Device Lifecycles: Managing IoT Devices from Birth to Renewal

Figure 1: The device lifecycle process

With IoT devices, perhaps more than any other category, the phrase “baked in” has become synonymous with the approach required to ensuring each individual unit can be kept secure from the time it is manufactured to its end of life. Its meaning is that security should not be considered as an afterthought or an add-on feature but instead must be an integral part of the device's architecture and functionality. It begins with a secure-by-design approach that pays proper attention to security threats and effective defences from the early stages of development. This includes incorporating security features, implementing secure protocols, and conducting threat modelling and risk assessments.

Hardware-based security, leveraging components such as embedded secure elements (eSE) or trusted platform modules (TPMs), provides secure storage of cryptographic keys and credentials such as device identity, as well protecting boot processes and facilitating secure communication. In addition to benefiting from immutability, reliance on hardware components also overcomes the shortage of processing power, typical in IoT devices, that often prevents using complex software security algorithms.

Embedded security also encompasses the use of strong encryption protocols, such as Transport Layer Security (TLS), to ensure secure communication with other devices and backend systems.

Protecting firmware and software calls for the use of secure coding practices, with regular security testing and code reviews. Vulnerabilities must be swiftly addressed through patches and updates. It is also important to minimise device attack surfaces, by analysing and designing-out possible entry points or vulnerabilities and using secure memory management and input validation.

A mechanism for regular, secure firmware updates is also essential, to address security vulnerabilities and patch any security flaws. This usually requires a secure method for distribution and installation, such as over-the-air (OTA) updating with on-device firmware to check the authenticity and integrity of the code. Best practice is to check the code when the update is received and as part of secure boot-up each time the device restarts.

Supply-Chain Management

A comprehensive approach to device lifecycle management should also encompass supply-chain aspects such as the procurement of devices and testing against the specifications and standards for each, as well as logistics and distribution. This includes delivering IoT devices to various locations for deployment. As with manufacturing any other electronic devices, maintaining vendor relationships, quality control, and inventory management to avoid stock outages or excess inventory are important aspects of device management. Maintaining high standards of quality control prevents faulty or defective products reaching the market and ensures that IoT devices meet the specified standards.

Underlying everything, protecting the IoT devices and the data they contain – including intellectual property and any security credentials loaded at the time of manufacture - against malicious interference is extremely important throughout the entire supply chain.

One aspect that must be accounted for is unauthorized production. As an OEM, you typically want to be monitoring the actual number of devices that are effectively manufactured by your contracted partners. Making sure that the device is imprinted with a digital identity for which you or someone you trust controls the issuance is blocking unauthorized production attempts.