IoT Security: How To Design Hack-Proof Connected Solutions
Why does IoT security remain unattainable, and how could your startup create an IoT solution that is impossible to hack? Let's find that out!
Join the DZone community and get the full member experience.
Join For FreeWorking with IoT startups worldwide, I've noticed that many of my customers do not fully understand the importance of IoT security.
Meanwhile, an independent study by SAM Seamless Network claims that more than a billion IoT devices were hacked last year. Given that there are roughly 15 billion connected products worldwide, it means every fifteenth device — from Bluetooth-enabled fitness trackers to smart coffee makers and warehouse robots — fell victim to a cyberattack, compromising user data, becoming part of an orchestrated botnet, or simply shutting down.
In this article, I'll explain why ensuring end-to-end security is an essential step in the IoT software development process and how you could create a hack-proof IoT solution.
What You Need To Know About IoT Security (Or Lack Thereof)
Before we dive into the complex world of technologies improving the Internet of Things security, here are some IoT security stats and notable accidents for your consideration:
- In 2010, an Iranian nuclear plant in Natanz overlooked a cyberattack exploiting a vulnerability in a Windows host machine. Using a legitimately looking Realtek driver, the hackers took over the programmable logic controllers (PLCs) to damage over 1,000 uranium enrichment centrifuges.
- In 2016, an army of IoT devices infected with the Mirai malware launched a series of successful distributed denial-of-service (DDoS) attacks, causing temporary inaccessibility of Twitter, Netflix, Airbnb, Reddit, and other high-profile websites.
- In 2021, Verkada, a building security vendor, suffered an IoT security breach involving 150,000 surveillance cameras. The attack, which targeted a Jenkins server used by Verkada's customer support team, resulted in the release of videos and images from connected cameras installed at hospitals, police stations, and even offices of the world's leading companies like Nissan and Tesla.
As you can see, no company, large or small, can afford to take IoT security lightly. Sometimes the culprit could be hard-coded device passwords. In other instances, cybercriminals exploit vulnerabilities in embedded systems or other applications comprising an IoT infrastructure. And in some cases, hacks cannot be executed without a malicious insider.
To better understand the root causes of the numerous Internet of Things security challenges, let's define IoT security and the processes it encompasses.
What Is the Internet of Things Security?
In case you need to refresh your knowledge about what the Internet of Things is and what components constitute a cyber-physical system, check out my custom IoT product development guide and this post about IoT architecture design.
The Internet of Things security refers to the safeguards and protective measures that help secure connected devices in IoT deployments.
As IoT devices can range from smart home solutions like thermostats and connected speakers to industrial equipment and self-driving vehicles, the Internet of Things security requirements may differ based on industry, use cases, and target audience.
Some universally applicable best practices for preventing IoT security problems include:
- Encrypting data in transit and at rest, which makes it unreadable to unauthorized users.
- Preventing unauthorized access to devices and the Internet of Things network by enforcing strong passwords and other user authorization methods, such as one-time SMS passwords and multi-factor authentication.
- Implementing firewalls, intrusion detection systems, and secure communication protocols to protect the network that IoT devices are connected to.
- Keeping the embedded software that gives voice to IoT devices up to date and timely fixing its security vulnerabilities.
- Incorporating security measures in the design and development stage of IoT devices rather than as an afterthought.
While it's the prerogative of IoT solution vendors to follow these Internet of Things security best practices, it's also important to remember that IoT security is a shared responsibility. Unless end users take the necessary precautions like changing default passwords and installing software updates issued by the gadget's manufacturer, mitigating IoT security risks will always be a losing game.
Why Is IoT Security Often Compromised?
The root causes of IoT security vulnerabilities can be diverse, often resulting from the unique characteristics and challenges of the Internet of Things ecosystem.
Since IoT solutions operate at multiple levels, including operating systems, low-level software, cloud infrastructure, data and networking protocols, end-user apps, and hardware, IoT security threats can stem from any of these functional components.
On top of that, many IoT solutions are designed to be small, cheap, and energy efficient, often with limited processing power, which can make it difficult to implement traditional security measures.
And the fact that half of all IoT products originate in startups, who normally operate on a shoestring and strive to reduce their time to market to beat the competition, only complicates the matter.
Here are several factors that compromise security in IoT:
- Insecure design and manufacturing. Unless you're a large enterprise with a solid IT budget, you're likely to prioritize functionality, cost-effectiveness, and speed-to-market in the Internet of Things projects at the expense of IoT device security. This happens because thorough requirements analysis, quality control, and extensive IoT security testing come with a hefty price tag. And yes, did I mention IoT projects are often executed by multiple teams, which may operate in different countries? For example, can you vouch that your hardware manufacturer from China performs firmware flashing duly? So, add multi-vendor project management hours to the IoT cost estimate. Now you understand why most companies simply go with the flow, ignoring IoT security risks.
