Sign Up        Log In

Industry Solutions

Exosite's ExoSense®️ Condition Monitoring Application and Murano IoT Platform enable organizations to deliver services and solutions for industries with high value assets, equipment, sensors, and machines.  

Customers

Learn how other Organizations have leveraged Exosite.

icon-exosite-exosense-app
ExoSense Condition Monitoring
icon-exosite-cloud
icon-exosite-cloud-platform
icon-exosite-onprem-platform

Exosite Blog

News, Articles, Thoughts, Product Information

< Exosite Blog

Traversing the IoT Security Landscape of Threats

by Exosite, on June 9, 2016

As IoT security becomes a growing concern, it seems every week there are new hacking incidents in the media. With consumer products like Nest seemingly having issues with the security of their data retention, are other industries also in danger? The industrial IoT market is quickly growing with more and more companies adding thousands of devices to a single factory and then replicating this process across hundreds of factories.

As the cost of computation continues to decrease and the number of software-controlled systems that make up IoT continue to proliferate, this problem will only get worse. New devices, networks, IoT connected technologies, and users will all contribute to this phenomenon.

Devices used in IoT solutions have two major attributes that make them more susceptible to attacks than other personal computing applications:

Resources Constraints

IoT devices are often resource-constrained, making standard security mechanisms (e.g., TLS) difficult or impossible.

Accessibility

IoT devices are becoming more accessible. If an attacker can open a device, disassemble the contents, add a USB drive, desolder RAM chips, convince a user to gain access to them, or use other advanced side-channel attacks (e.g., timing information, power consumption, or acoustic signatures), the device can quickly become compromised.

Perfect security is not possible without disconnecting network interfaces. With so many devices, software packages, deployment configurations, and use cases, key tradeoff decisions must be made between ease of use and high security. How do we make these tradeoffs?

For instance, securing communications sent over the wire so that user information cannot be sniffed is of high importance for almost every application, and there are standard mechanisms for doing that. However, preventing a device from having its flash re-programmed, essentially re-purposing a device, may or may not be a problem, depending on the context, application, and sensitivity of the device of its data.

When designing an IoT security strategy, the goal is to keep the required effort for attacks higher than the level of the hacker's motivation.

For a complete description of how to protect your IoT solution, access the full Security in IoT white paper and contact us directly to jumpstart your project.download IoT security white paper



//

Topics:IoT Strategy

Subscribe to Updates