The question of firmware updates for IoT devices is one that any company using IoT needs to consider. In order to keep the IoT firmware secure, and provide services and support to IoT devices already deployed in the field, firmware needs to be updated on a regular basis.
Many IoT devices are designed to be “low-power,” which means that they need to consume energy as efficiently as possible. These devices may rely on a simple battery that will need to power them for months or years without human intervention.
However, it can be difficult for low-power IoT devices to receive updates consistently. These low-power IoT devices have only limited resources available, making it a challenge to get some activities accomplished. This restriction creates a resource control issue in which one needs to pick and choose the security features implemented.
In this article, we’ll discuss special considerations for IoT firmware security when it concerns low-power IoT devices.
What You Need to Consider with IoT Firmware Security
The question of IoT firmware security should be approached differently when it comes to low-power devices.
First, consider how available the device will be. The further away the device is from direct access to the Internet, the less amount of critical code should be running on it. The most complex code should be in the cloud or run as close to the local hub as possible.
The easiest way to update or change an IoT device is at the local hub. Updating a device that’s in the field connected to Wi-Fi is more challenging, but still easier than a device that may sometimes have its power turned off or may be unavailable due to being out of range, etc.
Second, consider the limitations of low-power IoT devices. What do you expect the device to be able to do? Features such as cryptography, for example, will be more difficult due to restrictions that make executing encryption algorithms difficult or impossible.
Developers of low-power IoT devices will have to make decisions based on the limited resources available. Consider the tradeoffs when the device lies at the edge of the system—for example, could it be worth storing certain things in plain text?
Best Practices for Low-Power IoT Firmware Security
Security from an IoT firmware standpoint can mean a lot of different things. It’s not just a yes/no binary question about whether a device is secure. Rather, it’s a matter of choosing the best way to secure the device and its data based on the tradeoffs and sacrifices that you’ll inevitably have to make.
The following are some of the best practices for low-power IoT firmware security:
- Storing data such as user information, passwords, Wi-Fi credentials, and API tokens at the edge of the IoT network is almost always a bad idea. You should try to hold as little as possible in memory. Instead, upload sensitive information to the cloud, where security can be more easily managed.
- IoT devices at the edge shouldn’t have access to other attack vectors. For example, if a device communicates with a mobile phone, then there’s no need for it to be connected to the Wi-Fi router as well.
- Expect that you won’t be able to guarantee firmware updates for IoT devices in the field. The device should theoretically be able to continue operating without updates. As a result, any sensitive data processing or storage (such as handling user credentials) must be as confined and limited as possible in the event of a security flaw.
What Happens Without IoT Firmware Security?
If you fail to properly implement IoT firmware security, the consequences can be severe.
For example, there is a greater risk that hackers may exfiltrate valuable information from a device if the proper security measures aren’t in place, leading to intellectual property (IP) theft. They may also be able to control the deployed system remotely, causing it to behave in unexpected and even dangerous ways.
Some of the concerns regarding faulty IoT firmware security include:
- If physical access is granted to the device, then you need to assume that all of the device’s code and hardware would be available to a malicious actor. In particular, be careful using client-side SSL if an attacker is able to get physical access to a device.
- You should not be able to escalate to different levels of user access. The IoT devices at the edge of the network should not have access to information or devices that it doesn’t explicitly need access to.
- Encryption is a possibility for IoT firmware to protect sensitive information in plaintext, but you need to make sure you choose the right encryption algorithm. Cryptography is a constant battle between cryptographers and attackers, and many algorithms previously thought secure have been found to have weaknesses. There is promising research being done into encryption algorithms that can be implemented on resource restricted devices.
Consider the Tradeoffs
There are many considerations when it comes to security for low-power IoT devices, some of which differ from IoT security best practices at large. If you plan on using low-power devices in your IoT deployment, it’s crucial to work with an expert IoT security partner who knows the security tradeoffs that are worth making.
At Very, we create secured low-power IoT devices that are capable of protecting our clients’ sensitive information. To learn more about the IoT development process, check out our complete guide to IoT development.