IoT security: smarter systems engineering must compensate for our weaknesses

By | 2 minute read | October 20, 2016

IoT security and systems engineering

It’s fascinating to read the accounts of IoT related hacks, especially those that make headlines in both the popular press and the tech blogs. I’m concerned that casual readers will conclude that opening the door to IoT connected devices means hackers will have access to their cars, their security systems and even literally their front doors!

Reading a bit more deeply into these stories reveals that, as Cisco has said, “employees are the weak link.” Pogo has it right: we have met the enemy and he is us. The brilliant and shocking Amazon-produced series “Mr. Robot” depicts a hacker attacking a prison IT system by spreading malware-infected USB flash drives in the parking lot. True to repeated real life experiments of this type, one of the drives is soon plugged into a computer inside the prison and the hackers are able to gain access. Send enough phishing emails to employees in a target organization and someone will eventually click on a link, no matter how much employee education we do, and it’s even harder when new employees, customers and contractors are walking in and out of our buildings all the time.

Systems engineering and security

Perhaps systems engineering and its cousin systems thinking suggest a path to an answer. If we understand that both intentional hackers and unintentional misbehaving humans are part of the system, then thought can be given to making the system resilient and responsive, even to threats that don’t look like threats. The recently publicized hack of an Internet-connected door lock provides an example. Sure, we can try to prevent such intrusions from occurring, but how about also detecting suspicious activity, like a user adding a new entry code to a door lock from an IP address in another state, or several failed attempts to gain access in a short time? While we are at it, let’s put some fallible humans to work. How about a separate watchdog process in the cloud that periodically interrogates your door lock and sends you a report of any new codes added? Perhaps an LED on the door lock itself should flash until the new code is used.

Various approaches are easy to formulate if systems engineers start thinking of the system as including unwanted actors and behavior. We can’t totally prevent, so we design in ways to deal with them once they are in, limiting the damage or at least catching them in the act. As we like to say in systems thinking, “the system is always working,” that is, the system in its entirety is working as we have designed and built it. IoT systems contain hackers and fallible humans—let’s design security with them in mind.