Putting IoT Safety First

PinIt
IoT safety

Making IoT devices safer includes designing the device to return to a steady state and updates for vulnerabilities. IoT devices will also enable a safer world, such as through real-time processing of spatial proximity in factories.

The industrial and manufacturing sectors have been using connected-ness and instrumentation for quite some time already—long before it became popularized with the term Internet of Things (IoT). But the world is changing: We are now seeing an evolution of machines and devices to work with every day—either to communicate, move from place to place, or to create and construct other things. Consumers are now getting exposed to this connected-ness more and more.

With any new invention, the earliest versions only work in constrained environments. The emphasis during this period of invention and creation is on the capability of the device or system. What will the device do, provide, ease, or enable that is different from what is available today? Worrying about whether the device is susceptible to illicit or undesirable behavior is often not the first thing considered. We continue to stress the need for “secure by design” and still we find that security is not the first thing considered.

So what can we expect for the IoT? History has a way of repeating itself. It usually takes some fairly high profile incidents and some people to become upset and passionate enough to blaze a trail to a solution. We’ve seen this with personal computers when they were first connected to the Internet. We’ve seen this with robotic systems when they were first introduced into manufacturing environments. We’ve seen this with large-scale financial systems and small-scale point of sale terminals. And yes, we’re seeing some of this with IoT devices that are generally available for consumers and businesses to deploy and use in order to drive increased productivity and profitability.

But where does safety factor into this? One definition of safety is “the quality of averting or not causing injury, danger, or loss.” In the area of IoT, this most often refers to making sure that the connected system or device will not cause harm or damage property or itself. Clearly, security factors into a device’s safety. To ensure safety of connected devices, device manufacturers and device operators must address vulnerabilities in order to ensure safety.

There are many ways to address vulnerabilities. And it should be noted that there will always be vulnerabilities discovered long after the devices are produced, let alone designed and developed. What this indicates is:

  • Connected devices need to have a means of operating to some safe, stable steady state, even when disconnected from a network;
  • Have a means of being updated to address vulnerabilities found;
  • Have a means of being re-introduced into a connected environment once the vulnerability has been addressed.

The first of these is critical. When there’s an issue, there must be a means of operating safely—while being isolated from potential hostile conditions—until the vulnerability can be addressed. The rest of the items relate to having an incident-response process in place to address and fix vulnerabilities found. As we have found with the physical world, these devices must also have sufficient diagnostic and forensic capabilities, perhaps even enhanced when operating in a connected mode, so that post-event analysis and root-cause determination can be done.

IoT Safety is a Two-Way Street

IoT safety
There are two sides to every coin though. In many cases, the added capabilities offered by having connected devices can increase safety of the environment when those devices are working as expected and performing the tasks for which they were intended. Consider connected vehicles, which obtain information on weather and road conditions to assist in safe operation of the vehicle. There are several approaches to sharing this information and processing it including vehicle-to-vehicle, vehicle-to- infrastructure, and vehicle-to-cloud forms of communication. In every case, there are challenges in making sure that the information communicated is accurate, verifiable, and timely. And in every case there are potential attacks to be aware of and to ensure have been secured against.

Another example of an improvement in general safety by using connected devices is a connected manufacturing facility which takes into account physical location of people in the plant based on connected wearable devices and adjusts the behavior of the machines accordingly. Here again, there are several technologies that can be used to implement such an environment. However, special attention should be paid to how information is collected, managed, and for what purposes it is accessed. Real-time processing of spatial proximity must be computed quickly enough so that potentially harmful movements can be averted. And in the case of an accident, some historical information could prove invaluable in preventing future accidents. At the same time, such information may be considered personally identifiable, requiring special handling and access controls to prevent misuse. So we have the situation where a connected world offers improvements to safety as well as some potential risks by being connected.

By considering safety first, and also embracing the added capabilities of connected devices,  we will change the way we live. It won’t happen overnight and there will be bumps along the way, but we will find ourselves in a more comfortable, more productive, and maybe even more enjoyable environment in a world filled with networked Things.


Want more? Check out our most-read content:

Research from Gartner: Real-Time Analytics with the Internet of Things
Goodbye Don Draper, Hello Big Data: An EMA Report on Modern Analytics
Becoming an ‘Always On’ Smart Business
Frontiers in Artificial Intelligence for the IoT: White Paper

Liked this article? Share it with your colleagues using the links below!

Tim Hahn

About Tim Hahn

Tim Hahn is an IBM Distinguished Engineer and Chief Architect for Internet of Things (Iot) Security within the IBM Analytics organization. He is responsible for strategy, architecture, and design for IBM's IoT offerings, which let customers design, build, manage and operate solutions involving diverse sensor data from connected devices. Tim also has experience with both connected vehicles and connected products.

Leave a Reply