Internet of Things Security: Implement a Strong, Simple & Massively Scalable Solution (2018)

By Ron Ih, Kyrio

The industry has been chasing its tail for the past 5 to 7 years on the issue of Internet of Things (IoT) security, and it seems every week brings a new article about the need for device security or details about yet another security vulnerability exploit. The Internet is teeming with articles about issues and after-the fact bandages, but very few of them get to the heart of the problem, which is how to secure network ecosystems that include interoperable autonomous devices.

IoT adoption continues to grow—but at the expense of good network and cybersecurity practices.

Industrial and commercial IoT had previously been characterized by isolated networks that allowed devices within the network to communicate, but there was no connection to the outside world. In these use cases, it was possible to get away with weak security because it was more difficult to execute a wide scale attack from the Internet. However, there is growing demand by utilities and builders to enable external communication and control of commercial devices to improve energy efficiency and provide better power grid management. This requires that commercial, industrial and even residential IoT devices be connected to the Internet so that they can be reached by utilities and state energy regulators. These would include lighting control systems, smart meters, solar inverters and home appliances. In fact, network connectivity is already starting to be mandated in some states (e.g., California Rule 21).

However, as critical electric power infrastructure is being network-connected, there needs to be an economical solution that adequately addresses security concerns as well as the logistics surrounding its implementation.

Companies that can provide strong security at scale will be able to use that as a key differentiator for their products, protect their brand and future-proof their products— which can have lifespans of 10 to 20 years or more— as calls for stricter requirements regarding device security loom on the horizon. Even as more wired control systems get connected, wirelessly connected devices are seeing exploding growth. Wireless devices are much easier to install and often reduce deployment time from several weeks to just a few days— or even hours. Easier installation reduces the amount of time installers need to spend on a job, thus reducing costs and increasing revenue by enabling them to do more jobs in the same amount of time.

However, expanded wired and wireless connectivity accelerates the need for a more scalable security solution for these networked devices.

This paper covers the fundamentals of security architecture, best practices and new processes that can vastly simplify the implementation of strong, enterprise-grade security into small resource-constrained IoT devices. The goal is to enable deployment of security on the massive scale needed for IoT, while not sacrificing security robustness, and provide a workflow that can be implemented in hardware across a highly fragmented, embedded system.

This paper will not cover any hacks or exploits; those have been covered quite sufficiently to date. What is needed are more articles that cover the “how” of IoT security, not just further descriptions of new problems. In the new IoT reality, users need to know how to apply security that is strong, simple and massively scalable to tens of billions of hardware devices.

By clicking the "Download Paper" button, you are agreeing to our terms and conditions.

Similar Papers

Building a Cable-Friendly Internet of Things
By J. Clarke Stevens, Shaw Communications
Principles for Interoperability in the Internet of Things
By J. Clarke Stevens, Shaw Communications
Establishing a Strong Security Posture for Open RAN
By Scott Poretsky, Ericsson
An MSO Approach To Securing The ‘Internet Of Things’
By Jim Poder, IOT Strategy and Innovation
Internet of Things Dynamics: Opportunities and Challenges for Broadband Network Operators
By Tim Johnson, Alpha Technologies; Arun Ravisankar, Comcast; J. Clarke Stevens, Shaw Communications; Chris Bastian, SCTE-ISBE
The Pivotal Role of Cable Gateways in the Internet of Things
By Ryan Michael Cunningham, Comcast Corporation
Smart Building Internet of Things Deployment Using Low Power Wide Area Networks
By Victor Lopez, Charter Communications; Mohamed Daoud, Charter Communications; Hossam Hmimy, Charter Communications
Internet Service Providers and Cybersecurity: Device Identification and Security at the Edge
By Scott Dotto, Charter Communications; Justinas Bisikirskas, CUJO AI; Kyle Johnson, Charter Communications; Leonardas Marozas, CUJO AI; Tyson Vinson, Charter Communications
Dynamically Addressing the Gap of Software Application Protection without Hardware Security
By Rafie Shamsaasef & Aaron Anderson, CommScope
Diversity Via Code Transformations: A Solution For NGNA Renewable Security
By Yongxin Zhou, Alec Main, Cloakware Inc.
More Results >>