?How to improve the security of IoT sensors
Much is written about Internet of Things (IoT) sensors and most of it misconstrued as to what is defined as an IoT device. An IoT device is typically low bit rate and low power. This by default excludes your home router and surveillance cameras. These later devices are the Internet of bandwidth sucking devices (IoBSD) and not IoT.
Reduce the profile for potential code injection
For a sensor to be secure it needs to be optimally doing only what it is defined to do, and by that it needs to have a static allocation of resources. Any dynamic use of storage or memory that will facilitate the use of a purpose other than the sensors function needs to be blocked. So an off the shelf system designed for general purpose deployments are by nature more insecure.
Checksums
Once this is achieved then there is a requirement to know that the program being loaded by the sensor is valid and not compromised. This is achieved by the sensor executing a checksum of its binary as the first procedure upon cold boot. This checksum is uploaded to a repository where it is validated against a reference. A difference should result in the quarantining of the sensor in a demilitarized zone.
Sounds a bit like a virus scanner, but it works. Please inbox me with any questions or leave a comment below.
??Driving SD-WAN adoption in South Africa ????
6 年Reposted on the Thinking Problem Management Blog! #iot? #internetofthings? #cybersecurity