The expansion and evolution of networked devices is rapidly changing the functionality, application and utility of technology in industrial and consumer markets. The Internet of Things (IoT), a term coined by Kevin Ashton in 1999, describes physical objects that are connected through a network to other devices or networks. Devices that communicate across networks using one or a variety of protocols are called smart devices. Devices that natively do not have network connectivity but can process data are called intelligent electronic devices. When networking is applied to an intelligent electronic device, the device can then be categorized as a smart device. Since the introduction and widespread adoption of smart phones (e.g. Apple iPhone—a network enabled intelligent electronic device), the types and variety of smart devices being connected with local networks and across the Internet has grown exponentially through new products and the retrofitting of legacy intelligent electronic devices.
Modern day smart devices and systems are designed, engineered and manufactured with native network communication capabilities and data processing power. Product concepts and designs already account for Internet connectivity and device interoperability in the product development phase—improving product functionality and flexibility. The interconnectivity of smart devices also enables the smart devices to communicate and affect the functions of other smart devices. For example, a building's security system's motion sensors can be configured to communicate with the lighting system. If when the security system is active and a motion sensor detects motion, the security system can instruct the light system to turn on all the interior lights. As illustrated, the capabilities of smart devices provide many benefits.
The rapid, wide-scale adoption of smart device technologies has resulted in fierce competition between manufactures. To maintain competitiveness and profitability, device manufacturers are utilizing condensed and shortened product development lifecycles for delivering new capabilities. The tradeoff of truncated product development lifecycles for fast release of new capabilities is security. The security measures and associated subsystems of new and retrofitted smart devices are poorly accounted for, if at all, by manufacturers. This shortsightedness can result in design flaws or incompatibility issues between smart devices and systems. Due to the truncated product development lifecycles, design flaws or incompatibility issues can be overlooked or unaddressed, weakening the security posture of the smart device and system, threatening privacy and safety. This highlights the need for additional protection.
To incorporate a legacy intelligent electronic device into the IoT ecosystem, the device can be replaced with an actual smart device or it can be retrofitted to become a smart device. If no current smart device fits the needs of the legacy intelligent electronic device, or if the upgrade of the legacy device to a new smart device is too cost prohibitive, the legacy device can be retrofitted with network capabilities through additional hardware. The actual retrofitting process of legacy electronic intelligent devices typically involves an additional piece or pieces of hardware that can communicate using the device's native communications protocol and externally with other smart devices or the Internet using standardized connections and protocols. The benefits of retrofitting are improved product efficiency, expanded product functionality and improved product control. For example, the industrial control system of a machine can be retrofitted to incorporate local area network (LAN) access, enabling local data collection and providing real-time production statistics of the machine without having to redesign and build an entirely new machine. Or the machine can become accessible over the Internet, enabling remote diagnostics and control of the machine.
The inclusion of legacy devices and systems in the IoT ecosystem creates an environment never considered in original product and system designs. For example, devices and systems prior to retrofitting have rarely, if ever, been connected with other devices outside of a machine-to-machine (M2M) communications network for which they were initially designed. Devices and systems that were once segregated from each other and the world are now directly accessible through LANs and/or indirectly accessible over the Internet. This level of interconnectivity was not accounted for in original device and system designs, weakening the overall security posture and highlighting privacy and safety concerns for which additional protection is required.
The critical gap in device security and interlaced security between devices introduces risk into commercial and residential environments. Within the scope of smart devices, security includes: communications security, device and system access security and data security. Measures that are industry best practices for computer security are yet to be fully embraced by the smart device industry. For example, authenticating and encrypting data communications, user privileges, and data encryption are often overlooked, incorrectly implemented, or selectively addressed (e.g. data is encrypted, but communications are not). The risks of poorly implemented security include information leakage, data and information stealing, the ability to send and receive malicious malware and unauthorized device manipulation. The result of such risks could lead to the covert collection of photographs and metadata in addition to voice communications that are otherwise assumed to be private, the infection and spread of malicious malware across varying devices without user awareness, and the unauthorized local and remote manipulation of devices which can impair, stop, or destroy stationary and/or mobile sensors, devices, appliances, etc., or the systems of such. Some examples of poor smart device security implementation and system vulnerabilities is explored by Nitesh Dhanjani in his paper titled “Hacking Lightbulbs: Security evaluation of the Philips hue Personal Wireless Lighting System” and by Mike Metzger in his presentation “Letting the Air out of tire pressure monitoring systems” at Defcon 18.
