In the most recent DDoS attack, IoT devices such as webcams and DVRs were used to launch an attack on domain service provider, Dyn. The enormity of this event brings to light the importance of securing all devices capable of connecting to the internet. Developers cannot control what viruses or malware may try to attack their systems. However, developers do have a very profound impact on how resilient their products are in the event of an attack.
According to Barr Group’s 2016 Embedded Systems Safety & Security Survey, 62% of current embedded systems designs are to be connected to the internet, and 61% of current designs had at least one security-related requirement. As is true with all of today’s electronic designs, there is no “One-Size-Fits-All” solution for designing a safe and secure embedded system. From our survey, we found that of those designs with a security requirement, 19% have 1 processor, 41% have 2-3 processors, and 40% have 4+ processors, 35% use a commercial RTOS, 21% use Linux, 13% use another open-source RTOS, and the remainder use a proprietary RTOS or no RTOS at all. Such variables make developing a single industry-wide solution for preventing virus and malware attacks challenging.
Barriers to a More Secure IoT
Lack of Regulation or Infrastructure
The IoT industry has grown, and continues to grow at an extraordinary rate. New applications are rapidly being launched by large companies, start-ups, and makers all over the world. While this growth has been outstanding for businesses and innovation, the lack of established guidelines and infrastructure needed to regulate the security of these devices and software has created a globally unsecure environment that can be easily abused by those with malicious intent. To add to the complexity, many of the legacy embedded devices that are connected to the internet were designed with no security at all. As more secure devices are connected to unsecure devices from all over the world, greater vulnerabilities to the entire system are created. To improve the safety of the IoT, all industries and contributing countries must be committed to the safety and security of the system overall.
Well-designed secure embedded systems within the IoT device increase the likelihood of withstanding aggressive cyberattacks and tampering. Unfortunately, to develop more secure applications, a significantly greater amount of effort and resources are required. Larger design teams and longer, more aggressive testing requirements are needed, which adds to R&D costs and slows time-to-market. Because of the additional resources needed, if a device is not believed to be safety-critical, developers often choose to sacrifice best practices for device security to keep development costs down and speed up time-to-market. As the Dyn attack proves, the choice to not address security in every device impacts not just an individual product, but all products to which it is directly and indirectly connected.
Solutions for a More Secure IoT
As industries, regulatory agencies and governments come to terms with how to create a more secure infrastructure for our cyber-world, there are some things that can be done to improve products that are currently being developed in the IoT space.
Minimize the Development Costs for Secure IoT Devices
Developing more secure IoT devices will take more time and be more expensive. However, by spending more time during the planning phase, design teams will be able to reduce the overall time spent during the design, testing and debugging stages of a more secure system – therefore minimizing the financial impact on additional R&D efforts.
1. Inefficient Software Coding Practices Must be Improved
Many product developers are unwittingly designing their embedded systems inefficiently. While at the end of the day, the product may work, it may not be as robust or performing as safely as it could or should be. The following tend to be the biggest problem areas for embedded systems design teams.
Lack of planning for potential product vulnerabilities and failure to incorporate security into the product development process increases the need to fix fundamental design flaws later in the development process, and increases the chances of a security breaches once deployed.
The failure to add coding standards, code reviews, and good code hygiene into the software development process creates team inefficiencies and increases debugging time.
Failure to adopt and properly use such tools can often result in greater levels of investment to correct fundamental issues later in the development process.
- Improper planning for possible attacks prior to the beginning of the coding process.
- Failure to follow best practices, such as coding standards and code reviews.
- Adopt development tools, such as static analysis tools
2. Use Best Practices for Secure Software Development
When used properly, these best practices have been known to improve the overall safety and security of embedded systems devices.
Implementing good development processes such as code reviews, static analysis, security analysis/audits, and penetration testing can greatly improve the quality of software being developed for IoT applications.
Practicing good code hygiene will reduce or eliminate anomalies such as buffer overflows, code injection, and privilege escalation.
- Secure from the Outset – Hardware / Software Co-design
Secure software requires secure hardware. Systems that utilize features such as secure boot, root of trust and secure memory are beneficial. Implementing these features from the beginning is essential, as it is impossible to retrofit secure hardware to already deployed products.
- Respect the Hostility of the Internet
- Secure all communications with SSL / TLS.
- Process Aspects
- Good Code Hygiene
How to Create a More Efficient Development Process for Secure Embedded Systems
Creating a more efficient development process and using industry best practices are easier said than done. The key to making marked improvements to secure embedded systems development comes down to the proper education and training of embedded software engineers. The more knowledge about developing safe and secure embedded systems a design team has going into a project, the more efficient the development process will be. There are four categories of training that are the most beneficial for embedded systems engineers: Process, Security, Tool, and Product training.
Impact on R&D Efficiency: HIGH
Engineers who are well-trained on planning, developing and executing on fundamental design principles of embedded software development utilize more efficient coding practices and faster debugging, and create an end-product that is better equipped to handle attacks.
Impact on R&D Efficiency: HIGH
Embedded software engineers trained on secure concepts, such as crypto, data security, and types of attacks enable teams to make better predictions on possible attacks on their device.
Impact on R&D Efficiency: HIGH
Proper training on how to use development tools enables teams to minimize the number of fundamental issues that would otherwise appear later in the development process.
Impact on R&D Efficiency: MEDIUM
Training on how to best integrate specific products into an embedded system minimizes the time spent during the initial system design phase.
It is often said that knowledge is power. In this case, the knowledge obtained by embedded systems design engineers may determine the overall security and success of the IoT.