/ IoT Zone
Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Security for IoT Can't Be an Afterthought

DZone's Guide to

Security for IoT Can't Be an Afterthought

by
G. Andrew Duthie
·
Feb. 28, 15 · IoT Zone
Free Resource

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Discover why Bluetooth mesh is the next evolution of IoT solutions. Download the mesh overview.

Earlier this week, in my presentation at CapArea.net on "Communicating with the Internet of Things" one of the points I emphasized repeatedly is the necessity to think about security early and often. Any time you are responsible for creating a device that can communicate with the internet, whether that be a home automation gateway, Wi-Fi-controlled light bulb, or and industrial control system designed for remote monitoring, you need to be sure you understand how that system can be attacked. As security MVP Troy Hunt likes to put it, you need to "hack yourself first."

598413_99638977_Hacker_sm
photo credit: nwogen on freeimages.com

The reason I bring this up is that I had an exchange today with Cuno Pfister of Oberon Microsystems, who announced today the Limmat platform, a gateway device that bridges Bluetooth LE and HTTP, part of which was about how they're securing the device. As part of his response, Cuno pointed to this article, which describes a recently discovered flaw in BMW's ConnectedDrive system that could potentially expose 2 million cars to remote unlocking or disabling.

Two MILLION cars. Try to wrap your head around that number for a moment. BMWs aren't exactly cheap cars, either, and you'd think that they would take great care to ensure that the onboard telematics could not be hacked. But if the article is accurate (and I'm not an expert in auto system security, so I can only take the reporting at face value), it sure looks like they missed some major red flags in their implementation of the communication with the cloud.

So what's an IoT developer to do? Start thinking about security as soon as you begin planning your product or system. Put on your black hat, and think through how someone would attack your system. Or if you're not confident that you have the expertise to do so, hire someone who does.

Connected devices have great potential, but with that potential comes risk. And every new hack, vulnerability, or flat-out poorly designed product will make it that much harder for consumers and industry to put their trust in IoT. Attention to security early on in the product lifecycle is key to preventing this outcome.

Take a deep dive into Bluetooth mesh. Read the tech overview and discover new IoT innovations.

Like This Article? Read More From DZone

A Data Exploration Journey With Cars and Parallel Coordinates
Apply Caching and Offline Storage in your iOS App
Livecoding: 3D Is Hard, WebAR Defeats Me

Free DZone Refcard

Reactive Programming with Akka
DOWNLOAD
Topics:

Comment (0)

Save
Tweet
{{ articles[0].views | formatCount}} Views

Published at DZone with permission of G. Andrew Duthie, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

IoT Partner Resources

Deploy Containers to the IoT Edge
Choosing the Right Service Virtualization Solution
Get Started with IOx and Fog Director and Deploy Containers to the IoT Edge
Thousands of devices, zero points of failure
What Embedded Software Engineering Can Learn from Enterprise IT Testing Techniques
Getting started with IoT?
Bluetooth mesh paves the way for new IoT solutions
Bluetooth Mesh Networking: An Introduction for Developers
End-to-end Testing for IoT Integrity

IoT Partner Resources

Deploy Containers to the IoT Edge
Choosing the Right Service Virtualization Solution
Get Started with IOx and Fog Director and Deploy Containers to the IoT Edge
Thousands of devices, zero points of failure

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.linkDescription }}

{{ parent.urlSource.name }}
by {{ parent.authors[0].realName || parent.author}}
· {{ parent.articleDate | date:'MMM. dd, yyyy' }} {{ parent.linkDate | date:'MMM. dd, yyyy' }}
· {{ parent.portal.name }} Zone