than 30 years of experience in software development, wireless technologies and microelectronics. To contact him, email [email protected].