General IoT Security

Go To Last Post
2 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

 

Greetings -

 

From other messages, the emphasis seems to be crypto, but I have a more general question.

 

Lets say that I have a wireless gateway and a bunch of sensors out on proprietary wireless links (maybe LoRa, maybe something else LONG range). No attempt to behave as a tcp/ip link, it just transfers data (maybe on request from the gateway, maybe not). There will be some sort of security at the gateway. Certainly the usual tcp/ip stuff, including firewall.

 

But, what is the current thinking about security on past the gateway? 

 

One metric is certainly the cost of an intrusion or hack. In this case, it would be  lost data. But, no real-time decisions will be made based on this data. It will simply be the loss of someone's research time and money. What if someone spoofs a real sensor and injects bogus data into the system. Again, annoyance! It would be worse if someone simply steals a sensor - then you would loose data and the sensor. What if someone intercepts the data? Ho hum? Temperature data is sure going to do someone a lot of good and earn them big money, right? Well, it might not be temperature, but it will be something of similar importance. 

 

With all this frantic hand wringing about not paying attention to IoT security, I hope that someone can provide some insight into what really is important and useful in these low-value, low(er) tech IoT devices as far as security is concerned. Mine will be Mega/Tiny AVRs so, at most, minimal encryption might be possible, but I sincerely question the cost compared to the potential loss.

 

Any thoughts or suggestions?

Thanks

Jim

Jim Wagner Oregon Research Electronics, Consulting Div. Tangent, OR, USA http://www.orelectronics.net

Last Edited: Fri. Dec 4, 2015 - 02:44 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Thread continues here:

 

https://www.avrfreaks.net/forum/g...

I would rather attempt something great and fail, than attempt nothing and succeed - Fortune Cookie

 

"The critical shortage here is not stuff, but time." - Johan Ekdahl

 

"Step N is required before you can do step N+1!" - ka7ehk

 

"If you want a career with a known path - become an undertaker. Dead people don't sue!" - Kartman

"Why is there a "Highway to Hell" and only a "Stairway to Heaven"? A prediction of the expected traffic load?"  - Lee "theusch"

 

Speak sweetly. It makes your words easier to digest when at a later date you have to eat them ;-)  - Source Unknown

Please Read: Code-of-Conduct

Atmel Studio6.2/AS7, DipTrace, Quartus, MPLAB, RSLogix user

Topic locked