In this software driven, IoT era, manufacturers now have to start thinking like software companies, says Cigital's Joel Scambray.
The Internet of Things (IoT) is opening up new possibilities when it comes to functionality, with a seemingly endless stream of devices fitted with software and sensors that can communicate information.
However, with the recent explosion of internet-connected devices and greater volumes of information flowing across networks there are concerns that, in the race to deliver greater functionality, we haven’t paused to consider the wider risks to users of these devices.
The fact is that data privacy and security should be front and centre of any product development efforts. While we need to continue to deliver products which are attractive to consumers and offer greater functionality, ease of use and enhanced performance, we have to build security into the devices at the earliest development stages.
So what are the key issues for manufacturers in making IoT devices that are safe ‘by design’, which protect users and, ultimately, keep their data secure?
The new era of development
There is little doubt that embedding internet connectivity into devices offers some clear commercial opportunities.
Gartner has predicted there will be 25 billion devices connected to the internet by 2020, and IoT product and service suppliers will generate a revenue exceeding $300 billion.
However, it has thrown up new challenges when it comes to the security of devices and this comes down to the way that the software is developed, updated and maintained.
The limits of IoT Security
There are fundamental design constraints which mean that implementing traditional security controls is not always an option for IoT Devices.
However, security incidents, such as medical devices or cars being hacked will become more widespread unless software is designed securely.
Even seemingly innocuous objects, from connected printers to toasters can be targeted, as they provide a point of weakness to a network and to gain access to other, more valuable data.
Anything connected to the Internet can be discovered and potentially infiltrated by a hacker; software that has not been designed and manufactured to be secure will contain vulnerabilities that can be exploited to gain access to the device.
If we are to protect against such attack vectors we have to start thinking like the adversary. This starts with pinpointing the key design constraints inherent in IoT devices. For example;
- The software within IoT devices typically uses basic coding language which, if poorly designed and built, can be harder to fix as they are built, for speed and efficiency.
- Making one small change, can have radical implications for the functionality of the device, so manufacturers have to be careful about security patches.
- Maintenance of software can also be an issue; the software that is embedded in the hardware and which runs the ‘things’ isn’t subject to the same update cycles as software in PCs’ and mobile devices. This is a problem, when devices are unpatched, vulnerabilities can be exploited to gain access or even track / identify user behaviour.
One recent example highlighting the vulnerabilities of software design, is the Mitsubishi Outlander. Researchers exposed a security flaw in its software system that would allow hackers to identify a car’s location or even remotely turn off the car’s alarm system, control the lights and drain the battery.
Shortcuts in the development process, and overlooking non-functional aspects such as security, may save costs in the immediate term, but it’s a false economy.
Building security in
Avoiding the financial or reputational damage that can come with incidents such as the Mitsubishi hack, means building security into the design of the software – at the beginning. Security needs to be a primary concern alongside cost, reliability and usability.
Factoring in the risks and taking remediative action at the beginning is far less costly than finding and fixing flaws when a product has been released – or worse, having to recall a product due to fundamental flaws in the coding.
On the software development side, developers should focus on aspects such as threat modelling – i.e. identifying and addressing the security risks associated with an application, as well as carrying out penetration testing in order to have a clear understanding of the attack surface.
Ensuring a secure update mechanism is in place is key. Security updates for every IoT device should be seamlessly enabled so that new patches can be installed in real time.
Devices with automatic updates to software must be able to protect against new vulnerabilities and patches should be applied automatically.
Security should not be neglected in favour of lower costs and faster time to market. Building secure software into IoT devices from the beginning has far fewer consequences as it is more efficient, less expensive, far less impactful to productivity, and secures the data of your customers.
In this software driven era, manufacturers now have to start thinking like software companies.