Engineers Garage

  • Electronic Projects & Tutorials
    • Electronic Projects
      • Arduino Projects
      • AVR
      • Raspberry pi
      • ESP8266
      • BeagleBone
      • 8051 Microcontroller
      • ARM
      • PIC Microcontroller
      • STM32
    • Tutorials
      • Audio Electronics
      • Battery Management
      • Brainwave
      • Electric Vehicles
      • EMI/EMC/RFI
      • Hardware Filters
      • IoT tutorials
      • Power Tutorials
      • Python
      • Sensors
      • USB
      • VHDL
    • Circuit Design
    • Project Videos
    • Components
  • Articles
    • Tech Articles
    • Insight
    • Invention Stories
    • How to
    • What Is
  • News
    • Electronic Product News
    • Business News
    • Company/Start-up News
    • DIY Reviews
    • Guest Post
  • Forums
    • EDABoard.com
    • Electro-Tech-Online
    • EG Forum Archive
  • DigiKey Store
    • Cables, Wires
    • Connectors, Interconnect
    • Discrete
    • Electromechanical
    • Embedded Computers
    • Enclosures, Hardware, Office
    • Integrated Circuits (ICs)
    • Isolators
    • LED/Optoelectronics
    • Passive
    • Power, Circuit Protection
    • Programmers
    • RF, Wireless
    • Semiconductors
    • Sensors, Transducers
    • Test Products
    • Tools
  • Learn
    • eBooks/Tech Tips
    • Design Guides
    • Learning Center
    • Tech Toolboxes
    • Webinars & Digital Events
  • Resources
    • Digital Issues
    • EE Training Days
    • LEAP Awards
    • Podcasts
    • Webinars / Digital Events
    • White Papers
    • Engineering Diversity & Inclusion
    • DesignFast
  • Guest Post Guidelines
  • Advertise
  • Subscribe

The Fundamentals of IOT Security

By Vikas Gulia February 22, 2016

IoT, stands for Internet of things, term was first sprouted in the mind of Kevin Ashton at Auto-ID center at Massachusetts Institute of Technology in 1999. IoT is trending at very high pace in the scientist and researcher society. IoT alone holds a market potential of upto $14 trillion. By this fact we can assume what IoT hold inside for humanity.

IoT is not as simple term as it looks. IoT is basically concept of giving a conscious to the things/device all around us. IoT can be seen as Inter-Network of devices/things which are connected to the internet/WWW too. In very simple word, I can say IoT takes data from the surrounding or things around us, do computing, store (both data & result) in the cloud and gives us output as per our requirement. This is only possible by mean of network of sensor commonly referred as WSN. The WSN keep track of the all the activities around it and update it on the cloud. Now if we look at Cloud, it is nothing but an online storage and computing place made up of interconnected servers and devices itself. WSN will be continuously operating and sending the data to the personalized cloud. Based on the user perspective and requirement it will fetch the info to the user. Since all the data is stored and managed at the Cloud, there is high level risk of data hack. The Rate of data transfer is also increased with Cloud computing. To avoid data stealing and maintain optimum solution for individual data, Network Security plays and important role. Since IoT deals with the decentralization of the Entire network we need to provide Security from the bottom level of hierarchy without affecting the power performance.

Graphical Image Showing IoT Smart City and its Security

Fig. 1: Graphical Image Showing IoT Smart City and its Security

The IoT infrastructure consist of mainly 4 basic module: WSN or sensor Hub, wireless connectivity solution, cloud computing and storage solution and finally the user device Network. All these nodes can be PC or laptop, mobile device like phone or tablet or any other PDA or embedded computing device. IoT is a representation of Connected World. And therefore the security must be provided at every node. Mainly there are 4 major security threats exist in the IoT Inter-Network structure and those are: Fake Device, Eavesdropper, Fake communication and Fake Server. Any of these can hack into the system & steal all the information. So we need an authentication mechanism implemented at every stage. So, any failure in authentication will lead to access restriction. The Fake device can be any simple device using the ID of genuine device/user. It communicate on behalf of the genuine device and use his authorization to get the access. An eavesdropper is any genuine or fake device which monitors the flow of the data without changing or tempering the sequence of request to-&-from server or device. Eavesdropping attack cant be checked/verified by simple means because it doesn’t cause any dis-integrity in the data. So the probability of detection of eavesdropping attack or threat is very less. Fake server basically an intermediate server which connects to the device with the same attributes as of main server. It copies the physical aspect of the main server and disguise itself. It process all the request coming from the device and then send to the main server. This way it hacks the data transferring between device and main server. There are very less chances of hack if we safeguard all the nodes and authenticate then at each log-in. Such a Security infrastructure can be achieved using modern cryptographic techniques which provides authentication, data integrity, confidentiality of the data, verification of authorization at all the nodes. Each node having its own digital signature and authentication, help in reducing the probability of possible threat to an IoT network. Having a safe firewall security system provide a better mean of access proofing from unauthorized intrusion attacks from unknown and unsecured devices.

