What Security & Testing Do You Need For Your IoT Device?

1
What Security Testing Do You Need For Your IoT
Device?
2
What Kind of Security and Testing required?

• If youre creating an Internet of Things device
  or application, there are top five things to keep
  in mind during security testing
• Security
• 1. ENCRYPTION
• 2. AUTHENTICATION
• 3. PROTECTION FROM SIDE-CHANNEL ATTACKS
• Testing
• 1. RANGE
• 2. CAPACITY LATENCY
• 3. TESTING FOR MANUFACTURABILITY
• 4. APPLICATION-SPECIFIC TESTING
• 5. FCC ETSI/CE COMPLIANCE TESTING

3
Security1. Encryption

• There are two different approaches
• Where the data lives online.
• How the data gets to the internet.
• The standard practice is to use SSL, which you
  should use everywhere your data exists.
• On the wireless protocol side, you need to be
  sure the protocol youre using has built-in
  encryption.

4
Security2. Authentication

• If your data is encrypted, then be sure your
  device is talking only to you and that
  only you can talk to your device.
• A consequence of neglecting authentication is
  that anyone can make up information and send it
  to you.
• Youd have no way to verify that it isnt real.

5
Security3. Protection from Side-Channel Attacks

• Even with encryption and authentication, there
  are still other ways to gain illicit access to
  your system.
• Side channel attacks have less to do with the
  information itself and more with how the
  information is presented.
• The location itself may be encrypted, but the
  fact that youre sending a notification can tip
  someone off and allow for them to gain access. 

6
Testing1. Range

• Keep in mind that the network youre thinking
  about will fit your applications range needs.
• A potential customer can purchase development
  kit, setup a gateway, and take network tester out
  for a spin.
• In a mesh network, adding more repeaters lessens
  the capacity you have in your systemand
  eventually youll get to a breaking point.

7
Testing2. Capacity Latency

• Most people want to push the limits
  of capacity and latency .
• To increase the capacity of a network, by
  definition, youre increasing the latency.
• If you want to bring your latency down, youre
  going to affect the capacity of the network
  negatively.

8
Testing3. Testing for Manufacturability

• When a wireless module rolls off the assembly
  line, each one goes into a fixture that tests the
  power output, receiver sensitivity, and frequency
  accuracy.
• To manufacture this type of product, there are a
  few components youd have to keep in mind.
• Youd need the radio.
• Youd put the radio down on your own carrier
  board, which is usually your own design, with
  a host device.

9
Testing4. Application-Specific Testing

• If you are going to build a military-specific
  application, youll want to understand all of the
  specs beforehand and verify that the components
  youre adding to your device meet those specs.

10
Testing 5. FCC ETSI/CE Compliance Testing

• Once your end device is complete, youll have to
  go through FCC (in the U.S.) or ETSI/CE (in
  Europe) certification. In the U.S.
• You could buy a module with a pre-approved
  certification and put it into your end device,
  which allows it operate in the 900-928 MHz ISM
  band.

11
Looking for Security and Testing Solution for IoT
Device, Contact Us

• https//www.consagous.com/internet-of-things/
• https//www.consagous.com
• info_at_consagous.com

12
(No Transcript)