Internet of Things

When Your Thing Won’t Behave: Security Governance in the Internet of Things

November 10, 2024

The Perils of Interconnected Smart Things

The Internet of Things (IoT) has ushered in a new era of interconnected devices, promising a future filled with smart homes, intelligent vehicles, and seamless automation. However, this digital transformation also brings with it a growing concern – the security challenges posed by the widespread use of technology platforms (TPs) in IoT devices.

Smart things, from webcams and refrigerators to drones and industrial control systems, are no longer isolated entities. They are now equipped with high levels of connectivity, both within networks (intra-network) and across networks (inter-network). This increased connectivity has opened the door to a concerning trend: security vulnerabilities in one smart thing can rapidly spread to others that share the same TP, leading to cascading effects and large-scale exploits.

The Mirai botnet attack in 2016 serves as a prime example. Carried out by a network of over 500,000 IoT devices, this distributed denial-of-service (DDoS) attack disrupted the accessibility of popular web services like Twitter and Netflix. Another incident, the ZigBee exploit, could brick Philips Hue devices or use them for further DDoS attacks, thanks to the built-in wireless connectivity that allowed the exploit to spread to nearby devices. CVE-2016-2148, CVE-2018-1000517, and CVE-2022-48174 are examples of vulnerabilities in the widely-used BusyBox TP, which has been integrated into millions of IoT devices, from programmable logic controllers (PLCs) to remote terminal units (RTUs).

These incidents highlight a concerning trend: security vulnerabilities in TPs can have far-reaching consequences, potentially transforming the IoT from a promising paradigm into a costly botnet of interconnected devices. As the number of smart things and their interconnectivity continues to grow, the need for effective security governance becomes increasingly critical.

Modeling the Risks of Technology Platforms in the IoT

To understand the implications of TP use in the IoT, we can draw insights from an established risk quantification approach used in the automotive industry. Kang et al. (2015) introduced a Bernoulli mixture model to assess the risk of platform sharing, which we can adapt to the IoT context.

In this model, a TP is defined as “a general-purpose technology that enables a family of applications and related business opportunities” (Fichman, 2014). In the IoT, such TPs can take different forms, such as operating systems, hardware platforms, or even standardized protocols and security guidelines.

The model distinguishes between the following key concepts:

Platform: The set of design components (software modules or physical parts) that are commonly shared by a range of different smart things.
Model: An individual smart thing that is based on a specific TP.
Unit: A single, manufactured instance of a smart thing.
Vulnerability: A weakness in the design, implementation, or configuration of a system that allows unauthorized actions.
Exploit: A successful attack that takes advantage of a vulnerability, resulting in unauthorized access or consequences.

The risk of TP use in the IoT can be quantified by the probability of large-scale exploits, i.e., the likelihood that the number of exploited units across all smart thing models exceeds a certain threshold. This threshold can be interpreted as the “epidemic threshold,” beyond which cascade effects are likely to propagate the exploit throughout the interconnected IoT network.

The model’s key parameters that influence this risk are:

Correlation: The degree of similarity between different smart thing models that share the same TP. Higher correlation means the vulnerabilities and exploits are more likely to be shared across models.
Vulnerability Probability: The likelihood that a TP contains a design flaw or weakness that could be exploited.
Exploit Probability: The probability that a known vulnerability is successfully leveraged to carry out an attack.
Platform/Model Size: The number of units (i.e., manufactured instances) of a smart thing model that are deployed.

By understanding the interplay of these parameters, we can derive insights into the trade-offs between the costs of conformity (i.e., expenditures associated with identifying and preventing vulnerabilities) and the costs of non-conformity (i.e., expenditures for rework, maintenance, liability damages, or litigation) for TP use in the IoT.

Governance Implications for Individuals, Companies, and Regulators

The insights from the Bernoulli mixture model can guide IoT security governance at different levels:

Individual Level:
– Individuals using smart things should be proactive in ensuring regular software updates and security checks to mitigate known vulnerabilities.
– Vigilance in monitoring IoT devices for unusual behavior, such as high-frequency server requests, can help detect potential exploitation.

Company Level:
– Manufacturers using TPs in IoT products must carefully consider the trade-off between conformity costs (e.g., security audits, vulnerability assessments) and non-conformity costs (e.g., recalls, software updates, liability).
– Implementing measures to secure communication interfaces and enable secure connectivity, such as access control policies and hardware security modules, can help limit the spread of exploits.
– Structured TP selection processes and regular audits can aid in managing the risks associated with platform use.

Regulatory Level:
– Policymakers and regulators should establish guidelines and requirements for IoT device security, potentially including mandatory patch times, update cycles, or liability frameworks.
– Regulatory bodies can engage in proactive cybersecurity efforts, such as identifying vulnerable IoT devices and alerting the public, as well as providing security consultancy services.
– Clear definitions of responsibilities between TP suppliers, manufacturers, and end-users are necessary to minimize the negative impacts of exploits.

By considering the identified parameters (correlation, vulnerability probability, exploit probability, and platform/model size) and their implications, individuals, companies, and regulators can work together to strike a balance between the benefits of IoT and the need for comprehensive security governance.

Conclusion: Taming the IoT Sorcerer’s Apprentice

The IoT paradigm, with its promise of interconnected smart things, has undoubtedly transformed our lives. However, the widespread use of TPs in IoT devices has also introduced new security challenges that can quickly escalate into large-scale exploits, threatening the very value proposition of the IoT.

Drawing insights from the Bernoulli mixture model, we have explored the key factors influencing TP-related security risks in the IoT. Understanding the trade-offs between conformity and non-conformity costs, as well as the interplay of correlation, vulnerability, exploit probabilities, and platform/model size, is crucial for guiding effective IoT security governance.

Ultimately, taming the “IoT sorcerer’s apprentice” will require a collaborative effort between individuals, companies, and regulators. By implementing robust security measures, fostering transparency, and establishing clear responsibilities, we can harness the transformative potential of the IoT while mitigating the risks posed by its interconnected smart things. The time to act is now, before the IoT’s alluring promise is overshadowed by the looming spectre of large-scale security breaches.