Secure IoT to enable trust and daily usage
Internet of Things is the new tsunami of connected products, beyond traditional IT end points and phones, with a pervasive presence in our day-to-day world.
Apart of connected vehicles which are IoTs on wheels, on wings or at sea, the vast majority of the 30 billion connected products in 2020 will be mere sensors or actuators often deployed in common devices (fridge, elevators, scales…).
Their design and production are often led by very simple criteria to optimize their user experience, life cycle and total cost of ownership.
IoT devices are rarely designed with built-in security
Most IoTs must be low cost to enable new use cases (e.g. sensors to track pallet’s location in order to optimize supply chain). But this often means that operational features are delivered with the minimum or even zero protection functions or processes. To lower the costs, they may even be designed and produced offshore with processes that are difficult to monitor and control appropriately.
Sensors and actuators, that must be deployed everywhere in various conditions and situations, are designed for a long-life span, and they often contain off-the-shelves components with few or no maintenance. For instance, software updates for maintenance may require Over-The-Air (OTA) connectivity mechanism and this may cause battery intensive usage which may result in a shorter life span.
Cybersecurity criteria and opportunity to select IoT
New supply chains, e-health, smart home, smart cities, industry 4.0 do all rely on IoT at various critical level to deliver the right service at the right level, with the lowest risks.
Dysfunction, or specific attacks, may result in business impacts because of direct damage on finance or on reputation and branding trustworthiness, and even in human life losses when impacts on ecology and e-health are considered.
So far, cybersecurity has been an option, but it can emerge as a real opportunity and differentiators for IoT manufacturers. On the other hand, large enterprise and organizations can leverage cybersecurity to select IoTs with new security criteria in mind.
Assess IoT firmware cybersecurity : continuous integration
Moabi gives visibility on IoT built-in security and presents a clear assessment about the strengths and weaknesses of the IoT firmware and their binaries to rapidly answer to these questions:
Does this IoT comply with the standards in code security? Is the cypher function strong enough when cryptography is used? Can the defense-in-depth be improved? Does this firmware contain known vulnerabilities or 0Days detected by Moabi?
Moabi calculates the IoT Defense Surface that measures its overall security level to benchmark suppliers and IoTs so that organizations can select the best ones with built-in cybersecurity.
Moabi helps organizations select IoT platforms such as sensors and actuators with cybersecurity criteria in their procurement process to protect their business and operation. Moabi’s analytics and reports empower them to improve the security awareness of their suppliers and grow their security posture.