I think it is not feasible to summarize or articulate the IoT concept in a definition due to its vast, diverse streams, underlying technologies, and applications and how it completely changed the basic understanding of common regular things by nature, like non-living things being alive.
IoT can be defined in more than one way, for example, As a system that uses certain technologies to serve a much bigger system or problems rooted on the Internet concentrating on transparency, control, and performance, which all as a whole can be granular and suitable to any environment or in other sense any Industry.
Need for IoT security
Data collected in IoT is about the environment and people, which makes the privacy and security of this data a very difficult challenge when connected to the Internet. Data is the core of IoT; hence the importance of this data directly proposes and demands the need for IoT security. People and constantly targeted by attackers for personal or monetary responses resulting in theft, breach of privacy, jeopardizing safety, and hindering productivity.
With the increasing advancement of technology such as wearable devices, home automation, connected cars, smart meters, and businesses hosting a considerable amount of their resources connected to the Internet, there is a constant need for IoT security with increasing complexity.
IoT security involves complex decision-making which questions the level and position of security; for example, the security at the network level, in many cases, is more concentrated rather than at the end device level. However end to end security for the entire stack is more than a requirement due to IoT’s highly distributed and heterogeneous nature involving vast, diverse technologies and components, and compliance with standards providing the feasible solution it aims makes the decision-making very difficult as there will always be a trade-offs between security and other functions of IoT.
It is evident that Attackers target specifically the weakest link to compromise an environment in order to accomplish their malicious goals. Which again emphasizes the need for security and need for compliance with industry and government-established standards. And internet connects almost every aspect of life; every industry is connected directly or directly, which jeopardizes the security and robustness of a single organization. Some of the crucial Industries include Medical, Energy and Utility, finance, manufacturing, smart homes, transportation, agriculture, automobile, and national and state-level commodities.
Benefits of the use of blockchain technology in IoT
I think both add advantages to each other. However, Blockchain technology in IoT is more apt and symbiotic. Out of a vast number of application-specific benefits as a whole, Blockchain cuts down a large sum of operational costs as it removes the need for a centralized authority as the transactions are made peer-to-peer even more secure with the help of blockchain’s transparent ledger. also most important, adding speed to the transactions and processing them. And also, authentication is more persistent and reliable which eventually provides a great deal of security.
As a whole, any scenario which involves an authentication blockchain would improve its security as each individual edge or node of an IoT is connected and authenticated by a vast number of other edges/nodes. A more specific example would be mitigating a DDOS attack against IoT devices which are much more vulnerable.
Challenges for blockchain deployment in IoT
With a growing number of IoT devices, it is quite difficult to implant the requirements to participate in the blockchain. The Network bandwidth puts a massive overhead over these simple and function-specific devices\objects. Latency cannot be controlled over the vast network of blockchains if it exists. The intelligence should be added to each of the participating devices, which eventually decreases the efficiency of the objects in the IoT. The device manufacturer or service provider should understand and build these systems for the future to be able to integrate them into the blockchain. And above all, connecting these infinite numbers of devices to function seamlessly and in coordination is much more complex to establish.
CONTIKI AND TinyOS
Every operating system will have Vulnerabilities which will be fixed in time. Similarly, these operating systems are designed with a specific goal in mind. these are pretty amazing, with little resources they need. The problems mentioned in the paper are very common and basic, which of course, lead to hazardous outcomes. But the good thing is that they are open source and can be customized and analyzed by anyone.
I think this is the solution keep checking and patching the source code. which will make them better over time.
A major solution would be to customize, as the source code is available. A user/manufacturer can remove unwanted applications of the operating system and focus only on required aspects reducing the attack space.
And also, thorough static analysis and input validation can be implemented in the development process. In situations where security is critical, users could install or integrate 3rd party security features/applications leveraging the overhead.
And we all know that nothing is 100% secure. We try to make it. similarly, there is a lot of potential for these operating systems, and we cannot entirely rely on operating systems but the whole environment, for example, a strong firewall, DMZ zones etc, could add more security and some additional protection towards these vulnerabilities.
References:
- Vermesan, Ovidiu and Peter Friess. (2014). “Internet of Things Applications – From Research and Innovation to Market Deployment.”
- Buyya, Rajkumar and Amir Vahid Dastjerdi. (2016). “Internet of Things: Principles and Paradigms.”
- Internet of Things (IoT). (n.d.). Retrieved 5 7, 2020, from http://www.cisco.com/web/solutions/trends/iot/overview.html
- Kafle, V., Fukushima, Y., & Harai, H. (2015). Connecting the world through trustable Internet of Things. Retrieved 5 7, 2020, from https://itu.int/en/itu-t/academia/kaleidoscope/2015/documents/s7.1 ved_kafle_slides.pdf
- Liu, T., & Lu, D. (2012). The application and development of IOT. Retrieved 5 7, 2020, from http://ieeexplore.ieee.org/document/6291468
- Cirani, Simone, Gianluigi Ferrari, Marco Picone and Luca Veltri. (2018). “Internet of Things: Architectures, Protocols and Standards.”
- Lawrence Miller. (2016). ”IoT Security FOR DUMMIES A Wiley Brand.”
- Cirani, Simone, Gianluigi Ferrari, Marco Picone and Luca Veltri. (2018). “Internet of Things: Architectures, Protocols and Standards.”
Lawrence Miller. (2016). “IoT Security FOR DUMMIES A Wiley Brand” - Ramachandran, Gowri & Krishnamachari, Bhaskar. (2018). Blockchain for the IoT: Opportunities and Challenges.
Khwaja Shaik, January 12, 2018, Blockchain Pulse: IBM Blockchain Blog, https://www.ibm.com/blogs/blockchain/2018/01/why-blockchain-and-iot-are-best-friends/.
Sok, Kimheng & Colin, Jean-Noel & Po, Kimtho. (2018). Blockchain and Internet of Things Opportunities and Challenges. 150-154. 10.1145/3287921.3287933.
Malviya, Hitesh. (2016). How Blockchain Will Defend IOT. SSRN Electronic Journal. 10.2139/ssrn.2883711.
Alphonse, A. & Starvin, M.S.. (2020). Blockchain and Internet of Things: An Overview. 10.1016/b978-0-12-819816-2.00012-5. - McBride, Jack and Arief, Budi and Hernandez-Castro, Julio C. (2018) Security Analysis of Contiki IoT Operating System. In: EWSN ’18 Proceedings of the 2018 International Conference on Embedded Wireless Systems and Networks. Junction Publishing, Canada, pp. 278-283. ISBN 978-0-9949886-2-1. (KAR id:67379)
Levis, Philip & Madden, Samuel & Polastre, Joseph & Szewczyk, Robert & Whitehouse, Kamin & Woo, Alec & Gay, David & Hill, Jason & Welsh, Matt & Brewer, Eric & Culler, David. (2005). TinyOS: An Operating System for Sensor Networks. 10.1007/3-540-27139-2_7.