Security Must Be Baked into IoT Protocols

    Slide Show

    5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

    There is no shortage of discussion on the vast potential of the Internet of Things (IoT). Increasingly, this promise is being translated into reality.

    What is unclear is whether the full potential will be reached, or if the intimidating complexities of establishing such a network (or network of networks) will bog the whole thing down. In this version of the future, the IoT will collapse into a series of unconnected or semi-connected islands with varying degrees of functionality and security. If that happens, it is possible to say that we would be better off if the concept was not introduced at all.

    According to ComputerWorld, the linchpin of success or failure will be the protocols that, in essence, are sort of a technical Esperanto that enable disparate devices to exchange information and otherwise communicate even if the networks have little in common. For instance, an IoT network used by a shipping firm would need to communicate with a vendor of a product that wants to use it to move its wares overseas – even if there previously was no relationship between the two.

    The Thread Group, which focuses on IoT protocols in the consumer sector, is making a move to have its approach become standardized in industrial and commercial networks. This branch of the IoT is often referred to as the Industrial Internet of Things (IIoT).

    Computerworld says that the new spec that Thread is working on will be ready by late next year or in early 2018. More broadly, the story says that here are signs that the fractious world of IoT protocols is sorting itself out:

    For example, the AllSeen Alliance recently merged with the Open Connectivity Foundation, and the Thread Group has partnerships with OCF and others to make its networking protocol work with their upper-layer software.

    The work of these engineers and designers is fascinating. Lynnette Reese at Embedded Computing takes a look at what Thread is. She also mentions its competitors, which include ZigBee, Z-Wave and Bluetooth Low Energy (BLE).

    Thread, she wrote, is structured around an existing standard, IEEE 802.15.4. It takes a multilayered approach: The ability to perform necessary functions is defined at each. There are six layers in Thread (the story includes a nice graphic). Security and commissioning is associated with three of them. The various approaches share elements in some cases and are unique in others.

    Security, of course, is a huge element of any IoT protocol. A distributed denial of service (DDoS) comprised of compromised IoT-based devices brought the Internet to its knees last month. It may not be a one-time occurrence. The New York Times today described a paper in which researchers from the Weizmann Institute of Science (Israel) and Dalhousie University (Halifax) found flaws in a smart lightbulb from Philips. It suggests that malware “could be spread like a pathogen among the devices by compromising just one of them.” Unless, of course, the protocols connecting all these devices are strong enough to stop them.

    The bottom line is rather simple: the internet has always been a dangerous place. The proliferation of millions and millions of inexpensive connected devices will make it orders of magnitude more threatening. One of the key ways to keep those fears from being realized is to have extraordinarily airtight protocols.

    Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at and via twitter at @DailyMusicBrk.



    Carl Weinschenk
    Carl Weinschenk
    Carl Weinschenk Carl Weinschenk Carl Weinschenk is a long-time IT and telecom journalist. His coverage areas include the IoT, artificial intelligence, artificial intelligence, drones, 3D printing LTE and 5G, SDN, NFV, net neutrality, municipal broadband, unified communications and business continuity/disaster recovery. Weinschenk has written about wireless and phone companies, cable operators and their vendor ecosystems. He also has written about alternative energy and runs a website, The Daily Music Break, as a hobby.

    Get the Free Newsletter!

    Subscribe to Daily Tech Insider for top news, trends, and analysis.

    Latest Articles