How to Apply Security Best Practices to IoT Firmware Development
The Internet of Things is changing every aspect of our lives. From our homes and offices to busy urban streets, IoT devices are giving us greater control of the environment around us. We can use our appliances more efficiently, streamline our businesses more accurately, and connect with others more quickly, no matter how far away they may be.
Most IoT products exchange information over the cloud. Given that these devices connect to the Internet, security must remain a top priority. Here are some examples of the IoT products available today:
- Smart door locks – Proximity sensors allow doors to unlock when an authorized user approaches with their smartphone.
- Smart home appliances – Includes thermostats that automatically adjust temperature and stoves that can be controlled remotely using WIFI.
- Wearables – Includes smartwatches that sync up with your contacts/calendars and fitness trackers that count your steps.
With thousands of new IoT products flooding the market each year, it’s crucial that firmware developers understand the importance of good security practices.
What is Firmware?
Firmware is in virtually everything, including the millions of IoT devices available around the world. The software that runs on these devices is called firmware. In its simplest terms, firmware provides the necessary instructions to the device so it can communicate with others. Because operating systems are becoming harder to infiltrate, hackers are trying to exploit firmware instead. This is why researchers believe the tech industry needs a more universal approach to firmware security.
Why is Firmware an Attractive Target?
For years, developers have largely overlooked firmware security. This has made it especially vulnerable to attacks. Firmware attacks are difficult to uncover using current antivirus software. It lives deep in the device and is not normally accessible using current tools.
Malware is particularly dangerous. Once it takes over the firmware, it can gain full access to the entire system. It’s already very difficult to erase and is not affected by system reboots or new installations of the operating system.
Here are some threat areas specific to firmware:
- Data tampering & denial of service
- Unauthorized access to sensitive data
- Disclosure of ‘secrets’ and cryptic data left behind in memory
When designing firmware for IoT devices, the industry has been pushing to make security a primary consideration. Risks can be mitigated by taking a proactive approach. Let’s explore some of the ways in which firmware security can be improved.
Reduce the Attack Area
By eliminating unnecessary components, you’re allowing hackers less space to attack. Your IoT device may need to broadcast a WIFI network and run an HTTP server to accept credentials to the Internet-enabled network. However, these components are unnecessary once the user has configured the device.
It’s a good idea to disable the ad-hoc WIFI network and HTTP server once their purpose is complete. This way, you’re ensuring that those features are not being used by hackers maliciously during the operation of the device.
Another way to reduce the attack area is to eliminate multiple communication paths on the device. For example, once the initial setup is complete, you can ensure the mobile app component never communicates directly with the IoT device ever again. All subsequent communications are then limited to a single channel (such as a WebSocket), which negotiates data between the device and remote server. The mobile app sends all commands to that remote server, and the server then forwards the info to the device. Ultimately, all security efforts are focused on keeping this one existing line safe.
Reduce Stored Information
Hackers can easily extract stored data from IoT devices. That’s why it’s crucial to reduce the amount of sensitive info stored. No user data should ever be stored locally except for WIFI credentials, which allow the device to reconnect after rebooting. This way, the attackers are very limited in the type of information they can extract.
Never Use Plain Text
Any data that is stored locally should always be protected with encryption. Never store sensitive information in plain text. As stated earlier, you should not store any user info on the device except for WIFI credentials.
During device configuration, however, developers can still allow the device to receive user info from a mobile app. It will then forward this data on to the remote server. The device should never retain a local copy. We cannot stress this enough: Any information that is stored on the device must always be encrypted.
Use Only Secure Channels
When it comes to communication between IoT devices, make sure it’s done over secure channels. HTTPS or WSS are safe for web traffic, and MQTT as opposed to simple TCP. It’s sometimes difficult to implement secure communication channels, depending on your hardware design. If this is the case, remember that insecure channels are not necessarily bad, as long as the data being sent is not sensitive.
For more information about firmware security, please call Circuits Central at 1-888-602-7264 or contact us here.