- Protocol Analyzers
- Bluetooth Smart
- Network Visibility
The IoT “Edge” challenge
Internet of Things represents a huge opportunity. For utilities seeking to save operational costs and reduce demand by deploying Smart Energy AMI and AMR solutions, for corporates looking to reduce energy cost with smart HVAC (Heat Ventilation & Air-Condition) systems, manage access control and production lines, municipalities implementing smart cities; through operators and service providers deploying home automation, home security, healthcare and many other exciting applications.
Yet the opportunity contains a grave risk. Consumers hacking the power meter to reduce their monthly payment, hackers turning on millions of air condition systems at the same time causing a nationwide power grid failure, burglars bypassing the home security system from remote and many more potential threats. IoT security is perceived as the main concern and delaying factor in the implementation of large scale IoT solutions.
What makes IoT systems especially vulnerable is the “Edge” of the communication networks. This refers to the networks that connect the end devices (sensors, meters) with the local gateway, which then connects them to the cloud over some broadband connection which is usually wired and secured. Such “Last Mile” network can reside at the consumer home or a within single hotel room, occupy a corporate production line hall or an office floor, or even cover a larger neighborhood or city.
Unlike typical computer or mobile phones networks, the IoT “Last Mile” uses a combination of low end sensors with limited processing capabilities and low level of embedded security, a variety of frequently evolving protocols (ZigBee, Bluetooth Low Energy, PRIME, G3-PLC) each having a different structure and philosophy and the fact that the communication media used (either power lines, or wireless) is opened for everybody to eavesdrop.
Perytons Eye-O-T Defense™ allows automatically monitoring and analysis of the IoT “Last Mile” communications. With simple “sniffing” probes placed in key points of the network, Last Mile data is collected and sent to the cloud. It is then decoded according to the specific protocol type and version, and all information is extracted and stored. Automated scripts review the data to detect anomalies and potential malicious behavior. For example unscheduled over-the-air downloads (that may indicate that someone it trying to place a modified firmware into the IoT devices), message replays, unexpected traffic growth and more. The system then generates alerts and alarms indicating the potential security breach allowing the system security operator to take the necessary protective actions. A security expert can then perform a forensic analysis of the communication from the relevant site(s), follow the exact events and transactions and then suggest fixes to be implemented in the operational IoT networks elements in order to prevent from such an event to occur in the future.
The Perytons solution, being an overlay layer which is not part of the operational IoT data, is not exposed or vulnerable to hacking attacks and protocol interoperability issues. As such it acts as a reliable inspection and “watchdog” tool for the system integrator, network operator or the corporate IT manager.
With more and more vendors and service providers introducing new exciting products and services to IoT vertical markets such as Home Automation, Smart Energy, Smart Buildings and more, there is an increasing awareness to the potential vulnerability of devices and solutions.
Hackers might take control over Smart Building heating and lighting systems, break into one’s Smart Home by wirelessly disabling its alarm or by opening the door lock with their laptop, interfere with Industrial manufacturing company’s production lines or modify Smart Energy billing information.
Most wireless protocols used in these applications define security directives and implement various layers of authentication and encryption. However, the need for acceptable user experience, simple devices (usually with no user interface) as well as the very large number and variety of vendors, can introduce security vulnerabilities.
Such security ‘loopholes’ are rarely looked for as part of inter-operability and certification processes (which in fact are initially aimed to guarantee that a device functions as it should, but do not address behavior as a result of malicious scenarios).
Perytons provides the first professional wireless Penetration testing tool for IEEE 802.15.4 based protocols (ZigBee, 6LoWPAN, Thread). Perytons Penetration Testing allows product manufacturers, IoT service providers and penetration testing experts to generate complex scenarios and identify product and solutions vulnerabilities.