How to Build a Safer Internet of Things – IEEE Spectrum

http://spectrum.ieee.org/telecom/security/how-to-build-a-safer-internet-of-things

Posted from WordPress for Android

1 Comment

  1. Tomi Engdahl says:

    Opinions vary widely on IoT security concern
    http://www.edn.com/electronics-blogs/systems-interface/4413081/Opinions-vary-widely-on-IoT-security-concern

    Will the IoT (Internet of Things) become a hacker’s paradise? Or is concern over security for the embedded systems that define the IoT overblown?

    Opinions about IoT security are as varied as the systems that will make the IoT, according to a study released last week at DESIGN West by UBM Tech (EDN’s parent company) and VDC Research, an M2M market intelligence firm. Study participants represented a broad base of industry segments from industrial automation to general-purpose systems. A full 50% indicated they’re currently using IoT/M2M in current projects – and 69% said they expect to be using IoT/M2M in three years.

    27% of survey participants indicated the industry is not very vulnerable or not vulnerable at all to attacks on IoT/M2M devices.

    I’m having a hard time with the “somewhat worried” category: If there’s a basic acknowledgement of a security problem, we all should be very worried. Even under the assumption that the IoT will comprise billions of smart sensors with hardwired operation that can’t be modified remotely, there are too many opportunities for corrupting the data stream – make that deluge – of information flowing through the IoT. As soon as someone introduces corrupt data into the IoT (by hacking an “impenetrable” IoT device to steal “protected” crypto keys, say), the concept of the IoT is at risk. You can imagine the havoc if modified data are introduced into highway traffic systems to route traffic at the bad actors’ discretion or emergency response systems are flooded with misleading data.

    Recognition about specific points of IoT device vulnerability comes through in participants’ response to a question about the security solutions expected to add value to next-generation devices (Figure 2). Here, participants cite traditional security issues including data encryption, authentication, and separation.

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*