Aug 23, 2016 Internet of Things

Mitigating the IoT Attack Surface

By Neil McLellan

Neil Bio blog

Modern day use cases for “IoT-like” applications date back to the earliest days of manned space flight for monitoring astronaut vital signs and shuttle telemetry – mission critical data points transmitted across a dedicated network. Beyond dedicated and specialized networks, technology once leveraging PSTN has now converged on the global IP network. The public internet has evolved beyond connecting hobbyist PC’s, to  becoming modern-day critical infrastructure empowering the most essential aspects of our everyday life – including safety critical, connected devices.

As such, the convergence of embedded IoT devices and PC/server infrastructure on a common network backbone are surfacing a new set of challenges around two very common issues:

  • Intrusion prevention
  • Virus protection

Network policies adopted by IT departments to secure the business data and PCs do not account for the different protocols and functionality available within the range of intelligent embedded devices. The intelligent embedded device must have the ability to monitor and protect itself against the threats that exist within the network while at the same time sharing information with trusted devices in real time.

With the IoT attack surface spanning clear across the traditional IT ecosystem, the depth of knowledge to mitigate security vulnerabilities across the ecosystem requires security posturing in excess of the traditional IT generalist.  The costly omission of designed-in security is often a lack of expertise, or limited budget, pale in comparison to the cost of downtime, data breaches, or compromised autonomous systems.


The armada of IoT edge devices are coming in all shapes and sizes and servicing an infinite number of applications – fixed vs. mobile, wired vs. wireless, stored data vs. cut-through data handling, leaving us to consider a broad range of threats.  As influencing physical environmental safeguards surrounding a mobile device is most likely not an option, self-contained security counter-measures will dictate the success of your IoT strategy.

Securing device operations against known and emerging threats, encrypting data both at-rest and in-motion, and providing the ability to maintain remote accountability of security – as if you were virtually next to the device. Wind River’s portfolio of embedded operating systems have been secured and certified to support the demands of the most advanced IoT strategy:

  • Certified to Common Criteria Evaluation Assurance Level 4+ (EAL4+).
  • Compliant with Federal Information Processing Standards (FIPS) 140-2 certification for cryptographic services.
  • Root of Trust security.
  • Secure user space, ensuring secure core and secure platform operations.
  • Meets and exceed requirements of IEC 61508 and IEC 62304 security standards.

Beyond these technical hurdles, a device manufacturer will need to plan for supporting a connected and secured device strategy consistent with the extended life of such devices. With PC/solution’s reaching an expected useful life of 3-5 years, embedded devices can expect a useful life nearly six-times as long. Combatting the resource limitations of the device at the time of design and commissioning – CPU, memory, etc. are compounded in the field during maintenance operations that sustain the device. Helix Device Cloud SOTA & FOTA functionality is built on device-side intelligence that eliminates the possibility of device bricking, and enables efficient use of on-board resources, when coupled with Wind River’s embedded agents.


Complementing device-side operations, the Wind River Helix Device Cloud adds comprehensive device management capabilities to augments your growing or existing IoT strategy, completing the “end-to-edge” framework. The Helix Device Cloud is built on infrastructure, which:

  • Aligns to NIST 800-53 Security and Privacy Controls.
  • Meets specifications for HIPAA-compliance.
  • Provides API authentication, anti-spoofing, DDOS, and cross-site request forgery protection.

Additionally, Wind River’s hosting partners meet ISO 27001 compliance, extending security concerns through the value chain. Role-based access to remote devices via Wind River Helix Device Cloud (HDC) enables device manufacturers to query and retrieve vital operating system, file system, and application information, identify gaps and vulnerabilities, and facilitate the deployment critical counter measures to those devices. Immediate manual actions, as well as automatic rule-based actions can be defined and executed from the Wind River HDC dashboard – safely and securely.

Previous Helix Device Cloud Showcases its Versatility at IDF 2016
Next Open Data Plane Support for Linux-based Network Applications