Internet of Things and Cyber Security Part II: Solutions and Trends

Disclaimer: The opinions expressed in this article are entirely my own and in no way reflect the positions or thoughts of the companies mentioned throughout the article.

Since my last post the major cyber-attack “WannaCry” ravaged thousands of computer systems all over the world leveraging ransom ware primarily targeted at healthcare systems. The initial diagnosis of the problem was that a vulnerability in the Windows XP OS was exploited because the OS had reached end of life and was no longer supported. The purpose of this discussion is not to place blame on different parties but rather point out that this exploitation was a prime example of how IoT systems could be exploited in the near future. Thus, the “WannaCry” cyber-attack underscores the importance of cyber security through the IT ecosystem particularly as devices proliferate and maintaining system integrity becomes more difficult.

This post will outline some of the current academic and industry research and solutions in the IoT cyber security domain while also detailing some of the current industry trends.

The first design solution is proposed by Quocirca, a research and analysis group who conducted several primary research studies on this topic, is a hub and spoke design model. This model seeks to draw a boundary around the network and leverages centralized aggregators (Hub) to group IoT devices into manageable arrangements (Spoke). The aggregators minimize network traffic and spread the load which enables simplified provisioning. Furthermore, the aggregator provides localized intellect functionality (inspection, analytics, isolation) and shields the main network (and other spokes) from security breaches on any of the devices. Exhibit #1 provides a graphical representation of this architecture.[1]

Exhibit #1: Quocirca Hub and Spoke Architecture

An industry wide proposal is the zonal threat model, which states that the network should be segmented into zones and corresponding solutions; each zone often has its own data and authentication and authorization requirements. Each zone is separated by a “Trust Boundary,” which represents a transition of data from one source to another. At a high level, the idea is that creating the zones enables a “digital access” barrier that makes each part of the network more secure. Exhibit #2 depicts the various zones and an overview of the various boundaries. [2]

Exhibit #2: Zonal Threat Model

The industry group IoT Analytics presents a four layer model for IoT security and to prevent IoT devices from becoming malicious network end points. The first layer is the hardware layer that aims to create secure devices through device intelligence and edge processing. The second layer is the communication layer that focuses on creating secure communications through secure device initiated communication and controlled messaging. The aim in this layer is to prevent man in the middle attacks by using encryption and traffic flow detection technologies. The third layer is the cloud layer that both collects data and transmits data over the second layer. Security in this layer is accomplished through the identification of threats to the cloud and securing communication using authentication and encryption technologies. The final layer is life cycle management, which ensure security through update/patch management and new device provisioning and decommissioning procedures.[3]

Startup Solutions

While the industry leaders will likely influence the security standards and policy within the industry, several startups have emerged that will likely shape the IoT security solutions that are brought to market. While many of the companies below provide point or vertical specific solutions, it is crucial to understand where startups are forming and the pain points they are trying to solve as proxy for the overall trends, which will influence industry investment and could impact how Government thinks about policy decisions.[4]

1. Argus Cyber Security is developing security solutions for connected automobiles that aims to prevent hackers from taking over autonomous vehicles.

2. ThetaRay is creating an IoT security solution that uses machine learning and big data to identify anomalies and detect across all parts of a network.

3. Indegy has developed a security solution specifically for industrial control system (ICS) networks that leverage thousands of sensors and other “things.” The Indegy platform provides visibility and control over ICS networks.

4. Rubicon has developed a Cryptography + Cloud + Control solutions that seeks to provide two-way authentication between IoT devices and the cloud.

5. Bayshore Networks has developed a cloud based IT/OT Gateway that inspects and filters industrial data (IT/OT Convergence).

6. SecureRF’s solution communicates via radio frequencies (RF) and provides a cryptography solution that works within constraints of the low resource computing environments that make up the world of IoT.

7. PFP Cybersecurity solution uses “power fingerprinting” to identify intrusions and unexpected behavior. Their solution is offered at a firmware level or as a cloud based solution.

Trends

After reviewing the offerings proposed by various startups it is clear that the investment money is focused on solutions that address threats to critical national infrastructure and solutions that are able to operate effectively in the cloud and low level computing environment. Furthermore, many of the solutions are increasingly focusing on the convergence of IT/OT. This trend will continue and the solutions that gain traction will be those that solve the major pain points emerging from enterprises that currently employ IoT systems and those enterprises that will be making large investments in IoT in the near future.

[1] Longbottom, Clive “A reference architecture for the IoE.” N.p., 11 May 2016. Web. 12 May 2017.

[2] “Understanding IoT Security — Part 1 of 3: IoT Security Architecture on the Device and Communication Layers.” IoT Analytics. N.p., n.d. Web. 12 May 2017

[3] “A New Approach to Investigate Iot Threats Based on a Four Layer Model.” 2016 13Th International Conference on New Technologies for Distributed Systems (NOTERE), New Technologies for Distributed Systems (NOTERE), 2016 13th International Conference, 2016, p. 1. EBSCOhost, doi:10.1109/NOTERE.2016.7745830.

[4] Nanalyze. “19 Internet of Things IoT Security Startups.” Nanalyze. N.p., 19 Mar. 2017. Web. 26 Mar. 2017.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.