- Lack of updates and patch management. Frequently, IoT devices do not receive regular firmware updates to patch vulnerabilities — either because manufacturers stop supporting these devices or because they are difficult to update due to design constraints. This leaves cyber-physical systems exposed to known security exploits.
- Use of default or weak credentials. Many IoT devices come with default user names and passwords that may be publicly available or easy to guess. If these credentials are not changed by the end-user, it can provide an easy way for attackers to gain access to the IoT solution.
- Lack of data encryption. Some IoT devices transmit or store data without proper encryption, leaving sensitive information exposed to potential attackers.
- Poor network security practices. IoT devices are often connected to networks without adequate security measures in place, such as the use of the Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols, multi-factor user authentication, and intrusion detection mechanisms. As a result, hackers can pinpoint compromised devices and leverage them to attack other IoT solutions on the network.
- Lack of standardization. The Internet of Things ecosystem is diverse and lacks a unified set of IoT security standards. This means that vendors adhere to different security best practices, which may be region or industry-specific or dictated solely by the gadget's intended use cases and design peculiarities. For instance, smart bulb manufacturers' key priority is to interface their products with popular home automation solutions. Therefore, they might take IoT security lightly, failing to implement a smoother firmware update mechanism or using less effective encryption protocols.
Addressing these issues requires a concerted effort across the Internet of Things landscape — from device manufacturers to regulatory bodies and end users. Yet, almost a quarter of a century since the Internet of Things term was coined, IoT security remains as elusive as ever.
As an IoT startup, what can you possibly do to foresee the Internet of Things security issues and take appropriate measures early in the development process?
The answer largely lies in reliable IoT communication technologies.
Communication Technologies at the Forefront of IoT Security
In the meantime, I'd briefly explain what makes connectivity technologies the cornerstone of IoT security:
- IoT protocols encrypt data that travels between endpoint devices and the central hub and cloud servers, making it unreadable to third parties.
- Secure wired and wireless connectivity technologies ensure data integrity, meaning it cannot be tampered with during transmission.
- Communication protocols enforce user authentication through login and password, pre-shared keys, network keys, and tokens.
- Some protocols help exercise role-based access control, specifying permissions for certain user and device groups.
- Finally, connectivity technologies facilitate secure rollouts and installation of firmware updates, as well as effective device management, boosting security in IoT deployments.
Rundown of IoT Protocols and Their Security Features
Here's a quick summary of the connectivity technologies described in the source article and their impact on IoT security:
- Transport Layer Security (TLS) secures communications between devices and servers. TLS provides end-to-end encryption, making it difficult for attackers to intercept and decipher data.
- Secure Sockets Layer (SSL) also helps IoT devices securely communicate with servers. However, SSL has been largely replaced by TLS due to some recently uncovered security vulnerabilities.
- Lightweight M2M (LwM2M) is used for device management in IoT systems. Besides ensuring secure device-server communication, LwM2M supports other features, such as firmware updates and remote management.
- Datagram Transport Layer Security (DTLS) protects data transmission in real-time applications, such as video streaming or voice-over IP (VoIP). DTLS provides end-to-end encryption and is designed to handle delays and packet loss.
- Message Queuing Telemetry Transport (MQTT) is used for lightweight messaging in IoT systems. MQTT provides a publish/subscribe model for message exchange and supports TLS encryption for secure communication.
You may also opt for solution-specific communication technology, such as Zigbee and Z-Wave, in home automation. While both technologies are commonly used in smart homes, there are some profound differences between them.
Zigbee is an open standard protocol that supports multiple vendors and is designed for low-power, low-bandwidth devices in smart home systems, such as lighting and temperature control. It operates on the IEEE 802.15.4 standard and uses the 2.4 GHz frequency band, which can cause interference with other wireless devices that use the same band. Zigbee includes security features such as encryption and authentication.
Z-Wave, on the other hand, is a proprietary protocol developed by Silicon Labs and is commonly used for security systems, such as door locks and motion sensors. It operates on the 908 MHz frequency band, which is less crowded than the 2.4 GHz band used by Zigbee, resulting in less interference. Z-Wave devices are also known for their longer data transmission range compared to Zigbee devices. Z-Wave helps encrypt data and supports strong authentication mechanisms.
Additionally, there are industry-specific protocols that boost IoT security in specific technology systems, such as healthcare software solutions.
Some of the commonly used IoT security protocols in medical settings include:
- Digital Imaging and Communications in Medicine (DICOM) is a protocol used for exchanging medical images and information between devices and systems. DICOM includes security features such as encryption and authentication.
