Skip to main content
LTTS

LTTS

Quick Links mini

  • Search
  • info@LTTS.com
  • English
  • 日本語
  • Israel
  • German
  • Contact
  • Engineering the change
  • Industry
    • Communication
      • 5G
      • SDN/NFV
      • Wireless Networks
      • Wireline Networks
    • Media & Entertainment
      • Device Platform
      • OTT
      • Quality Engineering
    • Semiconductors
      • Platform Software & Middleware
      • System Design
      • Validation
      • VLSI
    • Consumer Electronics
      • Consumer IoT
      • Enterprise Devices
      • Personal Devices
    • Oil & Gas
      • Digitalization
      • Oilfield Services
      • Owners and Operators
    • Software Products
    • Healthcare
      • Medical Device & Life Sciences
      • Pharma & CRO
      • Healthcare Providers
    • Plant Engineering
      • FMCG
      • Chemicals
      • Discrete Manufacturing
      • Metals & Mines
    • Transportation
      • Aerospace Engineering
      • Automotive
      • Rail Transportation
      • Travel & Hospitality
      • Trucks & Off-Highway Vehicles
    • Industrial Products
      • Building Technology & Smart Infra
      • Electrical, Instrumentation and Controls
      • Power & Utilities
    • Public Infrastructure & Smart Cities
  • Services
    • Digital
      Engineering & Consulting
      • Cybersecure
        • Security Monitoring
        • Security Services
        • Security Solutions
      • Immersive Experiences
      • Industry 4.0
      • Product Consulting
      • Sustainability Engineering
      • Sustainable Smart World
      • 5G
    • Product
      Engineering
      • Digital Engineering
        • Cloud Engineering
        • DevOps
        • Immersive Experiences
        • User Experience
      • Embedded Engineering
        • Embedded Systems
        • Sustenance
        • VLSI
        • Wearables Engineering
      • Mechanical Design
        • CAE & CFD
        • CAx Automation
      • Software Engineering
        • Engineering Analytics
        • Sustenance & Maintenance
        • User Experience Design
        • Voice Innovations
      • Testing & Validation
        • Integrated Design, Validation & Testing
        • Lab as a Service
        • Testing
    • Manufacturing
      Engineering
      • Smart Manufacturing
        • Accelerated Operations
        • Digital Factory & Simulations
        • Plant Design & Engineering
      • Manufacturing & Planning
        • Accelerated Operations
        • Digital Factory & Simulations
        • Line Expansion & Transfer
        • Manufacturing Automation
        • New Product Development
        • Plant Design & Engineering
        • PLM on Cloud
      • Manufacturing Execution
        • Agile Supply Chain
        • Content Engineering
        • Material & Parts Management
        • Sourcing & Procurement
    • Operations
      Engineering
      • Connected Product Support
        • DevOps
      • Supply Chain Engineering
        • Sourcing & Procurement
      • Plant Engineering
        • CAPEX Project E/EPCM Services
        • Operational Excellence
        • Plant Sustenance & Management
        • Material & Parts Management
        • Regulatory Compliance Engineering
  • Solutions
    • AiCEArtificial Intelligence Clinical Evaluation
    • AiKno™ Machine Learning, NLP & Vision Computing
    • AnnotAiAI Based Data Annotation Tool
    • ARC Asset Reliability Centre
    • Avertle®AI Predictive Maintenance Solution
    • CHEST-rAi™ AI Chest X-Ray Radiology Assist Suite
    • Cogmation Device Test Automation Framework
    • Connected Security Integrative Zero Trust Architecture
    • ESM Energy and Sustainability Manager
    • FlyBoard®Advanced Digital Signage Solution
    • i-BEMSIntelligent Building Experience Management
    • nBOnnB-IoT Protocol Stack
    • Fusion Pre-integrated City Operating System
    • Semiconductor IP For Security, Communication & Verification
    • UBIQWeise 2.0 Device to Cloud IoT Platform
  • Insights
    • Blogs
      • Embedding Innovation in Semiconductors with Platform Software and Middleware
      • Towards a Connected, Collaborative, & Intuitive Tomorrow: Redefining the Future with a Blink
      • 6 DevOps Trends to Watch Out for in 2023
    • News
      • L&T Technology Services unveils CoE to offer suite of automotive solutions on AWS
      • LTTS Selected as Strategic Engineering Partner to Airbus for Advanced Capabilities and Digital Manufacturing Services
      • LTTS agrees to acquire Smart World & Communication business of L&T
    • POV
      • Hidden Correlations Shaping the Future of European Enterprises
      • From the Super Bowl to 5G
      • Vehicle-to-Everything (V2X) Enabling Smarter, Safer, and Greener Transportation
      • Will 5G Technologies Drive a New Future for Media & Entertainment?
    • eBooks
      • The Art of Cyberwar
      • Digital Twin - The Future of Manufacturing
      • Digitalising Wind Energy Ecosystem
      • INDUSTRY 4.0: The Future Is Now
      • Digital Engineering Explained
      • Sustainability Engineering
  • Explore LTTS
    • About Us
    • Accolades
    • Alliances
    • Analysts
    • Board of Directors
    • Careers
    • CSR
    • Events & Webinars
    • Investors
    • Media Kit
    • Nearshore Centers
    • News & Media
    • Quality Management
    • Resources
    • Sustainability
    • Testimonials
  • Contact
 