It is estimated that there are currently over 25 billion connected devices in the world. The expansion of the IoT ecosystem by the proliferation of smart devices throughout modern day society highlights the importance of smart device security and data protection when considering privacy. Smart devices are creating a plethora of previously unattainable data, epic in proportions. The data generated by smart devices varies by device and manufacturer and the information contained within the data can be generic, specific, and/or sensitive in nature. Examples of the types of data include but are not limited to video, photographic, audio, device logs, measurement data such as temperature or power consumption, etc. Smart device data can be offloaded and collected by the device manufacturer or third parties through network connections. The data collected by a manufacturer might be used to improve and modify a device's performance and functionality or further enrich the user experience. Otherwise, a manufacturer might collect data with no defined purpose. Data collected from smart devices can also be sold to third parties. Details regarding what information is contained in a smart device's data are typically not documented and the user cannot easily, if at all, limit the dissemination of their data at the device level. The intentional and unintentional dissemination of data erodes the level of assumed and expected user privacy. For example, in February 2015 the media covered how the Samsung Smart TV's voice activation feature could technically record conversations and send the data back to third parties—eliminating any expectation of privacy within the device's microphone range.
Safety concerns are realized when a device that is part of the IoT ecosystem can be covertly accessed, controlled and/or have it's data furtively copied to external resources. Primarily, the ease of accessibility of smart devices from the Internet and local networks enables the mechanism for exploitation—risking system and user safety. A smart device's normal functionality can be adversely affected causing denial of service or device failure. Depending on the smart device/system being intentionally or unintentionally targeted, individuals and capital can be put at risk. For example, in 2011, computer scientists from the University of California, San Diego and the University of Washington reported on how a car can be accessed through its cellular and Bluetooth wireless systems. In 2013, researchers illustrated how the substandard security system of a car's smart devices coupled with wireless access could provide the ability to remotely override/command a car's electronic system. Their work demonstrated how the brake system of the car could be disabled, which prevented the driver from stopping the vehicle.
Other safety concerns exist outside of controlling a smart device. The data produced, stored and disseminated by a smart device can contain personal and unique identifying information. Unique information could be used to identify an individual or device for specific exploitation. Data can also reveal the components or topology of a system such as a security system, which risks the safety of what it is protecting. If large amounts of data are obtained from multiple smart devices and processed, the data as a whole could derive information such as an individual's pattern of life, opening them up to being taken advantage of.
Security, privacy and safety of smart devices are interdependent of each other as illustrated in the previous examples. As smart devices find new applications in everyday life and the IoT ecosystem continues to grow, the risk of device exploitation, device failure, data loss due to poor security, loss of privacy in otherwise assumed private environments and the safety of device operation and users continues to grow from both internal and external threats. Currently, companies perpetually fail to holistically address security, privacy, and safety concerns in the design of smart devices and systems. The industry shortcoming requires complimentary technology solutions to address the gaps. Traditional solutions such as firewalls only address data communications between the device and the Internet—omitting the data communications that occurs locally to the device, such as the device-to-device communications within a home, commercial or industrial environments. These systems are typically limited to Ethernet or Wi-Fi connections and do not incorporate other smart device protocols that are based on other standards such as the IEEE 802.15.4 standard. These technologies are also expensive to implement and maintain or are ineffective in protecting more than just Internet to local network communications. Configuration of such devices is also complex and tedious, requiring extensive technical knowledge of device communications (i.e. ports, protocols, etc.).
As illustrated, the ability to limit local and remote device and network access, control smart device communications, and limit information sharing on a local network or across the Internet is lacking. Security, privacy and safety concerns associated with smart devices are perpetuated by the inherent shortcomings of security mechanisms and the unrestrained access of potentially sensitive and private data. A user must be aware of and trust that the manufacturer has implemented the proper security and access restraints or be complacent with the fact they cannot trust the manufacturer. Concurrently, the user still does not know if the manufacturer or a nefarious entity is secretly collecting data from the device.