IoT Needs Security All the Way Down to the Sensors

Charles Murray

September 12, 2016

3 Min Read
IoT Needs Security All the Way Down to the Sensors

Embedded applications are far more vulnerable to security risks than most engineers realize, an expert will tell attendees at the upcoming Design & Manufacturing Show in Minneapolis.

"You can't just say, 'The gateway is secure and the cloud is secure,' and assume that's enough," Alan Grau, president and co-founder of Icon Labs, told Design News. "We're trying to bring awareness to the fact that you need to have security all the way down to the end points."

In a session titled, "Strategies for Adding Security to Industrial IoT End Points," Grau will discuss the ways individual devices can be secured against cyber attacks and tampering. He will also explain how to identify and overcome challenges involved in securing embedded devices.

The end points, or sensors, are often overlooked in Internet of Things (IoT) applications, Grau told us. "You've got this huge proliferation of IoT end points that are starting to happen," he said. "But people haven't yet figured out how to address security for all these devices."

D&M Minn logoStrengthening IoT Endpoints. Learn the best practices for securing IIoT devices against cyber attacks and tampering during Alan Grau's Industry 4.0 session "Strategies for Adding Security to Industrial IoT Endpoints" at Design & Manufacturing, Sept. 21-22, 2016 in Minneapolis. Register here for the event, hosted by Design News’ parent company, UBM.

Numerous studies have shown that most IoT applications are woefully unprepared for cyber attacks. A 2014 study by Hewlett-Packard, for example, revealed that 70% of the most commonly used IoT devices contain gaping security holes. On average, such devices have 25 vulnerabilities, the study said. Similarly, a 2009 Columbia University study, Brave New World: Pervasive Insecurity of Embedded Network Devices, concluded that embedded devices were about 18 times more vulnerable to attack than enterprise devices, such as office laptops.

In his 30-minute talk, Grau will touch on authentication, security architectures, and successful integration of embedded security with enterprise security. "In the time we have, we'll start at the high level and then go down to the nuts and bolts," he said.

The session will take place on Thursday, Sept. 22, at 1:30 p.m. at the Minneapolis Convention Center.

Grau said he will target the talk at engineers and managers who are responsible for building connected devices. "If you're device is connected, then you need to be protecting it," he said. "So we will look at what you can do, what you should do, and how to get started."


Senior technical editor Chuck Murray has been writing about technology for 32 years. He joined Design News in 1987, and has covered electronics, automation, fluid power, and autos.

About the Author(s)

Charles Murray

Charles Murray is a former Design News editor and author of the book, Long Hard Road: The Lithium-Ion Battery and the Electric Car, published by Purdue University Press. He previously served as a DN editor from 1987 to 2000, then returned to the magazine as a senior editor in 2005. A former editor with Semiconductor International and later with EE Times, he has followed the auto industry’s adoption of electric vehicle technology since 1988 and has written extensively about embedded processing and medical electronics. He was a winner of the Jesse H. Neal Award for his story, “The Making of a Medical Miracle,” about implantable defibrillators. He is also the author of the book, The Supermen: The Story of Seymour Cray and the Technical Wizards Behind the Supercomputer, published by John Wiley & Sons in 1997. Murray’s electronics coverage has frequently appeared in the Chicago Tribune and in Popular Science. He holds a BS in engineering from the University of Illinois at Chicago.

Sign up for the Design News Daily newsletter.

You May Also Like