- Health Level 7 (HL7) is a set of standards for exchanging clinical and administrative healthcare information between connected devices and systems. HL7 comes in two versions: HL7v2 and HL7v3. It's worth mentioning that neither HL7v2 nor HL7v3 are encrypted by default, but they can be wrapped into an encrypted message.
- Fast Healthcare Interoperability Resources (FHIR), a newer standard for healthcare information exchange, tends to be more flexible and easier to implement than HL7 due to its RESTful API nature.
I'd like to wrap up this section by reminding you that the choice of connectivity technologies for your project depends on the specifics of your IoT system and its security requirements. And often, you'll have to use several technologies at once to meet these needs.
How To Tackle IoT Security Challenges During Product Design
So, let's build a smart HVAC system for warehouse facilities, which would use connected thermostats, humidity and temperature sensors, gateways, and HVAC units!
It's an example of a cyber-physical system that requires end-to-end IoT security: if compromised, the connected devices will serve as an entry point to a supply chain company's entire IT infrastructure and all the sensitive information stored in it, including customer data.
When it comes to the system's connectivity technology stack, I'd opt for:
- TLS or DTLS for securing communications between devices and the cloud platform.
- LwM2M for device management, including firmware updates and remote control.
- MQTT for data exchange between devices and the cloud platform.
These specific IoT security protocols were chosen because they provide end-to-end encryption, protect communication between devices and servers, and support real-time applications such as video streaming or voice-over IP (VoIP).
As for the cloud infrastructure, I recommend choosing the following:
- AWS IoT Core for device management and data processing.
- AWS Lambda for real-time data processing and analysis.
- Amazon Kinesis for secure data streaming.
- And Amazon S3 for secure data storage and retrieval.
By using these security protocols and AWS services, we'll protect the HVAC system from IoT security threats like malware infections, data breaches, and denial-of-service attacks.
Additionally, it would be wise to implement strong authentication and access control mechanisms to prevent unauthorized access to the system. This can include multi-factor authentication, role-based access control, and encryption of sensitive data. And it won't hurt if we conduct regular IoT security testing, including audits and vulnerability assessments, to timely spot and close the loopholes.
Another IoT security issue that needs your attention is the firmware code — and the security vulnerabilities it might contain.
Firmware is low-level software that runs on IoT devices. It controls the device's hardware, enables its business logic, and supports data exchange.
You can secure firmware by following secure coding practices. This includes using secure coding techniques, such as code review and static analysis, to identify potential vulnerabilities in the code. It also involves secure coding standards, such as SEI CERT C Coding Standard, to ensure that the code is written in a way that is resistant to common security vulnerabilities. And if you're planning to use open-source or third-party libraries in IoT software development, you must check them for documented vulnerabilities, too.
It is also essential to implement secure boot and firmware update mechanisms. Secure boot is a process that ensures that the device boots only authorized firmware, preventing malicious code from infiltrating IoT systems. Firmware update mechanisms allow for secure and authenticated updates to the device's firmware, ensuring that the device is always running the latest firmware containing the necessary security patches.
Finally, it is important to monitor firmware code for potential security threats. This includes using intrusion detection systems and monitoring tools to identify and respond to potential IoT security incidents.
Let's summarize.
To solve the Internet of Things security issues during the HVAC system design process, we must do the following:
- Select a technology stack that meets the system's functional and non-functional requirements.
- Use code review and static analysis tools, such as CodeSonar, Klocwork, and Coverity, to identify potential security vulnerabilities in the code.
- Adhere to secure coding standards, such as the SEI CERT C Coding Standard, to ensure our code is resistant to most security threats.
- Implement secure boot and firmware update mechanisms, such as U-Boot, CBoot, and OpenWrt, to validate that the connected HVAC system only uploads authorized firmware.
- Leverage intrusion detection systems and monitoring tools, such as Nagios and Zabbix, to monitor firmware code for potential security threats.
- Identify and address security issues in the firmware code using tools like Nessus, OpenVAS, and Nmap.
- Tap into vulnerability scanners, such as OWASP Dependency-Check and Retire.js, to detect known vulnerabilities in any open-source or third-party libraries used in the firmware, web app, and mobile application code.
Closing Thoughts
From overlooking security vulnerabilities in popular software development frameworks and libraries to using inappropriate connectivity tech stack, there are many ways your IoT project could go awry, putting sensitive data at risk and damaging your brand beyond repair.
The good news is most IoT security challenges could be mitigated — provided you follow the Internet of Things security best practices from day one.
Published at DZone with permission of Roman Lapa. See the original article here.
Opinions expressed by DZone contributors are their own.
Comments