With an estimated 14 billion devices connected to the Internet today and an estimated 50 billion connected devices by 2020, the Internet of Things (IoT) offers a tremendous market opportunity. But it also presents a major security risk. Why? First and foremost, the vast majority of all connected devices in use today have inadequate security. This can either be down to the lack of training for security in embedded systems or the product’s security level not being sufficiently tested. For example, in the healthcare industry, problems and chaos created by the rising barrage of malicious hacking events make it clear that achieving solid cybersecurity protection should be a top priority for OEMs developing connected medical devices.
Until recently, the regulatory process mainly focused on quality, safety and basic essential performance.
It did not take into account—or screen for—security related controls. Fortunately, technical standards and regulatory thinking concerning cybersecurity issues seem to be converging and maturing. For instance, the National Highway Traffic Safety Administration (NHTSA) released guidance to the automotive industry for improving motor vehicle cybersecurity. In the healthcare industry, the FDA released pre- and post-market guidance for medical device cybersecurity based on the NIST cybersecurity framework. VDMA (Verband Deutscher Maschinen- und Anlagenbau, Mechanical Engineering Industry Association) released the “Industrie 4.0 Security Guidelines”.
With security now deeply embedded in the regulatory process, everyone must address the issue directly and effectively. Therefore, planning for compliance and implementing best practices have to proceed hand-in-hand.
Security regulations and guidelines establish basic security principles. These principles include:
Design for Security
There are many existing design processes for embedded systems, all of which establish threat analysis, security requirements, secure design, implementation, test/verification for security, and a response plan in the event of any issues following the release of the product.
Multiple Protection Layers (Defense in Depth)
In security applications, protection is most often implemented in multiple layers to prevent different types of attacks and provide redundancy and traceability.
Protection across the Product Lifecycle
Lifecycle management is vital to an OEM’s ability to maintain the security and integrity of their products from production, to shipment, to deployment, and ultimately to their end-of-life.
Roots of Trust (RoTs) are the foundation of assurance of the trustworthiness of a device. As such, RoTs are security primitives composed of hardware, firmware, and/or software that provide a set of trusted, security-critical functions. (NIST SP-800-164, Hardware Roots of Trust)