Part 2: Security and the Internet of Things
Part 1 of the IoT series was a primer on the subject matter, looking at it from a business value perspective and looking at some the important questions that should be considered when evaluating or diving into the space.
In Part 2 of the series, we look at a particularly hot topic these days, security and IoT. Although we are not directly addressing privacy, we will note some of the challenges.
In February 2015 the U.S. Senate Commerce committee held a hearing entitled “The Connected World: Examining the Internet of Things.” Witnesses ranged from Intel and agriculture tech companies, to privacy advocates. The focus of the hearing was to understand the implications that regulatory policy could have on these emerging technologies, and Security and Privacy were major themes. In the International Consumer Electronics Show in Las Vegas, Nevada (January 2015) the opening remarks were given by FTC Chairwoman Edith Ramirez in a talk entitled “Privacy and the IoT: Navigating Policy Issues” where she discussed “three key steps that companies should take to enhance consumer privacy and security and thereby build consumer trust in IoT devices.”
- Adopting security by design
- Engaging in data minimization
- Increasing transparency and providing consumers with notice and choice for unexpected data uses
In this article we will be focused on the first of these, “security by design”, but all points should be considerations in planning any IoT solution. Let’s start by looking at some security concerns that are uniquely emphasized in IoT solutions:
The impact of failure in certain M2M (machine-to-machine) and IoT scenarios controlling physical world is greatly increased.
- A rogue drone could result in catastrophic consequences in the right circumstances, e.g. interference with larger aircraft (new FAA Rules).
- A 3,000 lb. robotic arm, or process being disrupted in a manufacturing plant could result in worker injury or death (steel mill in Germany).
- Failure of implanted medical devices like pacemakers could cause catastrophic harm (Homeland and the VP hack).
There is a complete or near complete lack of physical device security in some IoT architectural patterns.
- Sensors taking readings in the field can be removed, tampered with and replaced
- Consumer devices can be easily obtained and dissected, and unlike with personal computers, device security will not generally be implemented by the consumer after purchase, but will have to be built in by the device manufacturer
Some devices lack the capacity or capability to support certain security technologies.
- Internet connected appliances may lack the computing power to run full firewall and anti-virus protections, leaving them susceptible to botnets – (even the fridge is in on it).
- Some devices may be unable to accommodate the computing power or battery power required to support an encrypted communications channel.
- Low power devices may be limited in their ability to support particular authentication patterns.
Although it is not unique to IoT, it is interesting to consider aggregate scenarios when it comes to security. Botnets have long been able to wreak havoc just through the control of large numbers of machines, for example by flooding networks resulting in Denial of Service (DOS) attacks. IoT systems often control entities which can have a much broader impact in aggregate.
A positive example of the aggregate is the publicized efforts of internet enabled thermostat companies partnering with utilities. The thermostat maker takes some liberties with home temperatures under their control (with the customer’s permission), based on data provided by the utility to prevent things like brown outs of the electrical grid. Although, it is not too large a stretch to see how a future security breach of such a system might cause deliberate interruptions in service or other malicious events. Setting the home temperature incorrectly may be annoying to a single user, but may have far more serious implications when taken in aggregate considering the financial, safety and productivity risks.
Sometimes these concerns combine, as in connected car scenarios. Gaining physical access to car sensors, or ability to dissect another like vehicle is relatively simple. This is combined with the potential catastrophic, life threatening consequences, depending on what aspect of vehicle control is compromised. Even the ability to control features like door or hood latches can have potentially catastrophic results while traveling down the highway.
So what is being done about these concerns? Many advances in security technologies are taking place among device manufacturers. In parallel, costs for adding hardware based security technologies to a device are going down. One good example of this is Trusted Platform Modules or TPMs. TPMs store keys and do encryption in hardware. This allows for authentication of devices while protecting the device from being tampered with, even when guarantees of physical control of the device are not possible. Security is a top priority for companies involved in IoT, and there is a large, industry wide effort resulting in innovation and advances in this area. Many of these changes are happening now, and patterns and solutions are in the process of being developed. As with security in any technology, IoT security is an arms race, so, even after there are accepted, time tested patterns and solutions, these will be forever adapting to new threats.
No one has all the answers, but in terms of security, Microsoft is uniquely positioned. Microsoft shipped billions of copies of the Windows Operating System (OS), for years, the primary target of hackers around the world. Security lessons in this area have been well learned and Windows OS is now considered the most secure consumer operating system around. Microsoft has developed security processes and tools that go beyond technical countermeasures, processes like the Security Development Lifecycle include threat modeling and other practices, which can add critical security insight to any solution, even while the technical countermeasures and tools are still being developed.
These tools are available today and should be part of any discussion of IoT projects involving Microsoft technologies. It is critical that security be included as a main consideration from the earliest envisioning and planning stages of the project.
If you are considering an IoT solution, please contact your Premier Support ADM who can provide resources and expertise from across Microsoft to help inform and advise you on Microsoft IoT technologies, including security processes, and development practices.
Operations and supportability planning are also key, and we will cover these in future blog articles.
Part 2: Security and the Internet of Things
Part 3: Supportability and the Internet of Things
 Note that FTC concern with IoT Security and Privacy goes back years. See this link for a 2013 FTC workshop held on the topic: http://www.ftc.gov/news-events/events-calendar/2013/11/internet-things-privacy-security-connected-world