You’re probably tired of hearing me say it, but it can’t be stressed enough—security must be paramount in your design, whether it’s a financial system, a medical device, or a home-automation product. Don’t get caught closing the barn door after the cows have left, or whatever that saying is.
In attempt to shut that barn door, so to speak, the Z-Wave Alliance has announced some new security requirements for any IoT devices that comply with its standard. Z-Wave is a communications protocol that allows all types of home-automation products to interact seamlessly. This could include anything from thermostats and garage door openers to lights, locks, and alarm systems.
The Alliance’s Board of Directors recently mandated that all devices receiving Z-Wave Certification after April of next year must include the latest Security 2 (S2) framework, what it deems as the industry’s strongest levels of IoT security. This affects mostly smart-home devices and controllers, gateways, and hubs.
The S2 framework was developed by the Alliance, but with the help of leading cybersecurity hacking experts. If followed correctly, S2 removes the risk of networked devices being hacked, in theory at least, in their communications between the devices and the cloud.
By using a QR or pin-code on the device itself, the devices are uniquely authenticated to the network as well. This should thwart common hacks. In addition, for further protection, Z-Wave strengthened its cloud communication protocol, enabling the tunnelling of all Z-Wave over IP (Z/IP) traffic through a secure TLS 1.1 tunnel.
- Dev Tools & OS
- Machine Learning
- Reference Designs
- Dev Kit Selector
- White Papers
- Webcasts & Events
- Product Search
- Embedded World 2018
Manage and update your vehicle fleet remotely and (more importantly) securely
If I had to pick one technology that got more than its share of attention at CES, it would be automotive. T...
Subscribed! Look for 1st copy soon.
Error - something went wrong!
We also recommend:
Free or not free; that is the question
There really are no free development tools. Here’s what you need to consider when choosing development tools for your next project.
AdaCore Technologies for cyber security, part 2: The challenge of secure software
This article considers why building and operating secure computer systems appears to be so difficult, as evidenced by the frequency and magnitude of attacks reported in the media.
AdaCore Technologies for cyber security, part 1
We're all serious about security, some more than others. This first in a series of articles on cyber-security shows that it's really necessary and it's really possible to be secure.
Cybersecurity for Automobiles: BlackBerry’s 7-Pillar Recommendation
As vehicles become increasingly connected and reliant on software, new threats emerge. To address these concerns, help mitigate security risks, and build the foundation for a reliable and secure car,
IoT Design Guide 2018
With increasing desire to move more intelligence and connectivity closer to the edge of Internet of Things networks, industry is pushing through the fog and towards mist computing.
Five Minutes with… Stefan Skarin, CEO, IAR Systems
The news from IAR is that they acquired a 100% stake in Secure Thingz, a provider of advanced security solutions for embedded and IoT systems.
Using Java in Safety-Critical Applications ISO 26262 Certification for Real-Time Java Code
Though conventional Java is fine for applications that do not have a time bound, i.e., do not have real-time requirements, it should not be used for control applications.
Take our reader survey, win a $50 Amazon gift card
It only takes a few minutes and you'll help our team deliver relevant and engaging content.
Adacore discusses "Make with Ada" challenge and new product announcement at #ARM TechCon 2017
Jamie Ayre with Adacore talks to Rich Nass with Embedded Computing Design about the ``Make with Ada'' challenge that occurred earlier this year. The contest aimed to help the embedded software communi
IAR Systems discussing safety and security at #ARM TechCon 2017
SANTA CLARA, CA -- Stefan Skarin, CEO at IAR Systems, talked to Rich Nass with Embedded Computing Design at ARM TechCon 2017 about safety and security. Stefan discusses code quality, security for deve
Wibu-Systems Launches CodeMeter Cloud Licensing Platform
Cloud Licensing Technology to be Showcased at SPS IPC Drives November 28-30, 2017 in Nuremberg, Germany
Advantech and IGEL Offer Easy-to-Manage Cloud Computing Solutions for the Healthcare Sector
Simple Endpoint Management and High-Performance Hardware Combine to Support Demanding Hospital Applications
Learn how to keep IoT devices secure – from design to decommission
In this final class, we will cover the critical aspects of how to test and deploy our IoT solution, and how to keep it secure and operational through ongoing monitoring and maintenance.
Have we forgotten what the ancients taught us in building defense systems?
I find the multilayered defense system built into many ancient forts fascinating. Fort Dún Aonghasa in Ireland is a great example of how a multilayered defense system was used.
SecureRF and Intel deliver future-proof FPGA security
Identifying secure firmware update mechanisms and open source options for embedded Linux devices
The traditional, and best-until-proven-otherwise way of updating an embedded device is performing a whole image update. In baremetal devices, this would be the whole image with all the device firmware
Skkynet to Hold OPC UA Sandpit Event in Osaka
Technology providers from six countries gather in Japan to demonstrate secure Industrial IoT cloud connectivity for OPC UA products.
Demystifying Hardware Full Disk Encryption Technology for Military Data Storage
NAND flash media reliability concerns have largely been addressed through (1) advances in error correction code (ECC) and wear leveling algorithms and (2) NAND flash over-provisioning.
A Low-risk, COTS Approach to Building Safety Certifiable Processing Subsystems
How to affordably decrease safety critical processing subsystem development time and program risk using DO-178 / DO-254 certifiable off-the-shelf building blocks.
Learn how to design safe, secure, and reliable IoT critical infrastructure systems