IoT acting as the standard backbone for networking of all the device, it need to be safe from all sort of attacks and insecure accesses. The connection between any 2 device must be associated and secured before transferring any data on it. To do so, we need to mutually authenticate the request at both nodes and then encrypt the data being transfer. Standard asymmetric cryptographic techniques provide better solution for authentication and verification.

Only Securing the nodes is not enough for overall network security. We need to follow standard protocols to transfer the data in order to secure the medium of transfer. There are many protocols standardized by ISO, IEEE, NIST..etc which help in safeguarding the medium of transfer. The protocols provide safety from eavesdropping attack by following standardized method of connections establishment. Utilizing standard protocols help in better compatibility and connectivity with the existing network and resources. IoT mainly utilizes three types of protocols: device to device(D2D) protocol, Device to server (D2S) protocol, Server to server(S2S) protocol. Note that here device can be a sensor node or a user interface. The fig below show the protocol network handled in the IoT

Graphical Diagram Showing How Protocol Network is Handled in IoT

Fig. 2: Graphical Diagram Showing How Protocol Network is Handled in IoT

Since IoT handles the networking between any two device it need to be standardized by the protocol based connectivity and then those connection must be secured using the cryptographic techniques. Here D2D protocol enables device to communicate with each other. D2D can provide data storage, computing and transferring functionality to the user. Since device can be anything, D2D protocols are designed so as to provided adequate solution in case device change from user interface device to sensor node. Same method must be employed in order to establish the connection between device to server and server to server by using D2S and S2S protocol respectively.

Another important aspect of IoT is the Connectivity. Since we have two option of connectivity i.e Wired or Wireless. There are separate protocol standard for both wired and wireless connectivity. For wired connection we need to maintain standard IEEE based high speed LAN bus protocols whereas in case of Wireless we need follow standard IEEE based wireless protocols. Since all these protocols are having backward compatibility and interlinked to other version and platform, all the existing device also can become the part of this IoT inter-network. The device following standard protocol provide better compatibility and security to the IoT.

Every day new application and software deploy new threats, malicious activities and security issues to IoT. One very promising solution to such issues is: Layer Based Designing. This concept allows us to provide better, robust, ready to use network, high secure and faster system. A device’s data is encapsulated in different layer to provide multilevel security and in the same fashion the server DE-encapsulate the received data. With the advancement of the semiconductor industry, the rate of data processing is increased which allow faster data transfer and computing. This leads to faster response and better efficiency. Another very proficient method to avoid unsecured and unwanted access to the secure IoT network implemented in the corporate is firewall and anti-virus software. The security is enhanced by these two as they do not allow any unauthorized access or eavesdropping attack on the network, and if by any mean intruder gained access then that will be detected. Anti-virus and anti Malware software provide very strong solution to the breach in the network. MAC address, IP address and other physical address are blacklisted in the server so as to restrict their access in the future. We can start some specific software for restricting and safeguarding out IoT inter-network.

There are other method which can be employed in order to increase the security of the IoT from the boot time onwards by using secure booting methodologies. Secure Boot is a concept the firmware or device boot up only once it get authenticated and verified for the correct software running over it. If any Malware or malicious software tries to boot the device it will lead to shutdown, and device will not boot. This method reduce the chances of getting unauthorized access in the IoT as only verified and certified code/application will run in the device/server. The firmware and application are digitally signed by the actual authorized user only. Once this signature matches with the stored code in the OTP memory of device, the device boot securely without any malicious access or intrusion attack. Same way digital signature can be used to authenticate the other device or user getting connected to this device. Once they verify there signature it will be authenticated and connection will b established. This method provide access control. If any kind of spoofing is detected then firewall and anti-virus software restrict their access and secure the device.

So, the security in IoT network must be implement from the bottom of the hierarchy using secure cryptographic techniques, which start from the firmware and standard protocols. Hardware must be secured by mean temper security and software must be secured by using Secure Boot. This way we can secure the nodes, and utilizing standard protocol for data transfer, we can secure the connections.


Filed Under: Articles

 

Next Article

← Previous Article
Next Article →

Questions related to this article?
👉Ask and discuss on EDAboard.com and Electro-Tech-Online.com forums.



