IoT security focuses on the edge
NUREMBERG, Germany — Doing more processing at the edge to avoid sending sensitive data to the cloud emerged as a common theme among vendors at the Embedded World conference here last week. Whether this is a result of forthcoming GDPR (General Data Protection Regulation) laws coming into force across the European Union on May 25, or whether there it is simply a lack of sufficient security in current devices is difficult to tell.
A recent report on IoT cybersecurity readiness certainly points to the latter. Lawrence Munro, vice president SpiderLabs at Trustwave, who released the IoT Cybersecurity Readiness Report, said, “As IoT adoption continues to proliferate, manufactures of IoT are sidestepping security fundamentals as they rush to bring products to market. We are seeing lack of familiarity with secure coding concepts resulting in vulnerabilities, some of them a decade old, incorporated into final designs. Because updating IoT devices by nature is more challenging, many remain vulnerable even after patches are issued, and often patches are not even developed. Organizations need to properly document and test each internet-connected device on their network or face introducing potentially thousands of new attack vectors easily exploitable by cybercriminals."
He added, “"Any device or sensor with an IP address connected to a corporate network may open the doors to a devastating security incident."
The report finds that while IoT use is growing rapidly — by the end of 2018, five in six organizations will be using at least a minimal level of IoT technology — security concerns are cited as the top barrier to increased IoT adoption.
Given this, it’s not surprising that there were several announcements and demos around IoT edge computing and security at Embedded World. On top of this, major vendors were also keen to announce their full IoT ecosystems or platforms, presumably to contain the security risks in a closed loop environment.
IoT on a Chip, with Multiprotocol Radio
As we highlighted previously, NXP was keen to illustrate the need for IoT edge compute capability.
“Self-learning edge node systems are going to start influencing IoT, with scalable processing at the gateway and the edge," said Geoff Lees, senior vice president and general manager of microcontrollers at NXP, during the company's press conference at the show. "The edge computing future demands high-performance compute together with secure data collection, management, and decision-making.”
Among the devices NXP showed were its ultra-compact IoT-on-a-chip package, which brings together the pre-integrated features from NXP’s i.MX applications processor family, and Wi-Fi/Bluetooth solutions for consumer and industrial developers to quickly build compact IoT products. Lees said the company’s proprietary ultra-low leakage SRAM with 10x lower static leakage than conventional memories, working with Samsung's non-volatile STT-MRAM that has 1,000-times faster wake-up time, 400 times lower write power than conventional embedded flash and 100 times longer battery lifetime, makes "instant-on" IoT edge node products possible.
Continue reading page two on Embedded's sister site, EE Times: "IoT security concerns push vendors to the edge ."