Table Of ContentPractical Internet
of Things Security
Second Edition
Design a security framework for an Internet connected
ecosystem
Brian Russell
Drew Van Duren
BIRMINGHAM - MUMBAI
Practical Internet of Things Security
Second Edition
Copyright © 2018 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form
or by any means, without the prior written permission of the publisher, except in the case of brief quotations
embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented.
However, the information contained in this book is sold without warranty, either express or implied. Neither the
author(s), nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged
to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products
mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy
of this information.
Commissioning Editor: Gebin George
Acquisition Editor: Prachi Bisht
Content Development Editor: Deepti Thore, Dattatraya More
Technical Editor: Varsha Shivhare
Copy Editor: Safis Editing
Project Coordinator: Jagdish Prabhu
Proofreader: Safis Editing
Indexer: Mariammal Chettiyar
Graphics: Jisha Chirayil
Production Coordinator: Jyoti Chauhan
First published: June 2016
Second edition: November 2018
Production reference: 1291118
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78862-582-1
www.packtpub.com
To my wife, Charmae; daughter, Trinity; and son, Ethan. Thanks for all the memories.
– Brian Russell
To my wife, Robin; son, Jakob; and daughter, Lindsey. I love you so much. You provide me the
greatest support, security, and enjoyment in life imaginable.
– Drew Van Duren
mapt.io
Mapt is an online digital library that gives you full access to over 5,000 books and videos, as
well as industry leading tools to help you plan your personal development and advance
your career. For more information, please visit our website.
Why subscribe?
Spend less time learning and more time coding with practical eBooks and Videos
from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Mapt is fully searchable
Copy and paste, print, and bookmark content
Packt.com
Did you know that Packt offers eBook versions of every book published, with PDF and
ePub files available? You can upgrade to the eBook version at www.packt.com and as a print
book customer, you are entitled to a discount on the eBook copy. Get in touch with us at
[email protected] for more details.
At www.packt.com, you can also read a collection of free technical articles, sign up for a
range of free newsletters, and receive exclusive discounts and offers on Packt books and
eBooks.
Contributors
About the authors
Brian Russell is the founder of TrustThink, LLC, where he leads multiple efforts towards
the development of trusted IoT solutions. He has over 20 years of information security
experience and has led complex system security engineering programs in the areas of
cryptographic modernization, cryptographic key management, unmanned aerial systems,
and connected vehicle security. He is the co-chair of the Cloud Security Alliance (CSA) IoT
Working Group and was the recipient of the 2015 and 2016 CSA Ron Knode Service Award.
Brian is an adjunct professor at the University of San Diego (USD) in the Cyber Security
Operations and Leadership program.
I would like to express my gratitude for all the people that have helped with this book. To
my co-author, Drew Van Duren—it's been a pleasure working with you. To the editors at
Packt, thanks for your patience as we closed in on completion, and to my family—thank
you for all of the support. I'd also like to acknowledge the active members over the years in
the CSA IoT Working Group, as I have learned a lot from each of you about IoT security.
Drew Van Duren has provided 20 years of support to commercial and government
customers in their efforts to secure safety-of-life and national security systems. He has
provided extensive applied cryptographic design, key management expertise, and system
security architecture design through rigorous integration of system security design with the
core engineering disciplines. Drew has managed as Technical Director the two largest FIPS
140-2 test laboratories, security-consulted for the New York City Connected Vehicle Pilot
Deployment, and participated in multiple standards groups such as the RTCA, SAE, and
IEEE 1609 working group. Today, he supports the IEEE P1920 committee heading security
architecture for unmanned aircraft aerial networks.
I would like to thank the outstanding mentors I have worked with throughout my career.
Thank you to my grandfather, Glenn Foster, for planting seeds of scientific and
engineering curiosity. Brian Russell, it has been extremely rewarding collaborating with
you over the years. Lastly, much gratitude to my parents, Toney and GloryLynn Van
Duren, for such fierce dedication and support through my formative years.
About the reviewer
Aaron Guzman is a security consultant serving as the Head of Automotive and IoT Testing
with Aon's Cyber Solutions Group. Aaron has extensive public speaking experience,
delivering conference presentations, training, and workshops globally. Aaron is a chapter
leader for the Open Web Application Security Project (OWASP) Los Angeles, Cloud
Security Alliance SoCal (CSA SoCal), a technical editor, and the co-author of IoT
Penetration Testing Cookbook with Packt Publishing. Over the years, he has contributed to
many IoT security guidance publications and leads the OWASP Embedded Application
Security project. Follow Aaron's latest research on Twitter at @scriptingxss.
