This week we sat down with our Senior Director of Security for a quick conversation about the biggest security challenges IoT projects present, how Pelion thinks about security and governance and to get his top tip for organizations working on their own IoT project.
If you don’t feel like reading the conversation you can just watch it below.
Please introduce yourself and your role at Pelion
My name is Hagai Bar-El I’m senior director of security for Pelion. My primary responsibility is product security, governance and leadership of the security group.
What are the biggest security challenges for IoT projects?
OK, so one of the biggest problems with security in general is that of coverage. Security is unlike other areas of engineering. I mean in general, in engineering you design one phase at a time. You remove abstraction layers in the engineering process. So, for example, you have product requirements, then you have the system specification, then HLD, LLD, etc. So this way you know when you’re done, it’s crystal clear when your objectives are met. Your code meets spec, that spec meets the earlier spec, the spec that came before it, and so forth.
Uhm, as opposed to that in security, there is one phase in the engineering process which is just not linear. This is the phase at which you move from the descriptive security objective level to the prescriptive engineering language that’s required to get things done eventually. So this is where security is art as much as it’s science, and that’s also why security often breaks. For example, that phase in engineering is where a generic objective like that of “users have to be properly authenticated” is translated into specific authentication schemes along with their implementation considerations. And that’s true for security in general, but in IoT the situation is yet even more critical because IoT systems are a heterogenous and they are inherently complex, so this challenge manifests itself in more places.
In in security in general, you don’t really know when you’re done. And one obvious problem it causes is that you often stop too early and leave holes behind. Another problem is that it crushes your appetite to improve and for engineers to actually follow you. What kind of leader are you if you keep asking for more and more. You’re never satisfied with what you get and you cannot really ever report how far off you are. So that’s that’s the biggest challenge with security. It’s the challenge of coverage.
Tell us about Pelion’s approach to security
So in Pelion we treat product security governance as science. I mean we use a mechanical, almost algorithmic approach to product security governance. We know at every moment where we stand, even for very large projects. So for example, we know what our measurable risks are and what our non-measurable risks. We algorithmically measure our posture and then we can demonstrate it, and demonstrating it is very important. Security has to be seen. Security, which is all about prevention is almost impossible to prove, so security, as I normally say so please don’t laugh, is half about technology and half about scientific storytelling.
Testing or treating in general product security governance as science doesn’t only improve security, it improves the confidence in the IoT deployment process and this is confidence that’s required for large IoT projects which are always high risk.
What is your top tip for organisations developing an IoT project
So I actually have two top tips if I may.
One is work in an organized fashion. I mean don’t produce endless lists of security requirements, but have a solid structure of what you want to achieve, and then you move to how without ever mixing the two. That’s I think the most important part, particularly for large complex projects where the lists are endless and they are never done.
Which brings me to the second tip.
Be prepared that most of your security requirements are not implemented all at once. You have to be able to tell the implication of all that’s imperfect at any moment of the project process. If your security management is focused on perfection, then you’ll get perfection indeed, because your project would just never be launched. So have a security governance process in place that truly recognizes that security is something that you will never be done with.
So I guess that second tip boils down to, know how to be properly imperfect by design.