The EU Has Understood the Issue of IoT Security... Seriously
Originally published on July 13, 2018 by Patrick Gebhardt
Last updated on February 10, 2020 • 5 minute read
As we have already described in previous articles, the topic of IoT security is something that is explosive. Of course, if we live in a functional smart home at some point, we would like the devices that know everything about us not to fall into the hands of the bad guys. With the new EU-funded innovation project "Protecting Digital Industries" on security for the Internet of Things, the government wants to make the digital world safer. The project runs until December 2020 and is funded by the EU's Horizon 2020 research and innovation program. Fujitsu is in charge of the project.
By enabling automated risk management of IoT systems in automotive, manufacturing, health and other critical infrastructures, the European project addresses the challenges of diagnosing and reducing safety risks. The project aims at the edge of networks in particular, where many and confusing guidelines regarding IoT devices require a new approach based on automation and artificial intelligence. So far there are not really any results worth mentioning, but you can follow Fujitsu to make sure you don't miss anything. We' re staying on this one too.
The Declared Goal: Higher IoT Security
Fujitsu is working with other partners from nine EU countries under the Horizon 2020 program to develop solutions against harmful behavior of systems. The project is a joint effort of Fujitsu and other world leaders in IoT Services and Cyber Security. It should make the next generation of dynamic, decentralized IoT systems secure. To this end, research partners are developing a full range of scalable, open, data-driven endpoint security services around the concept of proactive IoT security.
With the help of big data and AI, the security behavior of IoT objects is to be anticipated and realistic industry 4.0 application scenarios developed. The solutions resulting from this project are designed to enable IoT platform vendors and device manufacturers to offer better and more secure products that meet existing and future security requirements.
What Is Possible?
A decisive question will certainly be which security and encryption options are offered by current IoT devices. Many of the IOT products currently available on the market are so simple and inefficient that a clean encryption is technically impossible; or they have so little storage space that a clean SSL implementation is not possible. Currently, if you want to be sure, you have to exclude some solutions from the outset.
Unfortunately, there are currently many IoT solutions on the market that really should not be exposed to the internet and can only be operated in an isolated environment. Many challenges to be solved and overcome. Since the respective product and its safety-relevant feature are of great importance for IoT security, it will be interesting to see to what extent Fujitsu brings productive knowledge into the project and how it advances this important topic.
By the way, Fujitsu got the described leadership position due to its Industry 4.0 activities and probably because of its new Industry 4.0 competence center in Munich. In it, Fujitsu's industrial IoT know-how, device management and services, as well as practical production experience are bundled.
IoT is entering nearly all aspects of life, so there is a need for a strong holistic approach and, among other things, to raise awareness of the need for IoT cybersecurity, to foster economic and administrative incentives for IoT security, and to clarify liability among IoT stakeholders. If you want to know more about IoT security from the EU's perspective, I recommend this press release from the end of last year.