How To Approach Security for Supply Chain IoT

IoT applications are moving from science fiction to reality, and with that transition comes questions around security. If you search the web for "IoT" and "security" you get a lot of links, but almost all of them focus on consumer use cases like connected toys, wearables, and all those webcams that brought down the internet last year. For the many companies considering IoT applications in the supply chain, what are the concerns?

Don't get distracted by webcam stories. Focus on two topics: 1) potential harm and 2) access to the device and data.

Consider The Consequences

Articles about consumer IoT security focus on privacy concerns (wearables, kids' toys) or co-opting devices for other purposes (attacks on infrastructure, crypto-mining). Since most supply chain devices aren't directly connected to the public internet, these aren't generally the concerns for supply chain IoT applications. In supply chain we're primarily worried about espionage or data corruption - either someone steals your data or they replace it with bad data without you knowing.

Espionage means someone simply steals the data, whether from the device itself or from the communications system that transfers the data. To prevent this theft, the device needs to be hard to physically get data from (possibly by simply preventing physical access) and the data in transit needs to be encrypted in some fashion.

Data corruption requires what security researchers call a "man in the middle" attack - someone intercepts your data, changes it, and passes it on to you without you knowing. So you should consider how easy it is to alter data on the device or intercept data from the device - does it pass through many unknown people's hands (for example, Bluetooth to an application running on the driver's smartphone) or on a more secure process (encrypted uplink to a satellite or passed through the cellular network).

Evaluating these risks requires understanding whether someone can access the device, either physically or through the network.

Access To The Device And Data

For many supply chain applications, unauthorized physical access is challenging. Trackers are shipped with the inventory, for example - so if someone has physical access to the tracker, they already have their hands on your goods. At that point your problem is, "why is that person touching my stuff", not "is my tracker okay". Keep your eye on the prize, as they say.

Network access is more complex, since it depends on what sort of tracker you use. Most supply chain tracker use one of four communications systems: Bluetooth, Wi-Fi, satellite, or cellular. Among these options, cellular and satellite are more secure by design since both rely on proprietary encrypted communications. Yes, a cellular signal can be intercepted by an evil-doer with expensive specialized equipment if they are in close proximity to your goods, but now we're talking about someone with specialized gear driving behind your truck to jam or intercept the signal from your tracker. Moreover, even if they succeed, they've only affected a single device, not the system as a whole. As I pointed out earlier, you need to focus on the most likely scenarios.

Bluetooth and Wi-Fi, being open standards, are in a different security class. In both cases, there is a tradeoff between ease of use and security. For both, there is the "zero security" option which lets the device connect to any available signal (this probably seems like a bad idea to you, too). Then there are increasingly complex options that provide greater security, but at the cost of ease of deployment and maintenance. You can read about Bluetooth options in and article called "Introduction to BLE security" and about the Wi-Fi options in an article titled "Wi-Fi Access For Internet of Things Can Be Complicated".

Security Best Practice: Focus On Your Specifics

Despite sharing a label, IoT solutions are not all the same and need to evaluated separately. If you focus on the specific risk to your business, and the specific ways someone could attack your IoT system, you will quickly move away from headline-grabbing stories and into the tradeoffs for your specific system, which is how it should be. By understanding the potential threats to your business and the potential ways someone could use your IoT solution to harm you, you’ll be able to perform a realistic risk assessment and decide for yourself what type of solution, if any, is right for your organization.