The need for protection in a smart home
A home is a place, for many, of peace and security. However, what happens when security is at risk because of smart appliances in the home?
What does a smart home look like?
A Smart Home is one in which one or more appliances can be controlled remotely or by computer. Once seen as science fiction, today, an increasing number of homes have one or more smart appliances. Some smart appliances offer narrow, but useful capabilities – such as smart energy meters that can be read remotely. Others, change the way we live life – such as video doorbells and smart lockers for deliveries.
According to MarketsandMarkets, the smart home market is expected to be worth $76.4 billion by 2026. This growth is partly fuelled by Government regulation in areas such as smart meters, and the desire to combat rising energy prices. The broader growth in smart appliances is down to a combination of ubiquitous wi-fi, and the ability for manufacturers to differentiate their products to meet changing consumer lifestyles.
From a security perspective, the introduction of smart devices into the home opens the opportunity for exploitation, as hackers focus their attention on these products.
Growth of smart meters
A smart meter is a device that connects to a domestic utility supply and measures usage and patterns of energy, such as gas and electricity. The device allows customers to see their usage in real-time & costs via an In-Home Display (IHD), which ensures transparency between the energy companies and their customers. Not all smart meters are equally smart. Many can report back to the Energy providers on usage. This allows much more detailed reporting and control, based on usage over time.
The smart meter is a growth area for the energy industry. The UK government has mandated that energy suppliers provide their customers with a smart meter. In emerging markets, such as Southeast Asia, there is a heightened need, because it allows energy providers to monitor potential theft of energy.
Smart meters in emerging markets also provide a more flexible opportunity to pay for energy as it is used, making it easier for many people to keep on top of their finances. With the global cost of energy predicted to increase for many people, the need to control finances and cut costs is needed now more than ever.
With any connected device, there is a risk of hacks or cyber-attacks. The smart meter is no exception to this risk. If a smart meter was to be hacked, then it could be manipulated to change, or even reduce, the amount of electricity consumed. This could be simple fraud to benefit the householder, for example, under-reporting. However, if data from smart meters was to be fed back to suppliers to manipulate markets and influence spot pricing, or even electricity distribution, then the implications would be far more severe.
The rise of the video doorbell
The video doorbell is quickly becoming a staple device in homes. The ease of seeing who is at your door and communicating with them, without having to be there, makes it attractive to those who are not always home. These devices have the added benefit of deterring thieves and making homeowners feel secure. Recorded footage is often used as evidence to prosecute criminals.
In a 2021 study by Emergen Research, the market was worth an estimated $1.59 billion in 2020 and is forecast to grow rapidly. In this competitive market, enhancements and improvements are completed through technological advancements. Ensuring technology keeps up with customer demand.
A video doorbell, although a valuable tool at deterring and preventing theft, comes with its own security risks. A hacked device becomes a tool for the burglar or voyeur. As many of these devices are linked to cloud accounts and use web-based storage for video files, there is a further risk related to personal information stored in these ways.
A safe home, peace of mind
People want to feel safe at home, and many invest in burglar alarms and other deterrents. This is encouraged by police and insurance companies and can be an effective way to reduce crime.
Unsurprisingly burglar alarms themselves are increasingly ‘smart’ with many linked to cloud accounts, with a significant cross-sell of video doorbells and other smart home technology. Modern smart security equipment is typically based around discrete Wi-Fi cameras and AI ‘human’ detection. This is opposed to wired passive infrared sensors, which are expensive to fit and prone to false alarms caused by pets and other movements.
The threat to security in the home and networks
A Connected device is, by its very nature, more prone to cyber-attack than a non-connected one. Put simply, the connectivity provides new attack surfaces; a way in which a compromised device may harm, and a means for an attacker to upload any data they capture. That does not mean we should ban smart devices – but it does suggest we need to look seriously at the potential security concerns they introduce. This is to ensure that they come with strong and embedded IoT security as standard.
How Trustonic can help
Trustonic’s TEE, Kinibi, is designed to support attestation services that have been popular in the Mobile and Automotive industry. Attestation enables a device to prove to a server that it is genuine and authorised to connect to its service. It presents embedded cryptographic keys that are paired with those stored on the server. Attestation protects consumers and vendors against counterfeit devices. An introduction to device attestation can be found here.
It is also important to ensure when selecting a security solution that it comes with some form of certification from a recognised independent 3rd party testing house. This will help to ensure that it not only does what it claims but has also been thoroughly tested for a wide range of common vulnerabilities.
Over the last few years, this has become increasingly important for IoT devices. Governments around the world are implementing new legislation to ensure a minimum level of cyber security protection. For example, the UK’s Product Security and Telecommunications Infrastructure Bill and the US IoT Cybersecurity Improvement Act of 2020.
Trustonic uses the Common Criteria Evaluation Assurance Level, and the latest version of our TEE is currently undergoing EAL 5+ certification. Our security certification whitepaper explains all in detail.
Trustonic’s Kinibi TEE is designed to provide IoT devices with a robust foundation of trust that can protect user data and device secrets such as biometric signatures. Kinibi has achieved industry-leading certifications to provide device manufacturers with peace of mind on behalf of their customers. With more than 2 billion deployments across mobile, IoT, and Automotive, OEMs (Original Equipment Manufacturers) know that they are leveraging proven robust security for today and into the future. Kinibi also supports a wide range of trusted applications and a complete developer tool chain. This enables OEMs to provide security for their unique applications and services.
With more than 150 patents registered and partnerships with global leaders, you know that you will be working with an industry leader.