Make IoT Devices Certifiably Safe—and Secure
By Mark Pesce
Makers of Internet-connected gadgets should have to certify that their products can resist cyberattacks. After unboxing a new gadget, few people stop to consider how things could go horribly wrong when it’s plugged into the wall: A shorted wire could, for example, quickly produce a fire.
A shorted wire could, for example, quickly produce a fire. We trust that our machines will not fail so catastrophically—a trust developed through more than a century of certification processes.
To display the coveted “approved” logo from a certification agency—for example, UL (from a U.S. organization formerly known as Underwriters Laboratories), CE (Conformité Européenne) in Europe, or Australia’s Regulatory Compliance Mark—the maker of the device has to pull a production unit off the manufacturing line and send it to the testing laboratory to be poked and prodded. As someone who’s been through that process, I can attest that it’s slow, detailed, expensive—and entirely necessary. Many retailers won’t sell uncertified devices to the public. And for good reason: They could be dangerous.
Sure, certification carries certain costs for both the manufacturer and consumer, but it prevents much larger expenses. It’s now considered so essential that the biggest question these days isn’t whether an electrical product is certified; it’s whether the certification mark is authentic.
Certification assures us we can plug something in without worry that it will electrocute somebody or burn down the house. That’s necessary but, in today’s thoroughly connected era, insufficient. The consequences of plugging a compromised device into a home network are not as catastrophic as shock or fire, but they are still bad—and they’ve gone largely unappreciated.
We need to change our thinking. We need to become far more circumspect when we plug a new device into our networks, asking ourselves if its maker has given as much thought to cybersecurity as to basic electrical safety.
The answer to that question will almost invariably be no. A recent report detailing a security test of home Wi-Fi routers by Germany’s Fraunhofer Institute FKIE showed every unit tested to have substantial security flaws, even when upgraded to the latest firmware.
Although security researchers plead with the public to keep the software on their connected devices up-to-date, it appears even that sort of digital hypervigilance isn’t enough. Nor should this burden rest on the consumer’s shoulders. After all, manufacturers don’t expect consumers to do periodic maintenance on their blenders and electric toothbrushes to prevent them from catching fire or causing an electric shock.
The number of connected devices within our homes has grown by an order of magnitude over the last decade, enlarging the attack surfaces available to cyber-miscreants. At some point in the not-too-distant future, the risks will outweigh the benefits. Consumers will then lose their appetites for using such devices at all.
How could we prevent this impending security catastrophe? We can copy what worked once before, crafting a certification process for connected devices, one that tests and prods them and certifies only those that can resist—and stay ahead of—the black hats. A manufacturer does that by designing a device that can be easily and quickly updated—so easily that it can perform important updates unattended. Success here will mean that connected devices will cost more to design, and prices will rise for consumers. But security is never cheap. And the costs of poor security are so much higher.