IoT Security

IoT Security: Key Challenges, their Force Multipliers and Mitigation Approach

  1. Home
  2. Blogs
  3. Spotlight
  4. IoT Security: Key Challenges, their Force Multipliers and Mitigation Approach

IoT Security: Key Challenges, their Force Multipliers and Mitigation Approach

IoT Security
Published on: 17 May, 2019
443 Views
0 comments
Share This Article:
  • Twitter
  • Facebook
  • Linked in

IDC forecasts that the spending on IoT devices would reach $1.2 trillion in 2022 at 13.6 CAGR.

Gartner predicts the total number of connected devices to reach 25 billion by 2021.

Statista claims that the number of IoT devices that are connected presently are in the range of 23 Billion and expect this number to reach 30 billion by 2020 and surpass 75 billion by 2025.

The numbers vary with each survey however, all the surveys/reports/forecasts on connected IoT devices firmly emphasize a single fact - that the growth of IoT devices in the coming times is going to be exponential.

So, what does it translate into? Well, the answer is, Many Things! For starters, these numbers highlight that the quality of life will improve, connectivity and communication would be simplified, technology will be adopted at a faster rate, consumer experiences would be superior and business potential for tech applications and adoption would be immense. However, all these things can only materialize if the IoT devices, solutions, and the related services are built on a strong foundation of Security.

IoT Security Foundation

While adoption of IoT for business and process modernization has begun at a rapid pace,  fundamental challenges remain around safety, reliability, information confidentiality & integrity and privacy protection. It is thus imperative that IoT providers start building-in security into components that constitute IoT systems so that the standalone solutions, as well as their integration with the legacy systems, can overcome the security lacunae that may compromise the user safety.

The high-level components that comprise IoT systems are listed below. These are also the security checkpoints that IoT providers need to take into consideration to ensure a strong IoT security foundation.

Device or Equipment: Physical devices, endpoints, e.g. sensors, ECUs, smart meters, smart devices, etc. get connected to other devices and endpoints across networks to collect/provide information about themselves and their associated environment.

Gateway or Hub: Enables these devices to connect to the outer world via Ethernet, RFID, wireless, Bluetooth, etc.

Network or Transport Channels: Facilitates the connectivity and transmission of information from devices/gateways, e.g. IP network, GSM/CDMA, satellite networks, among others

Facilitation: Provides the ability for the devices to send data/information across gateways/network for further storage, processing, analysis, e.g. cloud computing, big data, etc.

Consumerization or Application: Allows end user/customers to consume information on to their smart devices like tablets, smartphones/television, and laptops.

 

IoT Security: Risks and Challenges

The next logical step after identifying the IoT system components is to do a comprehensive risk assessment that identifies all the weak links through which a system’s security can be breached. This can only be done if one performs a root-cause analysis of the various factors that can culminate into a security threat. Few of these are as follows:

Data exposure: Sensitive or personal information like patient data on EHR/EMR if they are connected to ECG, ventilator, etc., GPS location of a vehicle to target a person, sniffing, eavesdropping, waylaying.

Extensive dependence on software and applications: Most of the attacks are targeted towards application, especially web applications - Injections, XSS, CSRF etc.

Unauthorized remote access: Remote diagnostics/monitoring, remote maintenance of devices, equipment carries the risk of interception and tampering, if not done using secure communication thereby leading to MITM (man in the middle) attacks.

Unidentified, unauthorized and invalidated devices: Unique identification of the user, devices, authentication and access control of devices which may not have an OEM supplied unique ID - these could lead to identity spoofing, phishing, rogue devices, impersonation, etc.

The attack surface has increased: Extensive leverage of open networks e.g. internet and public cloud combined with data logging media such as sensors, web applications, USB, Wireless, Bluetooth, Zigbee, and GSM.

Legacy systems (out of date OS/software) no longer supported by OEMs: Software updates, security patches mostly become a forgotten concept on legacy devices especially where vendor no longer provides support making them entry points for sabotaging customer networks leading to DOS attacks, malware infliction points, and ransomware.

IoT Security: Threats, Attacks and Prevention

To put it simply, the threat perception has increased manifold with the ever-pervading role of technology and IoT systems are no strong than their weakest components. Hence every component of the system needs to be monitored closely and secured individually to avoid a security compromise. While there is no silver bullet to immediately counter security threats, best practices such as following the Compliance, Integrity, Availability (CIA) triad and implementing a methodical approach such as Defense-in-depth go a long way in nipping the attacks in the bud by building a layered defense system to counter the attack.

The layered approach addresses component security of the system at each stage – the same stages that we listed earlier from physical device to gateway to network to facilitation through to Application or consumerization.

