Billions of connected devices security are potentially at risk unless security sensitive software can be managed to an e-commerce standard, according to a group of leading technology security experts.
The companies, including ARM, Intercede, Solacia and Symantec worked together to assess the security challenges of connecting billions of devices across multiple sectors; including industrial, home, health services and transportation. Their conclusion was that any system could be compromised unless a system-level root of trust was established.
To deal with the risk, the companies collaborated on the Open Trust Protocol (OTrP) to combine a secure architecture with trusted code management, using technologies proven in large scale banking and sensitive data applications on mass-market devices such as smartphones and tablets.
“In an internet-connected world, it is imperative to establish trust between all devices and service providers,” said Marc Canel, vice president of security systems, ARM. “Operators need to trust devices their systems interact with and OTrP achieves this in a simple way. It brings e-commerce trust architectures together with a high-level protocol that can be easily integrated with any existing platform.”
Other members of the OTrP Joint Stakeholder Agreement are: Beanpod, Sequitur Labs, Sprint, Thundersoft, Trustkernel and Verimatrix.
The threat
Symantec estimates that one million internet attacks were carried out every day during 2015. The Internet of Things (IoT) expands the attack surface and according to Gartner, the analyst firm, security is now the number one priority when building any connected product.