BROWSE BY TECHNOLOGY










RTC SUPPLEMENTS


INDUSTRY WATCH

Security for the Internet of Things.

In IoT Security, We Trust

BY GREGORY RUDY, GREEN HILLS SOFTWARE

  • Page 1 of 1
    Bookmark and Share

As we come to the end of another summer news cycle, cybersecurity once again saturates the headlines. The summer of 2015 saw cybersecurity vulnerabilities result in the recall of 1.4 million vehicles, the first FDA alert warning, class action lawsuits exceeding half a billion dollars, and more executive resignations. One thing is for certain, customers are demanding better security and starting to hold companies accountable for their designs.

While hacks might not unlock a government super computer and wage a real life war, like Matthew Broderick had us believe in “War Games”, what they’ve proved they can do is drive a car off the road, steal personal information, ruin corporate names, and stop hearts. The truth is, the interconnection of our world allows truly amazing movement of information, but those vast and complex connections also provide exponentially more end points, which hackers can use to compromise systems.

This explosion of end points is perfectly represented in the Internet of Things (IoT). At their foundation, IoT devices are all network-enabled embedded systems. They contain inputs, outputs, state machine processing, and data specific to a purpose. Security is typically justified in safety-critical and data-sensitive devices, but what about when it’s neither?

Why care if someone can hack your toaster? The answer is not just burnt toast. A better question is, “What could happen if an attacker changes the software?” Since it’s networked, malicious software can collect and forward network data, such as emails and websites viewed, to someone outside the firewall. If the toaster supports voice commands, software can activate the microphone and record conversations. And that same, once innocuous, toaster can be used to attack other critical systems on the network - your phones, your webcams, and your computers. It’s no longer a matter of your toast -- but your network security.

An end-to-end security architecture protects IoT devices and their networks by establishing trust. Originating from an immutable root allows us to verify that software has not been tampered with or changed. Once we’ve established trust with the software, we can then extend trust to other end points using cryptographic authentication. In this networked world, everything is untrusted until proven otherwise. By limiting software and communication to only trusted sources, we ensure that all IoT devices operate as designed, safeguarding your network from compromise.

The fact is, the Internet of Things is here and growing. This means the number of attack points will continue to increase alongside the number of connected devices. In direct response to this growth, end-to-end security provides the necessary protection to keep the headlines positive. Let’s make sure we drive better headlines in the future.

Green Hills Software
Santa Barbara, CA
(805) 965-6044
www.ghs.com