Security threats: The Dark Side of the IoT

December 26, 2014

Security threats: The Dark Side of the IoT

The Internet of Things (IoT) and the prospect of billions of interconnected of devices is, to make two huge understatements, both exciting and gives t...

The Internet of Things (IoT) and the prospect of billions of interconnected of devices is, to make two huge understatements, both exciting and gives the prospect of a fundamental step change in the convenience that technology can bring to our everyday lives – similar to that made by cell phones. As well as being the catalyst for as yet unthought of uses in everything from intelligent buildings to implantable medical devices, the IoT will perhaps allow some dull routine things to be taken care of by cool technology to let us use our time for more fulfilling activities.

But the reality of a network of physical objects accessed through the Internet containing embedded technology to facilitate sensing and communication brings a potential threat in the shadow of the huge positives and benefits. The threat is security. Most of us have witnessed first hand the issues that we must deal with from time to time as avid Internet users, whether it’s computer viruses, attempts at hacking our personal details, or just endless spam email.

Security threats to the IoT are broad and potentially crippling. Fundamentally, there’s a relationship between the number of “things” connected to the Internet and the scale of the threat. With 30 to 50 billion devices projected to be connected to the Internet worldwide by 2020, the threat is significant and real.

The IoT’s previously standalone objects – a vehicle, a vending machine, or an implanted medical device – will become part of a network environment. These devices will be able to exchange information and make decisions based on that information. But without proper security, they’ll be susceptible to access and tampering by unwelcome sources. This threat could be heightened for portable IoT connected devices as they’re likely to move in and out of inhospitable or unknown, less data-secure environments.

An example of a security threat and its implications is in building control, a bountiful area of opportunity for IoT proliferation. These applications have already been found vulnerable with attackers potentially being able to access temperature, light, and power settings and most worryingly locks, access control, and alarm systems.

There are some application areas where the consequences of the threat could be more serious than others and where companies involved in both hardware and software aspects of the IoT must ensure that their enabling devices and technologies are robust and secure. These include homes and offices, in-car, vehicle-to-vehicle and vehicle-to-grid, implantable and mobile medical devices, and retail inventory monitoring and control.

For device manufacturers who are working hard using their significant resource and expertise to develop highly integrated devices for the IoT, security must be a major consideration alongside the usual checklist of other design aspects that include connectivity, power management, and chip integration. To this end, ON Semiconductor is actively evaluating emerging security technologies to ensure that semiconductor components include the necessary support to enable IoT security standards.

With more than 20 years of semiconductor and electronics industry experience, David Somo leads ON Semiconductor’s worldwide corporate marketing strategy and programs. He holds a BSEE degree from Arizona State University.

David Somo, ON Semiconductor