
Blog
Discover our content on the most innovative technological topics covered by industry experts
How to Develop Secure Internet of Things Devices

When referring to the Internet of Things (IoT), everything from Wi-Fi-enabled cars and Bluetooth-enabled fitness bands to streaming devices and smartphones come to mind. There are countless devices connected to the internet; the question is whether these are secure IoT devices? Security tends to be overlooked by some companies until there is a breach. A breach can be devastating.
Factor in the Industrial Internet of Things (IIoT), which interconnects critical manufacturing, utility infrastructure, and other complex machinery, and the need for good security and privacy is emphasized even more. This is because IIoT transmits sensor data, allows remote control of complex machines, and provides a gateway to private information. While the IIoT facilitates improved efficiency, cost reductions, and convenience, an IIoT security issue can introduce major problems.
The Key to Developing Secure IoT and IIoT Devices
To create secure IoT devices and machines, companies must define products and use cases that meet business goals while having the flexibility to block access for unintended uses. The definition and implementation of product requirements have been practiced for decades. Defining security requirements and identifying the countless ways a device can potentially be used in bad ways is more difficult, requires time, and therefore also requires commitments of money and schedule. This added time and money is often viewed as unproductive, until a problematic hack occurs that has a cost impact greater than or equal to what would have been required to implement security.
Factors to consider when defining IoT security needs include:
- How the device communicates over networks. Network interfaces include wired Ethernet, Wi-Fi, Bluetooth, ZigBee, cellular, Lora, and others. Wireless networks are often more vulnerable to discovery and hacking than wired ones.
- Amount and sensitivity of the data transferred. The more sensitive the data (meaning the more useful it is to a hacker), the more incentive there is for a hacker to intrude and therefore the more diligence in security that should be undertaken. For example, there is far more value in medical records, financial transactions, or power plant operational data than there is in bowling scores being transmitted around a bowling alley.
- Appropriate security measures to protect the IoT device and its data. Methods include the use of strong security keys, passwords, user access policies, access monitoring software, firewalls, and more.
When conceptualizing a new product, the underlying hardware should include sufficient capability to execute the intended application and security features while allowing for a growth path for future firmware updates. Without added capacity, unforeseen issues may not be resolvable via updating existing devices in the field, rendering them functionally obsolete and leading to high replacement costs.
IoT Security and Total Cost of Ownership
While Custom Engineering Services and product costs will likely increase when factoring in security, the total cost of ownership must be considered over the product’s useful life, including its service time in the field. An IoT security breach has a number of costs which must be factored: cost to resolve the breach (engineering time), cost to deploy the fix (especially if a device in the field must be hand-serviced to be upgraded), costs to recover from loss of data, and opportunity costs from any bad publicity resulting from publication of a breach. These costs can add up fast and can damage reputations.
The use of IoT and IIoT devices will grow exponentially over the foreseeable future. Enabling secure IoT devices is key to realizing the benefits of this trend over the long term.
- By: Rodney Feldman
- Published: Jan 4th 2017
- Categorized: Blog
- Tagged:
Recent Posts
Tags
- AI
- Artificial Intelligence
- ATEX
- automation
- best rugged tablet
- Case Study
- Clea
- commercial Android tablet
- Custom Android tablet
- custom Android tablet manufacturer
- Custom Engineering Designs
- Custom handheld device
- custom HMI
- custom human-machine interface
- custom made medical devices
- Custom made tablets
- custom medical device
- custom medical device manufacturer
- Custom mobile device
- Custom portable device
- custom tablet
- Custom tablets
- custom tablets manufacturers
- Electrical engineering
- Electronic design
- Embedded board
- embedded board manufacturers
- Explosive environments
- Freescale i.MX 6
- Fury-F6
- Fury-M6
- geolocation
- GPS
- Handheld Device
- Handheld Device Design
- Handheld Electronics Design
- Hardware
- Hydra Rugged Tablet Tests
- Hydra-F6 Rugged Tablet
- IECEx
- IIoT MAnufacturing
- industrial Android tablet
- industrial tablet
- industrial tablets
- Internet of Things
- intrinsic safety circuit design
- Intrinsically safe
- intrinsically safe circuit
- intrinsically safe circuit design
- IOT
- Mechanical Engineering
- medical grade tablet
- medical rugged tablet
- military rugged tablet
- ML
- Modified COTS
- OEM android tablet
- Operating system
- portable device design
- portable devices
- portable electronics design
- RTOS
- rugged
- rugged Android tablet
- Rugged Android Tablets
- rugged linux tablet
- rugged tablet
- Rugged tablets
- SBCs
- Security
- SecuritySmart
- supply chain
- tablet
- tablets
- Test and Certification
- Video
- White Paper