Testing the Security of the Internet of Things
A new year, a new start—looking at trends and making resolutions for the year ahead are customary regardless of the domain in which we belong. Whether you are a trendsetter or someone who just watches trends, it is always exciting to see what’s in store for the year ahead. The information technology space has already seen many predictions for this year, and one that has been consistently showing up on the "it" lists is the Internet of Things (IoT) and its trends for 2017.
While we have always looked at the IoT from a consumer standpoint, a large market for IoT also exists in the industrial belt, which is expected to gain momentum this year. Leading global tradeshows, such as CES, are highlighting how IoT will grow this year to become omnipresent and how it will tie in with other technologies, such as virtual reality and artificial intelligence.
Leaving the excitement of what’s coming aside, it is not too hard to acknowledge that IoT is not a bed of roses. Specifically in the area of IoT quality, there are a lot of nuances around seamless integration of the various entities, performance issues, and data analytics. Most importantly, security issues can make or break market acceptance for IoT solutions.
While users are coming to terms with what IoT is all about and how it could be of use to them, anything that is just fancy but lacks robustness is certainly not going to be accepted right away. Even smartwatches have not fully won user confidence as users and experts believe that smartphones will still be the central hub for operating IoT applications.
If we think a lack of functional integration is the core reason for the disconnect, we may not be completely right. Transaction and data security is a big deal here. A single instance of a malware, a botnet, or a compromise in user data is all it would take to rock the core of the IoT for quite some time, making providers and users very conscious about the decisions they make.
The Open Web Application Security Project (OWASP) has issued guidelines for IoT security, as well as articles about IoT testing that highlight the need for security, security trends, and government mandates that may come about when handling sensitive user data.
Security testing as a quality attribute will gain a lot of prominence in app development again this year, more so for IoT applications where the scope for compromise is quite large.