ARM acquisition highlights quest to embed IoT security

Chip makers such as ARM and Intel are working to improve security in software and hardware

internet of things control touch user
Credit: Thinkstock

ARM's acquisition of Dutch company Offspark shows how chip vendors intend to integrate more security features into their software and hardware to help keep the Internet of Things safe.

Vendors have to get security right if IoT to take off on a larger scale. Security is the most fundamental aspect to ensuring people trust IoT technology and that is only possible with a tailored solution, according to Offspark CEO Paul Bakker.

Offspark made a name for itself with the company's PolarSSL technology, which is used to protect traffic from sensors, modems and smartphones. Renamed as ARM mbed TLS, it will be integrated with ARM's mbed OS to protect traffic from devices powered by the platform. The technology will complement Cryptobox, which protects the applications.

The mbed OS was launched in October and will be available under an Apache 2.0 license toward the end of the year.

ARM isn't the only chip maker that's pushing IoT security. Intel is going down the same route with features such as Enhanced Privacy ID, which the company made available for other chip makers to implement in December. The feature makes it possible to implement a hardware-based identity that can be used for authentication.

Protection won't come just in the shape of hardware and OS functionality. In December, Intel's McAfee division also introduced Enhanced Security for Intel IoT Gateways, which adds better security management functionality for gateway devices. The gateways play an important role in protecting older systems that are connected to the Internet for the first time.

Because of the large number of devices that are expected to become connected, getting the management right is as important as the underlying infrastructure. For example, if systems can't be updated quickly to close security vulnerabilities, hackers will have a field day.

In the end, securing IoT installations will be a challenge for vendors and enterprise IT staff.

Market research firm Gartner's advice to CISOs is to start small and develop initial security projects based on specific IoT use cases. They can then build on what they learn to best protect a wider variety of systems. Fortunately, many of the security requirements for the IoT will look familiar, the market research company said.

Send news tips and comments to mikael_ricknas@idg.com

To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Windows 10 annoyances and solutions
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.