Breaking News
Comments
Newest First | Oldest First | Threaded View
MindTech
User Rank
Author
re: Opinion: Security is the Achilles heel
MindTech   8/27/2012 4:10:01 PM
NO RATINGS
Obviously we have people looking at the How and Where of security with the IoT. The whys are fairly obvious: so that damage (physical and monetary) is prevented, sensitive and personal information is not compromised, and that we feel safe and confident in our technology. The next step is to consider the Who and What: there will be a lot of things on the Internet of Things. Some will be safety-critical, some will be life-critical, some will be information- or infrastructure-critical. Most will not be. What we need is classifications of devices and what security measures are necessary to ensure that if they need to remain un-compromised they can. Should I be able to hack my power or water meter? No. Should I be able to hack someone's health device? No. Should I be able to hack my toaster? Maybe, so long as I can't hack yours remotely and burn down your house. Should I be able to hack my non-critical house sensors? Yes, absolutely, so I can gather more data or create special applications with them.

MindTech
User Rank
Author
re: Opinion: Security is the Achilles heel
MindTech   8/27/2012 4:09:30 PM
NO RATINGS
Obviously we have people looking at the How and Where of security with the IoT. The whys are fairly obvious: so that damage (physical and monetary) is prevented, sensitive and personal information is not compromised, and that we feel safe and confident in our technology. The next step is to consider the Who and What: there will be a lot of things on the Internet of Things. Some will be safety-critical, some will be life-critical, some will be information- or infrastructure-critical. Most will not be. What we need is classifications of devices and what security measures are necessary to ensure that if they need to remain un-compromised they can. Should I be able to hack my power or water meter? No. Should I be able to hack someone's health device? No. Should I be able to hack my toaster? Maybe, so long as I can't hack yours remotely and burn down your house. Should I be able to hack my non-critical house sensors? Yes, absolutely, so I can gather more data or create special applications with them.

przem
User Rank
Author
re: Opinion: Security is the Achilles heel
przem   8/26/2012 2:50:40 AM
NO RATINGS
It is possible to do too much security too. If we require toasters to use OTP and/or cryptographically signed firmware, they cost and complication of product updates, warranty repairs and such could go up significantly. An example of problems with that strategy is the locked-in inkjet printer cartridges---manufacturers justified it by a combination of 'protecting the customer from expired/counterfeit product' and 'sell the printer cheap and make it up on supplies' strategies---but the end result is that customers either buy new printers on sale or stop buying inkjets entirely. I actually look and buy products that have a reputation for openness and upgradeability: openWRT network routers, GE programmable lights, etc. I will avoid products that are designed to be locked up, just like I would never buy a car with the hood welded shut.

RWatkins
User Rank
Author
re: Opinion: Security is the Achilles heel
RWatkins   8/26/2012 12:39:16 AM
NO RATINGS
Is this barking article up the wrong tree? If it is a toaster or set-top box, do I WANT it to be capable of erasing itself? For such mundane applications, such heavy-handed approaches cost warranty dollars and customer confidence. The REAL issues with putting everything on on the web are: 1. Can someone monitor the web and learn too much about a target of interest? This might include such things as whether one is home (making home a burglary target), and gathering data on any projects being worked on by a business that uses web-based but inadequately secure storage services (most of them). 2. Can someone intentionally or unintentionally (generally the former) vandalize property and equipment that they do not own (eg. Stuxnet)? The biggest issue facing too many engineers and companies right now is, "It can be done, and it can be sold, but SHOULD if be done?"

WKetel
User Rank
Author
re: Opinion: Security is the Achilles heel
WKetel   8/25/2012 1:21:52 AM
NO RATINGS
Interesting article indeed. But is making my toaster subject to a hackers attack worth whatever nebulous advantage is to be gained? I am aware of the theory that smart appliances can be programmed to run when power is the cheapest, but we can also do that with a timer and published rate data. My point is that the internet of things will primarily benefit those who sell the internet connection part of the thing. Most of the benefits can be had in other manners, and almost all of them are more secure. Ask yourself this: "do you want some hacker controlling your toaster?"

jmcleod951
User Rank
Author
re: Opinion: Security is the Achilles heel
jmcleod951   8/22/2012 7:01:31 PM
NO RATINGS
Hi Kris, I invite everyone who found David's article interesting to view the DAC Panel "Is Lifecare the Next Killer App?" in which you participated on YouTube (http://tiny.cc/grggjw). It will provide a better understanding of the huge potential that machine-to-machine interaction, cloud computing, and Internet-or-Things represent.

