Contact Request Demo
IOT

Impact of hardware security on IoT projects Even the smallest device connected to the Internet is a potential target for hackers. They can steal information, falsify data, or disable the device itself. Trusted computing principles developed in the Internet of Things are now empowering implementation of low-cost hardware security in IoT devices.

By Naveen Joshi 1:27 am

All kinds of enterprises are now becoming keen on exploiting the Internet of Things (IoT) as it can effectively help them in streamlining activities, cutting costs, and improving profitability. IoT has opened up possibilities that are simply irresistible for business managers to explore new sales avenues and for engineers to probe new technical opportunities. Amongst all this hype surrounding IoT, one significant issue that  has been overlooked, is security. Security is usually a low priority for developers who are rushing to create advanced new products, to roll them out to customers as quickly as they can. If the device is not properly secured, a hacker can gain valuable information such as user passwords, by simply observing data flows. Thus, hardware security in IoT projects should be given utmost priority.

A recent experiment reported by the BBC has exposed security weaknesses in smart meters used in Spain. Encryption keys that were embedded in the software were found to be easily accessible. If a hacker came to  know that these keys are not strongly secured, he or she could easily hack them to send false usage data, amounting to energy theft.

Enable Hardware Security in IoT

Attacks such as cloning devices with rogue code are difficult to prevent effectively using software-based security alone. Personal users, and organizations in particular, have been vulnerable to these types of attacks which are directed at a very low level so that the software’s security measures are unable to detect them.

An example of this is a bootkit malware which corrupts the boot-up sequence, thereby causing the device to load and run a hostile code. Such type of an attack cannot be prevented using higher-level software-based security. Product developers can prevent hardware vulnerabilities by making sound security choices when they are configuring connectivity software, such as by changing default settings to prevent the application from making sensitive data, such as port numbers, easily accessible.

The concept of trusted computing has emerged to deal with software security threats to PC-based equipments. This type of computing consists of a Trusted Platform Module (TPM) that can be implemented in a standalone secure microcontroller or can be integrated within devices such as memories. This TPM has a number of functions that consist of pre-boot authentication that can prevent an unauthorized user from booting the machine with a bootable disk that facilitates the machine to be hacked. The TPM can also support software-based security like hard-drive encryption by verifying the integrity of the platform at boot-up and providing secure storage for encryption keys.

IoT is growing quickly and is bringing devices such as smart meters, smart homes, wearable electronics, and a host of other applications to the attention of the general public, businesses, governments, and hackers. Researchers have found out basic security flaws in some devices that could carry serious risks for consumers as well as for operators such as utility companies. Valuable data should be protected from hackers. Organizations must ensure that they have a secured design and are giving significance to hardware security.

Related posts:

  1. Are your programmers equipped to mitigate IoT security risk?
  2. So what’s India’s CoE in IoT up to? 
  3. How to ensure access management in IoT?  
  4. How to ensure IoT success in your organization 

Related Articles

Leave a Comment

Your email address will not be published. Required fields are marked *

CAPTCHA

*