Security Measures for Internet Enabled Devices

Increased reliance on intelligent devices and a growing number of threats require proactive security measures.

By Alan Grau, Icon Labs


Embedded devices, including Military and Aerospace devices, is the fastest growing segment of Internet users. The number of embedded devices on the Internet is predicted to be five times the number of PCs on the Internet by 2015. As our reliance on intelligent devices grows, so does our vulnerability to the failure of these devices. Extension Media talked to Alan Grau, CEO of Icon Labs, about security threats for embedded devices, trends in device security and what steps companies should take to protect their devices from Internet threats.

Q: It seems I read about a new security threat, Internet attack or virus almost daily. Most of these attacks are against Windows PCs and enterprise networks. Are embedded devices vulnerable to the same type of threats? Aren’t many of the malware and viruses specifically targeted to Windows PCs?

A: Yes and no. A large number of security threats specifically target Windows or Linux, but an increasing number of Internet attacks threaten embedded devices directly.

We have identified the three most significant Internet threats directed at embedded devices. The first is data protection: ensuring that data stored on the device, and communication with the device, is not intercepted or improperly accessed. The second threat is unauthorized access whereby someone actually hacks into and takes control of the device. The third threat is Denial of Service (DoS) attacks, an attack against a device causing it to fail or degrading its performance to the point that the device cannot effectively operate.

Q: How real are these threats? Aren’t many embedded devices built using custom operating systems that are not vulnerable to Windows based viruses?

A: The threats are very real. While most embedded devices are not vulnerable to Windows viruses, they are still vulnerable to many other threats such as DoS attacks. Automated hacking drones constantly scan Internet-connected computers looking for any vulnerability. If a device is connected to the Internet you need to assume it will be attacked.

All too often companies rush designs and launch products without ensuring sufficient security measures are in place, leaving the devices completely vulnerable to attack. With insufficient security, an unauthorized person can access the device or intercept communications. While encryption and authentication technology has addressed some of the issues, they only provide a basic level of security and do not provide protection from DoS attacks. The result of a DoS attack can be just as severe as if the device had been hacked. Companies need to recognize that threats against embedded devices are growing and the stakes are rising.

Q: What steps can companies take to protect their devices from these attacks?

A: Companies must start with encryption and authentication, but to ensure adequate protection a firewall must be added to the embedded device.

Q: What products are available to companies building embedded devices that address these security issues?

A: Icon Labs has developed three tools - Iconfidant SSH, Iconfidant SSL, and Floodgate Packet Filter – that allow companies to build security and protection into their embedded devices. Iconfidant SSH and SSL provide encryption and authentication for secure remote access. Floodgate Packet Filter is an embedded firewall that provides both static and dynamic filtering (stateful packet inspection). Floodgate also provides threshold-based filtering specifically designed to protect against DoS attacks. Together these products protect embedded devices from all major Internet threats.

Icon Labs
3636 Westown Parkway
Suite 203
West Des Moines, IA, 50266

tele: 515.226.3443x22
toll-free: 888.235.3443x22
fax: 877.379.0504