Executive Speakout: IoT Security Done Right
February 01, 2015
In this Special Advertising Feature, Vitesse Semiconductor discusses IoT security issues and strategies.
Cisco's most recent Visual Networking Index forecasts the number of devices connected to IP networks at nearly 2x the world's population in 2018. This translates to almost three networked devices per capita by 2018, almost a 50 percent increase over 2013. And clearly our world's connectedness to the Internet of Things (IoT) will only continue, as devices become even more widespread and sophisticated. Morgan Stanley forecasts 75 billion devices will connect to the IoT by 2020.
With practically daily reports of security breaches, cybersecurity will undoubtedly remain a hot topic. What many may not realize, however, is that resolving these security issues will be crucial to the IoT's success. Think about it. Increasing the number of connected "things" multiples network endpoints exponentially, and each now represents a network vulnerability, especially given that hackers can theoretically compromise anything with an IP address.
Obviously, no single security initiative can stem all potential intrusions. But embedded systems designers will need to pay close attention to securing not only applications, but networks and devices themselves. Applications security now commonly uses Authentication, Authorization and Accounting (AAA), in conjunction with data confidentiality (encryption). However, this effort is futile if networks and devices are not subject to the same AAA principles. Particularly as the number of mobile devices connecting into embedded systems like traffic control networks or smart grid systems increases, the consequences of a security breach can become deadly. Imagine a rogue device swapped into a nuclear power plant network that fails to authenticate, authorize and account for each of its diverse endpoints. The good news is that securing these last mile links is possible today with encryption technologies like IEEE 802.1AE with strong 256-bit encryption and link layer AAA. As an industry, we just need to be diligent enough to apply these technologies pervasively.