Some Pointed Lessons in IoT Security
Several recent high-visibility exploits and hacks have raised awareness of IoT security flaws, including a DDOS attack using unsecured devices, a hacked Jeep Cherokee that led Chrysler to mail 1.4 million USB drives with a patch to affected owners, and the revelation that Shodan, the IoT search engine, could find and display a baby monitor feed. As security professionals know, it’s difficult for people to keep security top of mind, no matter how much publicity it gets.
All your current security vulnerabilities—plus a whole lot more!
You may not be getting in line for that offer, but you can bet anyone eager to exploit security vulnerabilities is. Software security was already difficult enough without smart, connected Things being added to the mix.
The Things of the IoT are physical objects in known locations. In an industrial deployment there are a lot of them, many in remote or hard-to-secure locations. For the near future, most of these deployments will be “brownfields”, that is, retrofitted to existing equipment and machinery. Anyone trying to break your security has physical access to your deployment.
To be effective, an IoT solution must secure all of the layers of the application stack, from Hardware, through OS and Network, all the way to Cloud and IoT. And everyone is aware that security experts still have trouble securing even the bottom four layers (Hardware, OS, Network, and Web) that are the domain of our desktops and laptops, and have been around for decades. Adding IoT on top doesn’t eliminate the need to keep the lower layers secure.
There are a startling number of ways to go wrong
The Open Web Application Security Project (OWASP) has now focused its attention on the IoT. They have detailed the many ways you can go wrong, and the things you should watch out for. Among them are:
Internet of Lies: your edge devices can report autonomously, but can you rely on what they are telling you? What do you do when the devices are deliberately telling untruths? Certain emissions controls in 11 million Volkswagen diesel cars activated only during testing, but otherwise turned themselves off. Assume the worst.
System hardening: a wide feature set is a selling point for customers—but each feature is a potential security vulnerability. Disable any unneeded features when deploying—and remember to check this at every level.
Lifecycle support: your security must be forward compatible. You need to be able to update the devices in the field, because eventually you will need to update them. These devices will be operational for a long time.
N:N authentication: you’ll be moving from a world based on a relationship of one application to one user, using a login and password, to a world of N:N authentication, with many people interacting with many devices.
Principles of IoT Security is a presentation by Justin Klein Keane of OWASP, who shows you many more ways to go wrong.
IoT deployment with security as well as vulnerability
People use devices to get their personal and business jobs done. Usually, the easier it is for them to do things, the more security risks compromise.
In an ideal world, employees would only be able to interact with the devices appropriate to what they need to do, and the security level they have. Sometimes they should only be able to see and report on a device, sometimes they should be able to dig into it deeply. This is difficult to manage in practice. An application like ThingWorx provides a fine-grained system of permissions and visibility that ensure that only the appropriate employees can see and modify devices.
The next important consideration is the security of the device in the field, outside the organization’s firewall. Device-initiated connectivity will minimize the attack surface. Each device can connect with one and one server, ensuring access control.
Securing Your IOT Infrastructure with ThingWorx is a presentation by Rob Black of ThingWorx that provides an overview of these and other IoT security challenges, focusing on key areas of IoT architecture, using ThingWorx functionality as the model.
Protecting Smart Devices and Applications Throughout the IoT Ecosystem is a white paper by Rob Black that digs more deeply into IoT security best practices.
Defending the hostile edge
The IoT’s “hostile edge” is a unique security challenge, different that that faced by previous security implementations.
If you manufacture devices, your customers are looking to you to provide a reliable solution that supports their existing security model, provides granular control over user access, and offers easy-to-use audit and tracking capabilities. This solution must protect them and their customers.
The ThingWorx Edge MicroServer (EMS) and its associated software development kits (SDKs) serve as an interface between the deployed intelligent devices and the ThingWorx server.