The hybrid physical and virtual nature of IoT can be perplexing, and it poses a considerable challenge in managing. This also applies to the vast openness of IoT, which combines information associated with public, private and community entities and activities.
Over the last few years, industry players have been actively collaborating in standardisation bodies to address the security challenges of IoT. In parallel, security agencies have been raising awareness to IoT Security concerns, both within and across industries. These efforts have led to improvements in security technologies and introduced new security solutions.
Creating IoT Security architecture
IoT Security introduces technological challenges across the device, network and platform level. There is also the process challenge of orchestrating the security technologies in an end-to-end manner. For these challenges, three key security technologies and one process capability are essential:
- From the device viewpoint: Configurable device defense capability
- From the network viewpoint: Malicious device detection and isolation
- From the platform viewpoint: Platform and data protection
- From the process viewpoint: Secure operations and management
It is impossible to predict all the possibilities about what a compromised IoT asset will be instructed to do by an adversary. Consequently, an important design principle for the IoT Security architecture is to have protection measures at multiple levels. In the face of millions of devices requiring action (e.g. Smart meter deployments across multiple cities), manual intervention becomes unrealistic. Hence large-scale automation in operations is paramount in IoT Security.
IoT can be a great enabler of multiple domain-specific visions of automation for society; commonly termed as “Smart.” For instance, the vision of Smart Transportation includes use cases that provide a resource-aware transport capability and enable a more efficient end-to-end transport service. Each “Smart” vision comes with multiple use cases, and include capabilities of awareness and intelligence. On the other hand, IoT Security is cutting across domain boundaries and calls for an end-to-end perspective. For instance, the typical home appliances (e.g. refrigerator, oven, microware, etc.) and home controls (e.g. heating, ventilation, etc.) can simultaneously be part of Smart Home use cases as well as Smart Grid use cases. Likewise, a private electric vehicle will be part of Smart Parking, Smart Grid and Smart Vehicle use cases – possibly even at the same time.
Many IoT systems are open and comprise elements from a multitude of vendors. In many cases, it is this openness and extensibility that brings along a huge value potential for IoT. Platforms, communication networks and gateways, and the multitude of possible devices may come from different vendors. This can pose great challenges to achieve a consistent and coherent secure system for all its use cases. Therefore, it is important to consider the overall system and what can be done to enable a good security baseline and flexible, advanced security capabilities for the best protection of this flexible and open system.
Future opportunities to enhance security for IoT
Only through the principles of collaboration and partnership can this vast and complex environment be protected. It requires joint initiatives where partners work together across the whole lifecycle of development, validation, deployment, and operation.
Beyond technology, Huawei is taking steps via our OpenLab program to foster partner collaboration to build and validate complete secure solutions together with partners and customers. Huawei will continue to promote and support stakeholder collaboration to enhance the end-to-end security in IoT. Collaboration lies at the core of Huawei’s vision of IoT Security. However challenging security in IoT may be, Huawei is confident in our collective ability to address it successfully.
Read the full IoT Security whitepaper here.