K
Kathleen Martin
Guest
We increasingly manage our lives via a bewildering array of technological devices and services and the IOT revolution offers us the promise of “everything connected” to make our lives simpler, freer, and healthier. However, our reliance on technology could also be a threat if malign actors can gain control of our devices and systems.
IOT devices have particular vulnerabilities, as they are typically based on limited resource devices where there may be limited features and capacity to implement advanced security.
Many devices use RF technology including Bluetooth or Wi-Fi and, in such cases, you are literally broadcasting your data for any snooper who wants to listen in.
Security designed in from the start
The first thing to note is that security is not something to be bolted on at the end of the design process as an afterthought. Security needs to be designed into a system from the start. Thinking about security should be integrated into the definition of the basics of the system.
It is vital to begin by analysing the consequences of possible system breaches, entry points for an attacker, and the steps to be taken to mitigate any risks. Clearly not all systems carry the same level of risk. So, there is no one “right” level of security. The security for a medical or financial based system has different requirements to that of a simple monitoring system.
That said, you must always be careful. For example, a smart home system may primarily control the heating, and not seem particularly interesting. However, the data it generates can reveal when the owners are away on vacation and offer an opening for a burglary.
Entry points
Having decided what you are trying to protect against, the next step is to analyse where an attacker might gain entry to the system. The key is to take a wide-ranging approach to identifying the weakest link. For instance, you could design a highly robust architecture for the system yet neglect to adequately protect the step where devices are initially programmed in a subcontractors’ facility.
Continue reading: https://www.newelectronics.co.uk/content/features/rf-and-iot-security
IOT devices have particular vulnerabilities, as they are typically based on limited resource devices where there may be limited features and capacity to implement advanced security.
Many devices use RF technology including Bluetooth or Wi-Fi and, in such cases, you are literally broadcasting your data for any snooper who wants to listen in.
Security designed in from the start
The first thing to note is that security is not something to be bolted on at the end of the design process as an afterthought. Security needs to be designed into a system from the start. Thinking about security should be integrated into the definition of the basics of the system.
It is vital to begin by analysing the consequences of possible system breaches, entry points for an attacker, and the steps to be taken to mitigate any risks. Clearly not all systems carry the same level of risk. So, there is no one “right” level of security. The security for a medical or financial based system has different requirements to that of a simple monitoring system.
That said, you must always be careful. For example, a smart home system may primarily control the heating, and not seem particularly interesting. However, the data it generates can reveal when the owners are away on vacation and offer an opening for a burglary.
Entry points
Having decided what you are trying to protect against, the next step is to analyse where an attacker might gain entry to the system. The key is to take a wide-ranging approach to identifying the weakest link. For instance, you could design a highly robust architecture for the system yet neglect to adequately protect the step where devices are initially programmed in a subcontractors’ facility.
Continue reading: https://www.newelectronics.co.uk/content/features/rf-and-iot-security