NXP FTF 2016: Is the hysteria around connected device security warranted?
I know, I know. We don’t pay enough attention to security. If you haven’t heard this enough over the past year to make your head spin, you probably haven’t been paying attention.
But really, how valid are some of the security concerns on the Internet of Things? From the Jeep hack to insulin pumps and pacemaker compromises, all of the white hats involved had not only intimate knowledge of the systems they were attacking, but ample time and physical access. So, should we really be that worried about our connected devices suddenly turning on us at the whim of some teenager in a basement? Or is it, like so many other things today, a story that has been overblown by members of the media looking for click bait?
Mike Rohrmoser, Director of Product Management for the Embedded Systems division at Digi International, believes there’s cause for concern.
In one of the most interesting takes on IoT security I’ve heard in a while, Mike told me in an interview that the advent of the Maker movement has exposed more people to technology than ever before. Now, individuals who would have thought a JTAG was some sort of schoolyard game are becoming familiar with how to access the interface to control embedded devices. This puts the onus on the embedded industry to stay ahead of the security curve.
At NXP’s 2016 FTF, Digi International announced the release of its ConnectCore 6UL system-on-module (SOM) based on the NXP i.MX 6UltraLite applications processor. But more than a run-of-the-mill embedded board, the ConnectCore 6UL integrates Digi’s TrustFence Device Security Framework, which is an enablement solution that combines with an onboard secure element to provide access control, authenticated boot, encrypted data storage, and secure connections and software updates. Tamper proofing measures are also enabled by the secure element so that device memory can be wiped in the event of cyber attack.
For more information on the ConnecCore 6UL and available development kits, visit the Digi website. To hear Mike’s thoughts on security for the Industrial IoT and connected embedded, check out our interview below.