Tell Us What You Think!! Cancel reply

You must be logged in to post a comment.

EE TECH TOOLBOX

“ee
Tech Toolbox: 5G Technology
This Tech Toolbox covers the basics of 5G technology plus a story about how engineers designed and built a prototype DSL router mostly from old cellphone parts. Download this first 5G/wired/wireless communications Tech Toolbox to learn more!

EE Learning Center

EE Learning Center
“engineers
EXPAND YOUR KNOWLEDGE AND STAY CONNECTED
Get the latest info on technologies, tools and strategies for EE professionals.

HAVE A QUESTION?

Have a technical question about an article or other engineering questions? Check out our engineering forums EDABoard.com and Electro-Tech-Online.com where you can get those questions asked and answered by your peers!


RSS EDABOARD.com Discussions

  • Industrial Relay Board Design for Motorcycle Use
  • Sendust vs Ferrite for SMPS
  • connector model question
  • value of feedback resistance in self biased inverter
  • sim7090g

RSS Electro-Tech-Online.com Discussions

  • using a RTC in SF basic
  • ac current limiting
  • I Wanna build a robot
  • It's Amazing What A Buck And A Quarter....
  • Microinverters and storeage batteries?

Featured – LoRa/LoRaWan Series

  • What is the LoRaWAN network and how does it work?
  • Understanding LoRa architecture: nodes, gateways, and servers
  • Revolutionizing RF: LoRa applications and advantages
  • How to build a LoRa gateway using Raspberry Pi
  • How LoRa enables long-range communication
  • How communication works between two LoRa end-node devices

Recent Articles

  • Infineon launches 3D magnetic sensors with ±50 mT to ±160 mT measurement ranges
  • Nexperia adds 1200 V 20 A silicon carbide Schottky diodes to power portfolio
  • EPC introduces 15 ARMS per phase motor drive in 32 mm diameter form factor
  • Non-contact angle sensors deliver +0.3% linearity across full measurement range
  • TDK introduces RGF board-mount EMI filters for high-current power supply applications

EE ENGINEERING TRAINING DAYS

engineering

Submit a Guest Post

submit a guest post
Engineers Garage
  • Analog IC TIps
  • Connector Tips
  • Battery Power Tips
  • DesignFast
  • EDABoard Forums
  • EE World Online
  • Electro-Tech-Online Forums
  • EV Engineering
  • Microcontroller Tips
  • Power Electronic Tips
  • Sensor Tips
  • Test and Measurement Tips
  • 5G Technology World
  • Subscribe to our newsletter
  • About Us
  • Contact Us
  • Advertise

Copyright © 2025 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy

Search Engineers Garage

  • Electronic Projects & Tutorials
    • Electronic Projects
      • Arduino Projects
      • AVR
      • Raspberry pi
      • ESP8266
      • BeagleBone
      • 8051 Microcontroller
      • ARM
      • PIC Microcontroller
      • STM32
    • Tutorials
      • Audio Electronics
      • Battery Management
      • Brainwave
      • Electric Vehicles
      • EMI/EMC/RFI
      • Hardware Filters
      • IoT tutorials
      • Power Tutorials
      • Python
      • Sensors
      • USB
      • VHDL
    • Circuit Design
    • Project Videos
    • Components
  • Articles
    • Tech Articles
    • Insight
    • Invention Stories
    • How to
    • What Is
  • News
    • Electronic Product News
    • Business News
    • Company/Start-up News
    • DIY Reviews
    • Guest Post
  • Forums
    • EDABoard.com
    • Electro-Tech-Online
    • EG Forum Archive
  • DigiKey Store
    • Cables, Wires
    • Connectors, Interconnect
    • Discrete
    • Electromechanical
    • Embedded Computers
    • Enclosures, Hardware, Office
    • Integrated Circuits (ICs)
    • Isolators
    • LED/Optoelectronics
    • Passive
    • Power, Circuit Protection
    • Programmers
    • RF, Wireless
    • Semiconductors
    • Sensors, Transducers
    • Test Products
    • Tools
  • Learn
    • eBooks/Tech Tips
    • Design Guides
    • Learning Center
    • Tech Toolboxes
    • Webinars & Digital Events
  • Resources
    • Digital Issues
    • EE Training Days
    • LEAP Awards
    • Podcasts
    • Webinars / Digital Events
    • White Papers
    • Engineering Diversity & Inclusion
    • DesignFast
  • Guest Post Guidelines
  • Advertise
  • Subscribe