Helmets for Home Automation: Protecting the Smart Home Brain
Home smart home! While we already know that the home automation market is prepared to take the world by storm in the near future, the underlying concern is whether or not they will be secure. Industry experts are predicting that more than one in 10 of homes will be ‘smart’ by the end of this year — this compared to 17% of households in the U.S. and a global average of 5% — while the home automation trend is expected to double across 7.7 million UK homes by 2019.
Last month NextMarket Insights forecasted that the U.S. home automation market would grow from the current $1.3 billion to $7.8 billion by 2019. With the market expanding so quickly, just how secure will these connected homes be? Furthermore, Acquity Group predicts that 69% of consumers will own in home IoT connected devices within the next five years. With that many smart devices entering our homes, how can we be so sure the personal data they possess will be kept safe?
Does Home Automation Make Your House More Secure?
According to a new Lowe’s Consumer Study on Smart Homes, half of Americans believe their homes will be more secure with the implementation of smart devices, while 46% of the same individuals polled also feel that the ability to monitor their home while away will improve their own peace of mind. In addition, another 29% think that smart technology in the home will provide them with better protection from fires, floods, and other emergencies.
While these statistics do provide hope for the future and the secure smart home, only 11% of these respondents see security as the deciding factor as to whether or not they would install smart devices in their home. Price, convenience, and the presence of a monthly fee all rank higher when it comes to buying consideration for these individuals.
Yet backdoors and other insecure channels have been found in a number of devices, leaving them susceptible to potential hacks and other cyber attacks. “Although the highly-touted hack of smart refrigerators earlier this year has since been debunked, there’s still no shortage of vulnerabilities in the emerging, so-called Internet of Things,” IEEE Spectrum reminds us.
Home Automation Security Vulnerabilities
While the idea of security seems to be on the minds of potential home automation consumers, the actual practicality of the technology seems to be a lesser concern. As evident by HP’s recently conducted study, a shocking 70% of IoT home devices contain security vulnerabilities. This not only impacts home consumers, but they found corporations also widely practiced insecure communications on the Internet and local networks.
With an increase backdoors and other insecure channels have been found in many such devices, opening them to possible hacks, botnets, and other cyber mischief. Although the widely touted hack of smart refrigerators earlier this year has since been debunked, there’s still no shortage of vulnerabilities in the emerging, so-called Internet of Things.
Networking Home Automation
CIO of Prescient Solutions Jerry Irvine tells SecurityInfoWatch that, “Mobile devices have data that are stored on them, so all data is at risk if it is on those devices, whether it is the individual’s personal data or the company’s intellectual property. Additionally, there are user IDs, passwords and server names or addresses that are stored on there within applications.”
These simple security vulnerabilities could prove to be disastrous either in the home, or in the workplace, if exploited. To mitigate some of this risk, Irvine stresses that all connected devices in the home should be connected to a network separate from the user’s PC. “Every single wireless router, wireless access point or cable modem has the ability to do VLANs (virtual local area networks) today. Put all of those home automation systems on a VLAN that does not have direct access to or from the Internet.”
While the public may be ready to welcome IoT home devices into their lives, they may not be readily equipped with the know-how to secure them. With smart homes becoming the norm across the globe, users should educate themselves about potential security risks and ensure their personal data is safe.
“Our premise is that it’s not that easy to do embedded security right, and that essentially has been confirmed,” researcher Christoph Paar reveals. “There are very few systems we looked at that we couldn’t break. The shocking thing is the technology is there to get the security right. If you use state of the art technology, you can build systems that are very secure for practical applications.”
And while there will always be hackers out, Paar says smart engineering and present-day technology can stop most of them in their tracks. That’s why when it comes to securing our constantly-connected and smarter world, look no further than Atmel’s CryptoAuthentication family. These solutions not only provide home and building automation designers an extremely cost-effective hardware authentication capability, but will help offer you a peace of mind in your next-gen home.
Hardware key storage beats software key storage every time, which is one of the “key” lessons of the recent vulnerability revelations. But how does an embedded system manufacturer ensure their products are secure and protected from attack? Fortunately, the solution is simple, available, and cost effective, and that is to use hardware key storage devices such as Atmel’s ATSHA204A, ATECC108A and ATAES132.
This is a guest post from Atmel, and was originally published to the Atmel blog on September 17, 2014. Atmel Corporation is a worldwide leader in the design and manufacture of microcontrollers, capacitive touch solutions, advanced logic, mixed-signal, nonvolatile memory and radio frequency (RF) components.
Secure Home Automation Connectivity
Internet of Things security, especially for home automation, is a massive umbrella and one of the main challenges of IoT connectivity. However, security should not be an afterthought, and how we secure home automation is essential. comes down to three main points:
- Authorization revolves around having complete control over who controls and triggers devices in a home automation solution. Smart home applications need robust authorization functionality, with fine grain control over permissions. PubNub Access Manager (PAM) does just that, enabling developers to create and destruct private messaging channels with authorization tokens. a home automation solution, uses PAM for secure authorization.
- Concerning Open Ports, having a connected device sitting and listening to an open port to a network is a massive IoT security concern. Your home automation solution needs bidirectional communication, but without open ports.
- Encryption of messages is also paramount. From end to end, messages need to be secured with proper AES and SSL encryption.
Additional Home Automation Resources
- Why Home Automation Needs a Real-time Data Stream Network
- PubNub In-Action: Home Automation