Why security should be “designed in” rather than added as an afterthought
We all hear of high-profile IoT security breaches in vehicles, medical devices, home automation and other electronic applications. One would expect the desire to avoid unnecessary financial liabilities and bad PR would motivate IoT product makers to implement adequate security requirements going forward. And one would generally be wrong.
Design teams don’t include security in their designs unless specifically required to do so, and many OEMs won’t require security until they see projected financial losses resulting from a lack of security that exceeds the perceived cost of including security. Because many IoT solutions have a 10-year system lifetime, there are many years for security risks to generate financial losses. The costs to retroactively repair production units in the field in a recall are far more than 10X the costs of addressing security during the design phase of a project. As the old saying goes, there is never enough time to do a job right, but there is always enough time to do it over again in order to fix it. It is better to “design in” security rather than add it later as an afterthought.
The good news is that Moore’s Law has been working in favor of security and there are now powerful cryptographic security ICs that cost-effectively address all IoT security risks. The use of cryptography through security ICs is essential to securing all IoT devices and many other electronic products. In a prior blog titled, “Robust IoT security costs less than you think,” I gave an example of how effective IoT security can be accomplished using a provisioned cryptographic IC that adds less than $1 to a bill of material (BOM). Implementing public-key cryptography for IoT devices requires significant expertise, but organizations can turn to IoT security partners who are capable of providing complete, robust security solutions, typically in a matter of weeks, which is mostly performed in parallel with other development efforts.
Obviously any cryptographic key can theoretically be broken using a brute-force attack with sufficient computing power. The practical approach of modern cryptography is to use a key of sufficient length that it can’t be broken without a large amount of computing power that would cost significantly more than the value of the contents that the cryptography protects. The good news is that the above mentioned $1 cryptographic IC utilizes 256-bit Elliptical Curve Cryptography (ECC) keys, each of which is so secure that the computational power to break a single key would require computing resources in cost greater than 100 million times the entire world’s GDP (75 trillion USD) working for an entire year.
Modern cryptographic ICs make IoT security so affordable that IoT product makers no longer have any valid excuse to continue ignoring IoT security risks. You can then be relieved when it is your competitor’s product and not your product that has is the subject of a high-profile article regarding an embarrassing and entirely avoidable security vulnerability.