Paul Bottinelli, Security Systems Developer, ETAS Canada. The rapid growth in IoT devices and applications has frequently been identified as a potential security threat. Several factors contribute to the insecurity of these devices, such as their computation and communication capabilities, their sheer number, the wide spectrum of providers and standards. It is becoming evident that the security of IoT devices is not a luxury and the lack thereof is of unaffordable consequences.
What role does certification play in ensuring the security of an IoT device? Is it sufficient to ensure the integrity of an application that relies on IoT devices? What is the appropriate boundary for system analysis? Are traditional threat modelling frameworks adequate for the IoT? If not, what do they fail to cover?
In an attempt to answer these questions and to understand why vulnerabilities failed to be captured in several recent IoT applications, we developed a lightweight threat modelling framework tailored for the IoT ecosystem. Our framework is structured as a series of targeted questions designed to initiate a dialogue and raise awareness from the developer. It aims at driving a best practices approach during design and development and attempts to ensure robust security is considered in the entire system. By taking a holistic approach that addresses the application in addition to component certification, we avoid the pitfall of assuming security as a binary outcome or fixed goal and instead reinforce security as a continuing design philosophy.

Industry Vertical/Embedded Crypto Track