A university project aims to build a lightweight virtualization architecture that can be used to bake cybersecurity into connected systems from the design phase.
Sourced through Scoop.it from: nakedsecurity.sophos.com
The National Security Agency (NSA) is paying to build backdoors security into the Internet of Things (IoT). (Granted, it’s not like we can presume that the NSA wouldn’t build in backdoors, given the history of backdoors in iPhones, iPads, and routers, et al. But as Naked Security’s Mark Stockley pointed out at the time, why would the NSA bother to build in back doors when so many IoT devices are wide open anyway?) The NSA is backing The University of Alabama in Huntsville (UAH) with a one-year, $299,622 grant, the aim of which is to build a lightweight virtualization architecture that can be used to build cybersecurity into IoT systems. And oh, what a dizzying array of systems that’s growing to encompass, given that just about anything can be made “smart” by connecting it to the internet. Some of the smart things that, if appearances don’t deceive, well may have had security tacked on as an afterthought instead of baked in from the design phase:
* Cars that have been remotely hacked;
* Planes found to be vulnerable to remote takeover;
* Industrial control systems (ICS/SCADA), including one car insurance company’s dongle that tracks drivers’ locations and driving habits and also, whenever possible, collects, transmits and stores the places drivers have been;
* Connected-home gadgets; and even
* Vending machines.
The architecture, which UAH will begin to work on in a few days, is called Dielectric. Dr. David Coe, the principal investigator and an electrical and computer engineering researcher, said that the aim is to incorporate cybersecurity into the product design phase.