The internet landscape is burgeoning. It’s not just about computers, laptops, tablets, and smartphones anymore. Now a multitude of devices are internet-connected and play a part in our everyday life. So how can the industry ensure its security? Briony Richter looks into GlobalPlatform’s IoTopia solution.
The future of IoT has the potential to be limitless. Progress to the industrial internet will be driven through increased network agility, stronger security and the ability to deploy, automate and secure the various use cases at a fast pace.
When it comes to security however, IoT has particularly unique requirements. It’s not as simple as putting in a password to verify an IoT device. Connecting devices is different from connecting individuals to their devices. The systems that run our computers are constantly updated and IoT must work at all times; achieving that is tricky.
The launch of IoTopia
GlobalPlatform, the standard for secure digital services and devices, has launched IoTopia, which it describes as “a comprehensive framework for IoT security”.
IoTopia builds on GlobalPlatform’s continuing work to secure IoT. It promotes a common framework for standardising the design, certification, deployment and management of IoT devices.
Through this, IoTopia device security will be tested to meet the requirements of the market by building upon four main pillars:
- Security by Design: capabilities and features that aim to go beyond best practice and define how secure components and APIs can be paired with existing secure by design standards.
- Device Intent: IoTopia leverages IETF’s manufacturer usage descriptions (MUD) and uniform resource identifier (URI). This will efficiently and securely manage device permissions and access on networks.
- Autonomous, Scalable, Secure Device Onboarding (SDO): IoTopia will aim to deliver an open, transparent and secure onboarding process which will streamline network administration.
- Device Lifecycle Management: a wide range of features and capabilities to manage devices throughout their entire lifecycle, including updates and maintenance to services, in line with international regulations.
22 billion connected devices by 2024
According to the latest estimate from Ericsson, there will be around 22 billion connected devices across the world by 2024. From washing machines to sensors on public transport, IoT is continually evolving the systems that consumers use daily.
With so many connected devices available and more to come, security of IoT is critical.
Speaking about the need for enhanced security for IoT, Kevin Gillick, GlobalPlatform’s executive director, said:
“The IoT ecosystem needs to get serious about cybersecurity. Many of today’s connected objects do more than simply provide information at your fingertips – they make use of sensitive data, gather information and even impact the physical world, in many cases in critical ways.
“In light of this, there is a need for ubiquitous and standardised end-point and network security to prevent devices from becoming an entry point into a network or a platform for attacks. These are serious security concerns that need to be addressed to realise the market potential of IoT – which is why we have launched IoTopia.”
As the number of connected devices grow, identifying each device becomes increasingly important, and complex. However, another factor that must not be ignored is privacy. Data is extremely valuable and precious to each individual. Respecting the right to data protection is becoming increasingly difficult but it is critical for the ongoing trust of consumers and whether society as a whole will trust IoT devices in the future.
GlobalPlatform IoTopia Committee Chair, Russ Gyurek added:
“IoTopia will provide a detailed but executable framework that is standards-based, industry-wide and able to evolve as security capabilities and requirements change.
“Importantly, IoTopia is bringing together global and regional guidelines and requirements to help device manufacturers build products and services that satisfy regulatory mandates. This offers the flexible security blueprint that is needed for device makers to build secure devices without having to become cybersecurity companies or experts.”
Going forward, security management must be approached in innovate ways, moving away from reactive to proactive and fully automated. It won’t just be consumers that will continue to use devices. More than ever, whole cities are adopting IoT technologies in order to save time and money.
In the near future, the combination of IoT and cloud computing will inevitably boost the growth of the IoT systems and cloud-based services across global societies.