What to look for in IoT devices

There’s no such thing as ‘one size fits all’ when it comes to IoT devices. Each solution has its own demands. But they also have requirements in common such as high-availability and cyber-resilience and those call for a range of security, reliability and redundancy measures in your IoT devices. This is a guide to IoT device requirement specifications that you can use as a framework to discuss with your provider as you make your design decisions.

IoT devices are often highly distributed and operate in diverse environments, making them particularly vulnerable to cyber threats and potential downtime. There are often constraints on costs and resources when devices are considered so compromises are sometimes made. However, those compromises must be very carefully considered. The decisions made at the IoT design stage have a big impact on availability and resilience against outages, further down the line.

Discover how to achieve high availability and cyber-resilience in IoT. Download guide.

IoT device capabilities for resilience against outages

IoT downtime can be caused by a range of factors that can affect your devices, network connections, cloud environment and operational processes. Each of these elements of your IoT solution must be designed for maximum resilience because downtime disrupts operations and can have a catastrophic financial and reputational cost. 

The capabilities you should look for in your IoT device can be categorised as security, performance and data management, backup and testing, and compliance.

Security

You must have robust IoT device security. All connected devices are at risk, perhaps IoT ones especially because they are generally unmanned and geographically spread. Insist on:

• Secure boot and firmware integrity – to ensure only trusted, signed and authenticated firmware can run on the device; regularly verify the device’s firmware integrity and provide secure mechanisms for over-the-air updates
• Device authentication and identity management – unique device identities help prevent spoofing. Look for a hardware root of trust and mutual authentication protocols that establish trust between devices and servers
• Data encryption – use strong encryption algorithms, secure communication channels for data in transit and end-to-end encryption
• Patch management and vulnerability updates – have robust processes for delivering secure firmware patches, and automated patching mechanisms where possible. Ensure you can rollback firmware updates if there is an issue
• Device access control – use multi-factor authentication and have role-based and least-privilege access control
• Resilience to physical attacks – embed tamper detection mechanisms and protect internal components with tamper-resistant enclosures. Use an embedded SIM (eSIM) where possible
• Security and privacy by design – security and privacy must be factored in at the earliest design and development stage
• Third-party component security – make stringent security checks throughout the supply chain and vet third-party components
• Real-time monitoring and threat detection – build-in intrusion detection and prevention systems and monitor device health in real-time.

Performance and data management

Reliability and resilience are not a question of chance. You can plan and prepare for them. How you manage data and optimise performance is another part of the picture. Plan for:

• Antenna design and positioning – you want optimal signal strength and coverage however you are connecting. Strategic positioning minimises interference and signal obstructions
• Resilient network communication - multi-network, multi-IMSI SIMs and/or eSIM, iSIM solutions maximise control and the ability to switch between network providers as needed. Network failover systems help with service continuity, while operating IoT devices on segmented networks protects critical devices and limits exposure to other vulnerabilities
• High-availability through edge computing and decentralisation – offloading critical processing to the edge minimises latency and maximises availability should cloud services be unavailable, while decentralised data storage (such as distributed ledger technologies) helps with data integrity and availability if a central server is compromised
• Device and data lifecycle management – have configurable data retention policies, enable self-recovery from failure states and securely erase data when a device reaches end-of-life.

Backup and testing

Be resilient in your approach to devices and your IoT solution will be more resilient for it. Adopt:

• Fail-safe and redundancy mechanisms – avoid single points of failure with redundant hardware components such as communication paths interfaces and dual power supplies. Ensure devices can still operate if some components fail and include back-up power sources
• Testing and quality assurance– identify potential vulnerabilities through regular testing; stress-test under high-load conditions or network outages and seek certification from trusted third-party security authorities.

• Compliance with industry standards and regulations - follow GSMA TS.34 (IoT device connection efficiency guidelines) and ensure devices comply with appropriate ISO, NIST and ETSI standards for data and cybersecurity.

As this article shows, there is a lot to securing IoT devices and optimising resilience, but it is all important to reduce the risk of outages. And this isn’t the full extent of what you must do either. There are additional best practice measures for end-to-end IoT resilience – find them in our comprehensive guide. It explains what networks and operational processes, as well as devices, need for high availability and resilience. Get it for free for:

• a list of regulations at play
• a detailed set of questions to ask your prospective IoT communications service provider
• a summary of available wireless technologies and their suitability for different use cases
• design considerations to maximise security
• advice on what devices should do to recover from an outage.

The guide also covers advanced network and SIM capabilities that help meet resilience aims and achieve compliance and competitive differentiation.

Wireless Logic can help you with secure and seamless IoT services, so you can focus on what matters most – your business. Talk to the Wireless Logic experts and start your free trial.