The Internet of Things (IoT) promises to integrate all sorts of devices, near and far, into a connected web. This web is forecast to see exponential growth. But in the rush for companies to maximize their market share by bringing out new products, there could be a temptation to cut corners by neglecting security issues. Unfortunately, there are no true industry standards in place for IoT right now — they are still evolving.

Sensors and the IoT

A wireless temperature sensor in a cranberry bog. (Photo courtesy of Monnit)

Sensors for the IoT are transitioning from merely passive devices, such as resistors and thermistors, to intelligent sensors with embedded microprocessors that can translate raw data into actual information. For example, the voltage across a thermistor can be converted to an actual temperature value before it is transmitted to the network. Transmitting specific information rather than masses of data points reduces a network's required bandwidth as well as the amount of data that must be stored. Commands can also be sent back to the sensor to alter its imbedded algorithms.

Collecting data from IP addressable sensors anywhere in the world and transmitting that data is the heart of the IoT. So, each sensor has an IP address, which enables the data to be communicated and exchanged within an enclosed environment such as a factory or beyond the factory floor, to the enterprise network, which is invariably tied in to the internet.

These factors provide backdoors for malicious actors to gain access to secret or proprietary data, to possibly falsify it, and by transmitting it back into the system, do great damage. Paradoxically, the more information is in the data exchanged between sensors and systems, the greater is the damage that can be done by a hacker.

The Threats

In addition to stealing and falsifying data, a major threat to systems is a Distributed Denial of Service (DDoS} attack. That occurs when servers are bombarded with so much traffic that they become sluggish or shut down completely. These attacks can be initiated by perpetrators who have found a way into the system. One means by which they do that is with botnets. These are intelligent devices, such as sensors, that have been taken over by a malicious third party using malware, hence the name, which is a combination of “robot” and “network”. Malware can be injected into a vulnerable IoT device without actually affecting its functioning. Once a device is infected, it will continue normal operation while waiting for a command to initiate a DDoS attack. These attacks are now more powerful than in the past. Because each IoT device has a unique IP address, the traffic appears like it is coming from a legitimate source. This type of attack is essentially impossible to stop by simply using ingress filtering and is difficult to trace back to the original source.

Combating the Threats

Purpose-built devices designed for a specific task, but which do not contain an operating system are the best way to avoid these potential security problems. Due to the absence of an OS (Linux, Embedded Windows, etc.), these devices are not vulnerable to weak passwords or OS-related breaches. Ideally, IoT devices and connecting gateways would run on real-time “C” code (or other coding language) without any administrative access to the device. The question is, how practical are these “ideal” conditions? For the IoT, there must be a pathway for devices to communicate outside of their local networks.

Example encryption system. (Courtesy of Monnit)

The best defense for systems that run on operating systems, is to make it difficult for an intruder to understand the nature of the data being exchanged by encrypting all transmissions. Device data in the IoT should be treated in the same way a bank treats money: do not allow a single breach.

All IoT devices should integrate at least Elliptic Curve Diffie–Hellman (ECDH-256) public key exchange and 128-bit Advanced Encryption Standard (AES-128) symmetric key encryption, on all transmitted data. The more battery-exhausting ECDH-256 encryption can be used during the initial linking of devices while the more battery-friendly AES-128 encryption can be used for all subsequent RF data packets. This combination provides integrators the best of both worlds: bank-grade security paired with increased battery life.

Diffie–Hellman key exchange is a method of securely exchanging cryptographic keys over a public channel. It establishes a shared secret between two parties that can be used for private communication of data. The elliptic curve version improves on the security of basic DH encryption.

The AES-128 encryption standard uses a key that has a length of 128 bits and has been accepted as a federal government standard. AES provides high security but is also designed to be fast, reliable, and easily implemented in both software and hardware.

An IoT system is only as strong as its weakest link, so communications between web servers and browsers are every bit as critical to protect as the other layers in an IoT wireless sensor network. A dedicated software platform is important for interfacing between administrators and sensor networks. This type of communication should be secured using Transport Layer Security (TLS} encryption. TLS is a protocol that provides privacy and data integrity between applications and is used for web browsers and other applications that require data to be securely exchanged over a network. Client-server applications use the TLS protocol to communicate across a network in a way designed to prevent eavesdropping and tampering. The protocol requires that in order to establish secure communication between a client and a server, there needs to be a session-specific key. These keys are established using standard Diffie-Hellman key exchange, based upon a True Random Number Generator (TRNG). This guarantees a high rate of statistical uniqueness for each ECDH key-set and is extremely difficult to crack.

In addition to wireless encryption on IoT/sensing devices, there are hardware systems that can be used to support monitoring software behind Internet firewalls, without requiring the use of an existing server. (Photo courtesy of Monnit)

Summing it Up

IoT wireless sensor networks need to provide bank-grade security at every level in order to completely eliminate the possibilities of installed malware or security threats:

  • Between sensor, end points, and gateways — ECDH-256 and AES-128 encryption.

  • Between gateways and web servers — AES-128 encryption plus gateways that are purpose-built devices and do not have an operating system that can be hijacked or is vulnerable to malicious code.

  • Between web servers and internet browsers or mobile applications — TLS Encryption.

Where Do We Go from Here?

The IoT is not only here to stay, it is certain to experience huge growth. The number of security threats will surely expand along with the IoT. There is a double reason for that. The more numerous are the connected devices, the more opportunity there will be to find a way into the network. And the more functions that are integrated into networks, the more critical the systems that become interconnected, the more tempting they are as targets.

Therefore, the major takeaway is that security must be an integral part of any system design right from the beginning.

This article was written by Matt Moulton, Marketing Director at Monnit Corporation. For more information, Click Here.