Read LTTS Whitepaper on Security Considerations for IoT to learn in-depth about the best practices to counter IoT risks at each layer.

 

The Need for IoT Security: The Larger Picture

The scale and impact of IoT security breaches go beyond financial frauds and has the potential to harm human lives and culminate into societal disruptions. As the famous quote from Spiderman goes, “With great power comes, great responsibility.” IoT, its advent, and its growth is one such power that mankind has devised but at the same time it is the responsibility of each and every IoT system creator, product designer, solution builder, and service provider to ensure that their integrity with the consumer and with the consumer’s information is well preserved and rated second to none. 

 

With inputs from LTTS Whitepaper Security Considerations for IoT.

 

Authors

L&T Technology Services
L&T Technology Services

Related Blogs

L&T Technology Services
2023 US Omnibus Bill: Charting New Frontiers For Medical Device Security
12 May, 2023
Ashwin Atri
Mapping the Healthcare Digital Cloud Architecture: FHIR and EHR in MedTech
12 May, 2023
Vishnu Jampangire
Revitalizing the Renewable Energy Paradigm: A Vision for Green Hydrogen
08 May, 2023
Leave a Comment
About text formats

Comments

No Comments

×Explore
  • Industry
  • Spotlight
  • ×
  • Automotive
  • Consumer Electronics
  • Industrial Engineering
  • Lighting & Building Solutions
  • Media & Entertainment
  • Medical Devices
  • Oil & Gas
  • Plant Engineering
  • Power Electronics
  • Renewable Energy
  • Semiconductors
  • Industrial Products
  • Transportation
  • Telecommunications
  • 5G
  • Cloud engineering
  • Cyber security
  • Embedded systems
  • Industry 4.0
  • Smart Manufacturing
  • Smart Products
  • VLSI
  • Sustainability
  • Artificial Intelligence
  • AR/VR
  • Image Processing
  • Connected Healthcare
  • Smart Factory
  • Digital Twins
  • Building Automation
  • Autonomous Transport
  • Robotics
  • Digital Entertainment
  • Machine Learning
  • UI/UX
  • Manufacturing Automation
  • Smart Sourcing
  • Simulation
  • Software Defined Networking
  • Telehealth
  • Wearables
  • Design Thinking
  • IoT Security
  • ER&D Hackathon 2019
  • Digital Media
  • The New Normal
  • Data Mesh
  • DevOps
  • Media
  • parent-company-logo.png
  • Need Help
  • Contact Us
  •  

Contact Us

By clicking Submit, you agree to the Privacy Policy

  • Engineering the change
  • Industry
    • Communication
    • Consumer Electronics
    • Healthcare
    • Industrial Products
    • Media & Entertainment
    • Oil & Gas
    • Plant Engineering
    • Public Infrastructure & Smart Cities
    • Semiconductors
    • Software Products
    • Transportation
  • Services
    • Digital
      • Cybersecure
      • Security Monitoring
      • Security Solutions
      • Security Services
      • Immersive Experiences
      • Industry 4.0
      • Product Consulting
      • Sustainable Smart World
      • Sustainability Engineering
      • 5G
    • Products
      • CAE & CFD
      • CAx Automation
      • Cloud Engineering
      • DevOps
      • Embedded Systems
      • Engineering Analytics
      • Integrated Design, Validation & Testing
      • Lab as a Service
      • Sustenance
      • Testing
      • Testing & Validation
      • User Experience
      • VLSI
      • Voice Innovations
      • Wearables Engineering
    • Manufacturing
      • Accelerated Operations
      • Agile Supply Chain
      • Content Engineering
      • Digital Factory & Simulations
      • Line Expansion & Transfer
      • Manufacturing Automation
      • New Product Development
      • Plant Design & Engineering
      • PLM on Cloud
      • Sourcing & Procurement
    • Operations
      • CAPEX Project E/EPCM Services
      • DevOps
      • Material & Parts Management
      • Operational Excellence
      • Plant Sustenance & Management
      • Regulatory Compliance Engineering
      • Sourcing & Procurement
  • Solutions
    • AiCE
    • AiKno™
    • AnnotAi
    • ARC
    • Avertle®
    • Chest-rAi™
    • Cogmation
    • Connected Security
    • ESM
    • FlyBoard®
    • i-BEMS
    • nBOn
    • Fusion
    • Semiconductor IP
    • UBIQWeise 2.0
  • Insights
    • Blogs
    • News
    • POV
    • eBooks
  • Explore LTTS
    • About Us
    • Accolades
    • Alliances
    • Analysts
    • Board of Directors
    • Careers
    • CSR
    • Events & Webinars
    • Investors
    • Media Kit
    • Nearshore Centers
    • News & Media
    • Quality Management
    • Resources
    • Sustainability
    • Testimonials
  •  
  •  
  •  
  •  
  •  
^
  •  
  •  
  •  
  •  
  •  

© 2023 L&T Technology Services Limited. All Rights Reserved.

  • COPYRIGHT & TERMS
  • PRIVACY
  • Site Map
  • info@LTTS.com