- Design and implement defense-in-depth into the IoT solution. In some cases, this will require the insertion of gateway computing elements to serve as a layer of defense as well as a point at which isolation can be enabled to ensure safe operation in a disconnected, degraded, but still fail-safe mode. In other cases, this suggests inserting a layer of indirection or separation to allow for command and data checking, filtering, and logging.
- Be attentive to availability and safety. Above all else, the system must be engineered to do no harm as a result of its connected-ness and the control which may be possible to be exerted on the device by virtue of that connection. Fail-safe operation, dropping down in capability but being sure to bring the system to a safe steady-state, must be built into the connected device.
We are entering an amazing era of Internet of Things computing where cyber-physical systems are able to provide a more streamlined, comfortable, and even safer environment to work, play, and live. With this increased set of capabilities will come some risks and vulnerabilities to be addressed. By implementing IoT solutions using methods and technologies that we learned through years of experience, and having a strong means of responding to incidents and delivering updates, we can welcome this era with open arms and much excitement.
About the authors:
Chris Poulin is research strategist in IBM’s X-Force R&D team. He is responsible for analyzing security trends and emerging threats with focus on security for the Internet of Things.
Tim Hahn is an IBM Distinguished Engineer with IBM. As the Chief Architect for Internet of Things Security within the IBM Analytics organization, he is responsible for strategy, architecture, and design for IBM's Internet of Things offerings. Tim also has experience with both connected vehicles and connected products.