Toward a Safe and Secure Internet of Things
I wrote up a white paper about the cybersecurity issues that we will face as the Internet of Things becomes more common. I discuss issues like physical security, scale, lack of experience by manufacturers, and lack of tools and best practices.
One idea I also advance is this pyramid of IoT Devices. At the top tier we will all have a few devices that have a lot of computational horsepower, such as laptops, smartphones, and glasses. In the middle tier we will have dozens of devices that have moderate computational capabilities, but also only require a little bit of our attention. These include TVs, refrigerators, and smart toys. At the bottom tier are hundreds of cheap devices or ones that we are barely aware of. These include RFIDs, smart toilets, digital picture frames, electronic locks, smart meters, cheap environmental sensors, and more.
The bottom two tiers are the ones we need to worry about the most. The top tier already has major tech manufacturers worrying about the cybersecurity issues, but the other two often do not. Plus, devices in the bottom two tiers can't run standard endpoint security, will likely have battery constraints, poor networking, and minimal CPU processing.