Kris Ardis, Maxim Integrated Products
User Rank
Author
re: Opinion: Security is the Achilles heel
Kris Ardis, Maxim Integrated Products   8/20/2012 7:37:05 PM
NO RATINGS
Hi David - appreciate the quote, and I certainly agree that "code security" is a key issue in making the Internet-of-Things work safely and reliably. I do want to point out that while ROM or OTP is an effective way to deter hackers from changing the behavior of a system, it may be too limiting for complex applications. In these cases, strong cryptographic authentication of firmware and firmware downloads can help to safeguard the system that relies on reprogrammable flash (or similar) for its code store.



Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Radio
LATEST ARCHIVED BROADCAST

What are the engineering and design challenges in creating successful IoT devices? These devices are usually small, resource-constrained electronics designed to sense, collect, send, and/or interpret data. Some of the devices need to be smart enough to act upon data in real time, 24/7. Specifically the guests will discuss sensors, security, and lessons from IoT deployments.

Brought to you by:

Most Recent Comments
michigan0
 
SteveHarris0
 
realjjj
 
SteveHarris0
 
SteveHarris0
 
VicVat
 
Les_Slater
 
SSDWEM
 
witeken
Most Recent Messages
9/25/2016
4:48:30 PM
michigan0 Sang Kim First, 28nm bulk is in volume manufacturing for several years by the major semiconductor companies but not 28nm FDSOI today yet. Why not? Simply because unlike 28nm bulk the LDD(Lightly Doped Drain) to minimize hot carrier generation can't be implemented in 28nm FDSOI. Furthermore, hot carrier reliability becomes worse with scaling, That is the major reason why 28nm FDSOI is not manufacturable today and will not be. Second, how can you suppress the leakage currents from such ultra short 7nm due to the short channel effects? How thin SOI thickness is required to prevent punch-through of un-dopped 7nm FDSOI? Possibly less than 4nm. Depositing such an ultra thin film less then 4nm filum uniformly and reliably over 12" wafers at the manufacturing line is extremely difficult or not even manufacturable. If not manufacturable, the 7nm FDSOI debate is over!Third, what happens when hot carriers are generated near the drain at normal operation of 7nm FDSOI? Electrons go to the positively biased drain with no harm but where the holes to go? The holes can't go to the substrate because of the thin BOX layer. Some holes may become trapped at the BOX layer causing Vt shift. However, the vast majority of holes drift through the the un-dopped SOI channel toward the N+Source,...
Like Us on Facebook
Special Video Section
Once the base layer of a design has been taped out, making ...
In this short video we show an LED light demo to ...
The LTC2380-24 is a versatile 24-bit SAR ADC that combines ...
In this short video we show an LED light demo to ...
02:46
Wireless Power enables applications where it is difficult ...
07:41
LEDs are being used in current luxury model automotive ...
With design sizes expected to increase by 5X through 2020, ...
01:48
Linear Technology’s LT8330 and LT8331, two Low Quiescent ...
The quality and reliability of Mill-Max's two-piece ...
LED lighting is an important feature in today’s and future ...
05:27
The LT8602 has two high voltage buck regulators with an ...
05:18
Silego Technology’s highly versatile Mixed-signal GreenPAK ...
The quality and reliability of Mill-Max's two-piece ...
01:34
Why the multicopter? It has every thing in it. 58 of ...
Security is important in all parts of the IoT chain, ...
Infineon explains their philosophy and why the multicopter ...
The LTC4282 Hot SwapTM controller allows a board to be ...
This video highlights the Zynq® UltraScale+™ MPSoC, and sho...
Homeowners may soon be able to store the energy generated ...
The LTC®6363 is a low power, low noise, fully differential ...