Naar hoofdinhoudKlik om onze Toegankelijkheidsverklaring te lezen of neem contact met ons op als u vragen over toegankelijkheid heeft.

Wireless security camera

5 Reasons Why IoT Security Is Difficult

IoT security, no longer an afterthought

The Internet of Things (IoT) — smartphones, multifunction printers, connected homes, self-driving cars and more — is everywhere. That’s the good news. The bad news: Hackers and cyber thieves know how to attack these devices in order to access your data or industrial control systems.

What’s worse, legions of IoT sensors, actuators, controllers and computing devices are connected to much of the world’s critical infrastructure. Most of these devices were designed long before hackers and electronic intrusions entered our consciousness. This means that smart power grids, nuclear power plants, military command centers, smart city installations and transportation systems — to name a few — present rich targets for hackers and other bad actors.

For this reason, designers, operators, vendors and users of today’s IoT systems no longer have luxury of prioritising flexibility and interoperability in their IoT designs. Now, IoT security and privacy must be top of mind.

Researchers at PARC, a Xerox company, have noticed this. As a result, one of PARC’s missions is to develop innovative security solutions that prevent attacks on your cyber-physical device fleets that are part of the broader IoT world.

PARC researchers Ersin Uzun and Shantanu Rane define the problem:

Industrial controls: Originally restricted to their physical environment, these devices are now connected to computer networks. A device can become a gateway to your network if an attacker either presents the right credentials, or finds a way to bypass the credentials altogether.

A rich surface of attack: Advances in computation and connectivity have spawned solutions that automate, improve and simplify key tasks such as gathering sensor readings on a production line, implementing smart supply chains that verify the freshness of a food shipment, programming precise cuts and shapes that CNC machines execute on a block of metal. They have also, unfortunately, exposed a rich attack surface that can be exploited by hackers.

Security-by-design is difficult: This is because the system designer must understand the potential attacker, and the myriad creative ways in which he or she can compromise a particular system.

Complex solutions: Cybersecurity solutions can be far too complex for the low-power, inexpensive sensors that some industrial and enterprise applications need. It is necessary to develop security solutions that operate across a vast range of device capabilities.

Resilience: An IoT system can be compromised in one of two ways: Infect a component that interacts with other components; or compromise the device by spoofing a reading or changing a critical factor in the device’s external environment such as the temperature of the room where it resides. Crucially, we cannot depend on cryptographic solutions to address every possible attack.

Where do we go from here?

Moving beyond classical cryptographic approaches, security solutions must embrace the use of mathematical models to understand the behaviour of the system that they protect. A deviation from the model implies that an attack might be imminent or underway. At this point, human operators can work to isolate the attack. For instance, affected components can be disconnected from the network, or a set of compromised keys can be revoked.

Traditional cybersecurity is a necessary starting point, it’s not adequate to secure IoT systems. This is one of the reasons why PARC focuses its research in security solutions on three agendas:

  1. Secure-by-design communications platform for IoT systems.

  2. Secure interactions between humans and cyber-physical systems.

  3. Security based on hybrid modeling of cyber-physical systems.

Security is critical to every business. Secure, resilient and adaptive IoT systems require good partnerships. Talk to us about how we can help you protect your valuable business information.

Learn More

Xerox innovatie

Zie hoe enkele van de knapste koppen op de planeet bijeenkomen in onze wereldwijde onderzoekscentra om de toekomst van werk te verbeteren.

City skyline at night, reflected on water

Security Solutions for Documents and Printing

Security is critical to every business, and we take it seriously at Xerox.

Woman in system control center using a tablet

Rethinking the Security of IoT Systems

Uzun and Rane take an in-depth look at securing industrial control systems against cyberattacks.

Woman standing, writing at a table, overlaid with a padlock icon

Oplossingen voor aparaat- en documentbeveiliging

De meest beveiligingsgerichte bedrijven en overheden kiezen voor Xerox.

Two employees in a room of servers, looking at a laptop

Xerox Connect reports on security

Articles and thought leadership on the partnerships that prevent cyberattacks and information security.

Verwante Artikelen

  • Wendy Abbott, Xerox engineer, with an icon of the ConnectKey user interface she designed

    Problemen oplossen met software

    "Mensen gebruiken dit elke dag, en het maakt hun werk productiever."

  • Xerox Research Centre of Canada

    Xerox Research Centre of Canada

    The Xerox Research Centre of Canada (XRCC) is Xerox’s specialty materials research centre

  • Xerox® ElemX™ Liquid Metal Printer

    Metal 3D Printer Selection Begins with the End in Mind

    The choice of 3D printing technology, whether using plastics, composites, or metals, begins with the end in mind.

  • Sign for parc, Xerox Palo Alto Research Center

    Palo Alto Research Center

    Palo Alto Research Center (PARC) is a wholly owned subsidiary of Xerox Corporation and an integral part of Xerox's strategy for long-term research investment

  • View from inside a 3D printer

    3D Printing in Your Supply Chain

    3D printing reduces logistical costs and shortens delivery times, reinforcing 3D printing's strategic role in the supply chain.

  • Digital bar chart

    Xerox Future Defined by Innovation, AI

    Here’s where you will find the next breakout technologies for Xerox, as well as your own company.