Where vulnerabilities may lie and how to reduce the risk for future and new devices joining the network.
As the Internet of Things (IoT) becomes increasingly commoditised, we will see large-scale rollout of IoT devices across smart cities and smart utilities. But with rapid IoT network deployment comes the challenge of managing legacy devices and migrating from or integrating with existing technology in a secure and scalable way. Often legacy devices do not have the inherent security that newer devices should have and therefore represent a security threat.
We are also in danger of finding a serious lack of knowledge on how to mitigate the risks while ensuring cost effective solutions. With cyber attacks a high priority on all our agendas, how do you decide a solution to ensure that your IoT deployment is the most secure and scalable for your city or utility?
The City of London and Glasgow are two of the most recent cities to embrace wireless mesh networks based on Wi-SUN Alliance technology, which is proving to be the architecture of choice for many of these next-generation deployments.
Main concerns when mitigating risks are security, scalability and interoperability. Based on experience, I know that not only is a wireless mesh architecture an ideal topology, but also that solutions based on open standards and supported by a robust certification program are three of the most important factors you must consider.
Building more functionality into our networks and using more sophisticated devices means that there is potentially a larger attack surface. Maintaining continuous connectivity between end points mitigates deployments against outages and security breaches.
Meanwhile a mesh network by its very nature is highly resilient, ideal for densely populated or built up areas where connections on star networks (multipoint to point connections) are far more vulnerable to connectivity problems. We must ensure that we design networks to be as reliable and secure as possible from the ground up.
Mesh networks are also highly scalable, ensuring that the network remains reliable and responsive as the number of connected devices increases.
The increasing diversity of and interaction between applications calls for multi-service network infrastructure, for example a smart city network with interconnectivity between a smart street lighting network, traffic sensors and management devices. These networks require devices to be interoperable enabling peer-to-peer connectivity, as well as supporting standardised methods for securing the network, such as device authentication. This seamless interoperability between products from different vendors requires the adoption of open standards which brings additional benefits such as vendor choice.
It is important that vendors have access to independent testing facilities, which can test products for compliance to specifications in realistic conditions to ensure that equipment works as expected. The availability of a certification program reassures customers that IoT devices are up to standard.
Wi-SUN Alliance is a global ecosystem of industry stakeholders, including vendors and users, created to develop communication specifications for IoT equipment and to manage their testing and certification. Products using Wi-SUN profiles, supported by a strong certification program, are currently being deployed on a large scale globally, including in street light networks, utility networks for smart metering and distributed energy resources in the UK, across European cities, North and South America, and Asia, as well as in home energy management, and health and wellbeing monitoring in Japan.
The Wi-SUN Alliance currently publishes two communication profile specifications. The first covers Home Area Networks (HANs) and deals with IoT devices using short-range communications. The HAN profile supports applications, such as smart thermostats and air conditioning.
The second profile covers Field Area Networks (FANs) to support a range of large-scale applications, such as utilities and smart cities. Wi-SUN Alliance profiles also apply to a broader range of machine-to-machine applications, such as asset management and structural health.
Whichever pathway you adopt for your IoT infrastructure, ensure you have access to expertise in communications and security to reduce risks and costs. Consider security, scalability and interoperability as your main risks to implementation and refer to case studies using wireless mesh, open standards and certification to ensure your smart city innovations evolve, bringing benefits for customers and citizens, reducing costs and improving efficiency for your municipality.
Phil Beecher, President and CEO, Wi-SUN Alliance was interviewed at the TEISS event in February. Click here to view: https://www.teiss.co.uk/media/video/should-we-view-iot-with-scepticism/
*This blog was edited from an article originally published by TEISS at https://www.teiss.co.uk/teiss/how-to-mitigate-security-risk-as-iot-networks-grow