An Internet of Things Reference of Architecture

The Internet of Things (IoT) already helps billions of people. Thousands of smart, connected devices deliver new experiences to people throughout the world, lowering costs, sometimes by billions ofdollars. Examples include connected cars, robotic manufacturing, smarter medical equipment, smart grid, and countless industrial control systems. Unfortunately, this growth in connected devices brings increased security risks. Threats quickly evolve to target this rich and vulnerable landscape. Serious risks include physical harmto people, prolonged downtime, and damage to equipment such as pipelines, blast furnaces, and power generation facilities. As several such facilities and IoT systems have already been attacked and materially damaged, security must now be an essential consideration for anyone making or operating IoT devices or systems, particularly for the industrial Internet.

How can anyone secure the IoT? IoT systems are often highly complex, requiring end-to-end security solutions that span cloud and connectivity layers, and support resource-constrained IoT devices that often aren’t powerful enough to support traditional security solutions. There is no single silver bullet. Locking doors but leaving a window open isn’t enough. Security must be comprehensive or attackers simply exploit the weakest link. Of course, traditional Information Technology (IT) systems often drive and handle data from IoT systems, but IoT systems themselves have unique additional security needs. Fortunately, IoT security can be covered with four cornerstones: Protecting Communications, Protecting Devices, Managing Devices, and Understanding Your System

These cornerstones can be combined to form powerful and easy-to-deploy foundations of security architectures to mitigate the vast majority of security threats to the Internet of Things, including advanced and sophisticated threats. This paper describes these cornerstones, their necessity, and strategies for easy and effective implementation. No single, concise document can cover all of the important details unique to each vertical. Instead, this paper attempts to provide advice applicable to all verticals, including automotive, energy, manufacturing, healthcare, financial services, government, retail, logistics, aviation, consumer, and beyond, with examples spanning the majority of these verticals. The cornerstones themselves can be described briefly.