Packt is searching for authors like you
If you're interested in becoming an author for Packt, please visit authors.packtpub.com
and apply today. We have worked with thousands of developers and tech professionals,
just like you, to help them share their insight with the global tech community. You can
make a general application, apply for a specific hot topic that we are recruiting an author
for, or submit your own idea.
Table of Contents
Preface 1
Chapter 1: A Brave New World 5
Defining the IoT 7
Defining cyber-physical systems 8
Cybersecurity versus IoT security 9
The IoT of today 10
An IoT-enabled energy grid 12
Modernizing the transportation ecosystem 13
Smart manufacturing 13
Smart cities spread across the globe 14
The importance of cross-industry collaboration 15
The IoT ecosystem 17
Physical devices and controllers 17
The hardware 18
Real-time operating systems 18
Gateways 20
IoT integration platforms and solutions 21
Connectivity 21
Transport protocols 22
Network protocols 22
Data link and physical protocols 22
IEEE 802.15.4 23
ZWave 23
Bluetooth low energy 23
Cellular communications 24
Messaging protocols 25
MQTT 26
CoAP 27
XMPP 28
DDS 28
AMQP 29
Data accumulation 29
Data abstraction 31
Applications 32
Collaboration and processing 35
The IoT of tomorrow 35
Autonomous systems 35
Cognitive systems 36
Summary 37
Chapter 2: Vulnerabilities, Attacks, and Countermeasures 38
Table of Contents
Primer on threats, vulnerability, and risks 39
The classic pillars of information assurance 39
Threats 41
Vulnerability 41
Risks 43
Primer on attacks and countermeasures 44
Common IoT attack types 44
Attack trees 46
Building an attack tree 47
Fault (failure) trees and CPS 51
Fault tree and attack tree differences 52
Merging fault and attack tree analysis 53
Example anatomy of a deadly cyber-physical attack 54
Today's IoT attacks 57
Attacks 59
Authentication attacks 60
Distributed Denial of Service (DDoS) 60
Application security attacks 60
Wireless reconnaissance and mapping 61
Security protocol attacks 61
Physical security attacks 62
Lessons learned and systematic approaches 62
Threat modeling an IoT system 63
Step 1 – identify the assets 65
Step 2 – create a system/architecture overview 66
Step 3 – decompose the IoT system 69
Step 4 – identify threats 72
Step 5 – document the threats 75
Step 6 – rate the threats 75
Summary 77
Chapter 3: Approaches to Secure Development 78
The Secure Development Life Cycle (SDLC) 79
Waterfall 79
Requirements 81
Design 82
Implementation 82
Verification 83
Spiral 84
Agile 86
Security engineering in Agile 86
DevOps 89
Handling non-functional requirements 93
Security 94
Threat modeling 94
Other sources for security requirements 99
Safety 99
[ ii ]
Table of Contents
Hazard analysis 99
Hazard and operability studies (HAZOPs) 100
Fault-tree analysis 100
Failure modes and effects analysis (FMEA) 100
Resilience 101
The need for software transparency 101
Automated security analysis 102
Engaging with the research community 104
Summary 104
Chapter 4: Secure Design of IoT Devices 105
The challenge of secure IoT development 105
Speed to market matters 106
Internet-connected devices face a deluge of attacks 107
The IoT introduces new threats to user privacy 107
IoT products and systems can be physically compromised 108
Skilled security engineers are hard to find (and retain) 109
Secure design goals 110
Design IoT systems that mitigate automated attack risks 110
Design IoT systems with secure points of integration 111
Designing IoT systems to protect confidentiality and integrity 113
Applying cryptography to secure data at rest and in motion 113
Enabling visibility into the data life cycle and protecting data from manipulation 115
Implementing secure OTA 115
Design IoT systems that are safe 116
Design IoT systems using hardware protection measures 117
Introduce secure hardware components within your IoT system 117
Incorporate anti-tamper mechanisms that report and/or react to attempted
physical compromise 119
Design IoT systems that remain available 120
Cloud availability 120
Guarding against unplanned equipment failure 121
Load balancing 121
Design IoT systems that are resilient 122
Protecting against jamming attacks 122
Device redundancy 124
Gateway caching 124
Digital configurations 124
Gateway clustering 125
Rate limiting 125
Congestion control 125
Provide flexible policy and security management features to administrators 126
Provide logging mechanisms and feed integrity-protected logs to the cloud for
safe storage 127
Design IoT systems that are compliant 127
The US IoT Cybersecurity Improvement Act (draft) 128
ENISA's baseline security recommendations 128
DHS guiding principles for secure IoT 129
[ iii ]
