This month featured a panel of speakers on Security Considerations in Sensor and IoT Deployments. Panelists included:

Kevin Henson of Cyber Defense Labs
Mart Nelson of Avistas

We started with how information leakage might lead to undesirable situations. Leakage of seemingly innocuous tire pressure might lead to inferences of the number of vehicle occupants (Am I looking at you, Volkswagon?) or security systems in the vehicle.

We discussed some foundational security principles, namely confidentiality, integrity, availability and their application to the sensor/IoT realm.

In order to promote thought of security, early in the innovation process as opposed to later “bolting on” security, we focused on two early stage technologies. The first was a directional vehicle to vehicle communication system. A raised security concern was possible false signals, with a possible mitigation being changing the spectrum or SYN-SYN-ACK based communication. The second was a sensor array being considered for Smart Cities deployments. A raised security concern was spoofed data due to local or physical access, with possible mitigation being comparison of data with other sensor types or other sensors arrays.

An audience member inquired of encryption in small memory footprint devices.

Micro-speaker Kent Dial spoke on use of sensors in airport refueling compliance systems.

Top Ten Internet of Things Vulnerabilities
libsodium – A library of common crypto functions for developers