The Internet of Secure Things: Vulnerabilities Beware
I hope you are enjoying the summer as much as I am and taking some well-deserved time off. Before you go, I’d like to play out a security scenario with you. Imagine your company manufactures mission critical machines and just a few days before you depart on your dream vacation you discover that 10,000 machines, deployed across hundreds of customer locations, have a software flaw- the result of which could be a serious security problem for your customers and a significant risk to your organization. Luckily, the engineers on your team have quickly developed a patch for the vulnerability. Do you:
a). Send out an email advisory of the problem and hope that your customers download the patch while you’re on vacation, keeping your fingers crossed that there aren’t any major headaches for customer support during your absence. (If this is the case, you should worry if you will have a job when you return!)
b). Cancel your vacation and start copying the patch to thousands of USB memory sticks to be mailed out to every customer location. (If this is the case, that “well-deserved” vacation doesn’t seem to apply.)
c). Something else.
Given that you are reading a blog on the IoT and you are interested in security, I am betting that you picked “c). Something else.” That something else is the IoT. The ability to connect to a machine is critical to being able to ensure that it’s secure. An unconnected machine is one that is likely unpatched and therefore vulnerable. However, while connecting to your machines is laudable and a great first step, it’s not enough.
There are many components to an IoT project including the means to update the software. Not only does your solution need to be aware of the version, the right steps to perform, and what to do if an error occurs, but it also needs to consider what network bandwidth constraints may exist. Unless your customers have unlimited bandwidth you might want to limit how many fixes being deployed at a given moment in time. Additionally, what if the machine is performing a critical task- for instance “in surgery” literally opening up someone’s chest in an operating room? It might not be a good time to perform a software update. You need the ability to put the device into a mode that prohibits it from doing the update at that time or allows you to deploy the updates when it’s most appropriate.
Up to this point we have assumed that all machines are the same, but what if machines have different configurations, boards, chips, modules, or software? Can the same patch be applied identically to all your machines? You need software that can differentiate between the various versions and apply the appropriate software.
Once you have sent out updates to thousands of machines you need the ability to audit, monitor, and report on the results and identify any problematic machines that might need additional intervention. The software has to have the tools to track which machines were updated and which ones have problems that require manual service. It sounds like a tall order for any solution to be able to meet all of these requirements- and it is! PTC ThingWorx was designed for product manufacturers to be able to meet the rigorous requirements outlined above. Our customers that utilize ThingWorx’s IoT platform are able to update content on thousands of machines managing vulnerability fixes, other software updates, as well as pushing configuration data. Learn more about how PTC ThingWorx is solving real world problems and addressing IoT security requirements.