中国 - 标记 中国

请确认您选择的货币:

人民币
国际贸易术语:DDP
All prices include duty and customs fees.

Bench Talk for Design Engineers

Bench Talk

rss

Bench Talk for Design Engineers | The Official Blog of Mouser Electronics


IoT Developers Must Consider Design and Security M. Tim Jones

(Source: BeeBright/Shutterstock.com)

Developing the next great Internet of Things (IoT) product is exciting, and the technology available today makes it easier than ever. The landscape of technology for connected device development has exploded recently. Whether it's inexpensive displays or cameras or the plethora of Linux-based embedded computers such as the Raspberry Pi, it's easier than ever to build and productize IoT devices. Cloud-based infrastructures also make it easy to scale support for these devices for data management and data processing. But a considerable number of challenges are associated with IoT development and deployment. Here, we'll investigate interoperability, security and data protection, and data fatigue.

Interoperability

Having a collection of IoT devices that can't cooperate results in an interoperability nightmare. That's not to say some devices don't need to work together. But where possible, integration of IoT devices to form an improved application is certainly desired. Some manufacturers support integration of their devices, but common published protocols are the real end goal to allow multi-vendor integration. Otherwise, device management can be more cumbersome and the potential for vendor lock-in will create friction in IoT purchases.

Standards for IoT devices will be critical for interoperability in the future, including not just connectivity but also data analytics. Of course, these standards will be required to consider key items such as security and management, our next two topics.

Security and Data Protection

Millions of identical devices that are internet-connected have the specific problem of common exploits. Once an exploit is identified in one device, all other devices with the same firmware can be exploited. This leads to the issue of BotNets, or large networks of exploited devices that can be used for distributed denial-of-service (DDoS) attacks or as a distributed source of spam email. Device security is therefore critical for this category of devices.

Similarly, protection of data on the device itself is also critical. Take a home security device that gathers data about the home and its schedules. Hackers could identify when homeowners are away through data collected from devices within the home.

In some cases, attackers aren't after your data in an IoT device at all, but instead its processing power. Hackers have repurposed large numbers of IoT devices to mine cryptocurrencies using their processing capabilities. A distributed mining operation, using theft of power and computational capabilities, could disrupt an already volatile crypto-currency market.

Making devices simple to secure is therefore critical for the safe deployment of in-home devices. This is particularly important in a day where many internet routers have the default admin/admin username and password.

Management

Similar to security, the ability to simplify the management of devices and keep them up to date on critical firmware updates is key. In an ideal world, these devices would include automatic management for firmware upgrades. But these devices can also be highly configurable, which requires in-device validation of configuration with notification of potentially insecure settings.

Data Fatigue

Related to interoperability is the topic of data fatigue. IoT devices can generate so much data that it can overwhelm a team or infrastructure's ability to process it. That's one side of data fatigue, but there's also the user's side. An IoT device can generate so much data for the user that they are overwhelmed and lose interest. The key is to provide the right data in the right amount that provides a benefit to the user.

Conclusion

It's never been a better time to design and build the next great IoT device. But before you do, it's important to consider key points of design around security and device management to ensure you're not creating the next zombie device that will plague the world.



« Back


M. Tim Jones is a veteran embedded firmware architect with over 30 years of architecture and development experience.  Tim is the author of several books and many articles across the spectrum of software and firmware development.  His engineering background ranges from the development of kernels for geosynchronous spacecraft to embedded systems architecture and protocol development. 


All Authors

Show More Show More
View Blogs by Date