Design teams will have to bake strategies in from the start, no matter how insignificant the device.
The fallout from the Mirai malware attack last week was surprising, given that it was published on the Internet several months ago as open-source. Despite numerous warnings, it still managed to cause denial of service attacks at Amazon, Netflix, and a slew of other companies that are supposed to be able to fend off these kinds of attacks.
The good news is that it more people talking about the issue. But the real challenge isn’t stopping one attack. It’s packing enough security features into designs to prevent security breaches of every sort, including those that can come from other electronics that weren’t even considered as part of the design process.
Just as devices get more sophisticated, so do hackers. Being able to stop attacks with a thumbprint or a password isn’t realistic anymore. It now requires a rethinking of the fundamental architecture for any connected device, which is basically everything with a power supply these days. The good and bad of a connected world is that everything and everyone is connected. And the best way to deal with that effectively is at the system design level.
This raises some interesting challenges:
And that’s just the beginning. There are gaping holes everywhere, from application software to Internet access to the physical supply chain for everything that goes into systems. All of this needs to be looked at with increasing scrutiny, augmented with standards for security that are basically the equivalent of what Underwriters Laboratories has done for electrical and industrial standards.
The reality is that security breaches can cause the same kinds of physical harm as a faulty wiring scheme, even with devices that in themselves are benign. Those risks increase significantly when they are connected together into systems of systems that are also connected to safety-critical systems. It’s time to look at this at a multi-system, multi-disciplinary level and to tackle it with the same kind of innovation that made complex semiconductor design a reality. Otherwise, we literally could be playing with fire.
Securing The IoT
Last week’s Internet outages highlighted the dangers of unsecured IoT devices and the need for a comprehensive set of standards.
Side-Channel Attacks Make Devices Vulnerable
The number and type of attack vectors are increasing as more of the world becomes connected and vulnerable to hackers.
Where Are The IoT Industry Standards?
While some Internet of Things groups are proceeding with setting standards, connectivity and other aspects are still up in the air.
IC Industry Waking Up To Security
More companies recognize cybersecurity needs to be built-in from the beginning.