From all of the headlines we continue to read, it’s clear that connected, embedded devices need built-in security. As sensors in internet of things (IoT) products continually gather valuable data that we use for decision-making or for machine-learning, we have to trust the root data being used. Similarly, distributed actuators need to be able to trust the commands that they receive.
It’s not that we lack good embedded security technology. Why, then, are smart products such easy targets for security breaches? Security and hacking involves a balance or risk versus reward. Consider the Jacquard loom, one of the first programmable devices that, you could say, marked the dawn of the era of smart devices. But we certainly haven’t heard about these looms being attacked because, after all, what would the reward be? Room-sized computers that later emerged to support government, the military, and big business could have brought bigger rewards, but the risk of attacking them was very high.
Jacquard loom, one of the first programmable devices.
Now, as more of us carry products with a great deal of intelligence and sensors, the risk of breaching these devices has dropped substantially. Devices are more accessible and the rewards can be great.
Two big issues are delaying more prevalent implementation of security. Fortunately, there are also great ways to move forward and reverse this disturbing trend. For example, Maxim’s MAXREFDES143# IoT embedded security reference design protects an industrial sensing node via authentication and notification to a web server. Many IC companies, including Maxim, also offer components such as secure microcontrollers that provide a foundation for creating smart products that are also protected against hacking, cloning, counterfeiting, and other nefarious activities.
Read my Embedded Computing Design article, “Make your device unattractive to hackers: Design in security early on,” to learn some useful tips and tricks for better IoT design security.