Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings

Three IoT Security Lessons from Jeep Hackers

By Manfred Kube, Head of M2M Segment Marketing and Director Business Development mHealth, Gemalto | July 28, 2016

Share

Last year, hackers demonstrated to us how the IoT, when unsecured, can be used to hack a Jeep remotely while it’s in the middle of a highway. A scary scenario. It served as a wake-up call for many in the automotive industry, especially those at Jeep who promptly issued a patch for the vulnerability.

Since then, the company behind the Jeep hack, IOActive, has come out with a survey claiming that nine out of every 10 IoT devices on the market today have not been designed with adequate security. These figures are concerning and should serve as a reminder to everyone how we must strengthen our commitment to IoT security. Below, we list out the three key lessons we must learn about IoT security practice and policy.

1. Security must be the number one priority for IoT. The potential of the IoT is seemingly unlimited – new innovations are being made every day. This is brilliant for the IoT market as a whole; however, security thinking must be properly integrated into the innovation process.

Currently, many IoT developers choose (understandably) to work in an agile manner, in an off-network sandbox which enables them to experiment and innovate more rapidly. In this environment, security is often an afterthought, and is not implemented until the later stages.

It’s important we recognize that secure products need to be built with security in mind from the ground up – security solutions shouldn’t just be added on at the end of the process. Instead, securing the device should be the first pillar.

2. The onus of responsibility should be with manufacturers/developers, not with end users. Some companies have resorted to including disclaimers with their products to ensure they’re not held liable for any security exploits.

This sets a dangerous precedent; one that passes on the responsibility to end users. Of course, end users should be encouraged to be responsible and take all the care they can… but this can’t relieve the manufacturers of responsibility. If IOActive’s figure of nine out of 10 devices being vulnerable is accurate, we can’t expect end users to be bridging the gap.

3. We need to keep driving IoT security innovation. The IoT, on many levels, is about discovering new ways of doing things. This means new form factors that we haven’t used before – this could also mean new attack vectors for hackers. For example, USB or OTA software updates for vehicles provides a new attack vector for criminals – we need to ensure we find ways to secure against these possibilities.

In short, we’ll need innovative solutions to protect against new opportunities for exploitation.

Security innovation is extremely important, and the recent IoT Security Webinar and IoT Security eBook both highlight market-proven best practices and approaches to ensure a secure IoT.

In addition, the second annual IoT/M2M Innovation World Cup Security Award brings forward the importance of building trust into the IoT.

Once a greater trust is established, the opportunity for businesses to Connect, Secure, and Monetize the IoT will be better than ever.


Filed Under: M2M (machine to machine)

 

Related Articles Read More >

Part 6: IDE and other software for connectivity and IoT design work
Part 4: Edge computing and gateways proliferate for industrial machinery
Part 3: Trends in Ethernet, PoE, IO-Link, HIPERFACE, and single-cable solutions
Machine Learning for Sensors

DESIGN GUIDE LIBRARY

“motion

Enews Sign Up

Motion Control Classroom

Design World Digital Edition

cover

Browse the most current issue of Design World and back issues in an easy to use high quality format. Clip, share and download with the leading design engineering magazine today.

EDABoard the Forum for Electronics

Top global problem solving EE forum covering Microcontrollers, DSP, Networking, Analog and Digital Design, RF, Power Electronics, PCB Routing and much more

EDABoard: Forum for electronics

Sponsored Content

  • Global supply needs drive increased manufacturing footprint development
  • How to Increase Rotational Capacity for a Retaining Ring
  • Cordis high resolution electronic proportional pressure controls
  • WAGO’s custom designed interface wiring system making industrial applications easier
  • 10 Reasons to Specify Valve Manifolds
  • Case study: How a 3D-printed tool saved thousands of hours and dollars

Design World Podcasts

May 17, 2022
Another view on additive and the aerospace industry
See More >
Engineering Exchange

The Engineering Exchange is a global educational networking community for engineers.

Connect, share, and learn today »

Design World
  • Advertising
  • About us
  • Contact
  • Manage your Design World Subscription
  • Subscribe
  • Design World Digital Network
  • Engineering White Papers
  • LEAP AWARDS

Copyright © 2022 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings