Guest post by Barbara Nelson, CTO Cirrent. Twitter: @cirrent
That day you knew would come has arrived. Your old washing machine that was being unreliable got worse, and is now leaking soapy water all over your floor. The time has come to replace it. So you head to your local home appliance store, and pick out a new washing machine.
Your new washing machine comes with some upgraded features, such as vibration reduction technology (you like the idea of a quieter washing machine). The biggest change, however, is that your new washing machine is a connected washing machine, allowing you to control and monitor your laundry from anywhere, using your smartphone. That sounds great!
So, you connect your washing machine to your home Wi-Fi network (which can be a troublesome process, but you get it done). Now what? Have you just installed a trojan horse on your home network?
Hopefully not, but here is where you’re relying on the product company whose washing machine you just bought. How much were they thinking about security when they designed the washing machine? Product companies aren’t typically experts in digital security, so security may not have been their primary focus.
The good news is that, while connected home appliances are a relatively new phenomenon, the threat they pose on a network is an old threat, for which we have many tried-and-true security solutions, and those solutions work just as well for a washing machine as they do for a laptop.
Product companies don’t need to invent a new security solution, they just need to incorporate the security solutions already in everyday use in traditional connected products (such as laptops or desktops).
Ensuring that a connected product doesn’t introduce new security vulnerabilities into a network takes the cooperation of a number of network elements:
The connected product
Once configured with the password to join the home Wi-Fi network, the connected product is being trusted to be a good citizen on the network. It shouldn’t allow any other devices to use it as a conduit to reach the private network.
Some connected products temporarily broadcast an open Wi-Fi network (the SoftAP network) to enable the user to configure the private Wi-Fi credentials. The connected product must ensure that this open network is only broadcast for a brief time, just long enough to get the private network credentials.
The connected product must ensure that devices that connect to this open network can’t access the private network. The connected product also needs to communicate regularly with its cloud, to send data about its operation and to receive any new instructions.
The volume of data and frequency of communication needs to be carefully managed by the product designer. It needs to be frequent enough to make the product appear responsive (it’s not very helpful if I tell my washing machine to start, and it doesn’t get the instruction for a few hours), but not so frequent that it overwhelms the network and impacts the functioning of other devices on the network, by repeatedly checking to see if there is anything it needs to do.
The network router
The router is responsible for providing a network connection for all the connected devices. It’s the traffic cop for all the devices on the network. The first security check here is to make sure the network is password-protected to prevent unauthorized devices from connecting to the network. If the device doesn’t have the right password, it won’t get onto the network.
The connected washing machine doesn’t need to talk to any other devices on the local area network—so the router can be configured so that the traffic from the washing machine only goes to the cloud, and not to other devices on your network.
This prevents someone from hacking into the washing machine and using it to attack other devices on your network. Some routers can also do deep packet inspection so that they can see if the traffic coming from the washing machine looks suspicious and block any suspicious data.
The connection to the cloud
In the past, much of our internet traffic was sent in the clear from the local network to the internet. Recently, with increased awareness to the risks associated with exposing data (or even metadata) to malicious third parties, developers are being encouraged to use HTTPS rather than HTTP, to protect all data in transit over the internet.
Google ranks websites based on whether they are using HTTPS or HTTP to encourage more developers to move to HTTPS, and Apple is instituting a new policy that will require iPhone apps to use HTTPS rather than HTTP, starting in 2017.
As the industry is recognizing the need to protect all data in-transit, not just data we think of as being important, it is important for connected product companies to follow their lead, and use a secure channel (such as HTTPS) to send data to/from the connected product cloud.
The cloud
To enable the end user to control and manage their washing machine from anywhere, the connected product must be reachable from anywhere. The typical product architecture is for the connected product to register with its cloud, and get associated to the user’s account, so that the user can send instructions to the product, and receive status updates from the product, via the product cloud.
This makes the product cloud an important part of the security solution. The product cloud must ensure that only the authorized user(s) can send instructions to the connected product, or access the data coming from the product. The product cloud must also carefully store the data, and only enable it to be accessed for legitimate purposes.
This may not be too much of a risk for a washing machine, but it’s certainly important for a thermostat that reports it is in ‘away’ mode when the house is empty. In the wrong hands, that data makes it pretty easy to target homes to be robbed.
Is it worth it?
With all this risk, you might wonder whether it’s actually a good idea to buy a connected product. It certainly is—connected products give us new degrees of freedom about where and how we get things done.The benefits are clear, as evidenced by the growing popularity of connected products.
The good news is that there are many tried and true security solutions in place that product companies can use to ensure that we get all the benefits of a connected product without exposing our home network to any new risks.
Barbara Nelson has been a key technical leader for more than 30 years. She was a major contributor into the WISPr standard, now used for Wi-Fi networks around the world. She is the CTO at Cirrent, where she’s building the world’s largest Wi-Fi network for connected products.