IoT-Armor: An IoT Secure-by-Default Educational Toolkit
Lead Participant:
THE UNIVERSITY OF WEST LONDON
Abstract
IoT devices have become ubiquitous in our environment, becoming an integral part of our daily routines. The sheer quantity of these devices has surged, from 3.8 billion in 2021 to an estimated 30.9 billion by 2025\. This proliferation has brought with it a significant rise in vulnerabilities, with estimated annual losses reaching a staggering $116 billion by the close of 2023\.
These vulnerabilities can be largely attributed to the simplified architecture of IoT devices and the limited grasp of security principles by both device manufacturers and application developers. The IoT Security Foundation has pinpointed the root cause of these issues as the absence of sound security design principles. These findings closely align with the UK Government's Code of Practice for Consumer IoT Security, which underscores the imperative of incorporating Security-by-Default principles during the manufacturing of such devices. Yet, despite the clear identification of this problem, there remains a conspicuous knowledge gap in effectively implementing these Security-by-Default principles.
Enter IoT-Armor, aimed at filling this void. We have pioneered an innovative solution that bridges this market gap by providing comprehensive training materials, equipping individuals to not only comprehend but also adeptly apply Security-by-Default principles. What sets our approach apart is our utilisation of readily available hardware, complemented by our custom firmware. This ensures that our training resources are universally applicable and free from dependence on specific hardware. Moreover, our meticulous alignment of training content with the Code of Practice for Consumer IoT Security guarantees that our clients remain in compliance with potential government guidelines, regulations, or standardisation. In essence, this means our customers can confidently navigate evolving security requirements knowing that they are well-prepared.
These vulnerabilities can be largely attributed to the simplified architecture of IoT devices and the limited grasp of security principles by both device manufacturers and application developers. The IoT Security Foundation has pinpointed the root cause of these issues as the absence of sound security design principles. These findings closely align with the UK Government's Code of Practice for Consumer IoT Security, which underscores the imperative of incorporating Security-by-Default principles during the manufacturing of such devices. Yet, despite the clear identification of this problem, there remains a conspicuous knowledge gap in effectively implementing these Security-by-Default principles.
Enter IoT-Armor, aimed at filling this void. We have pioneered an innovative solution that bridges this market gap by providing comprehensive training materials, equipping individuals to not only comprehend but also adeptly apply Security-by-Default principles. What sets our approach apart is our utilisation of readily available hardware, complemented by our custom firmware. This ensures that our training resources are universally applicable and free from dependence on specific hardware. Moreover, our meticulous alignment of training content with the Code of Practice for Consumer IoT Security guarantees that our clients remain in compliance with potential government guidelines, regulations, or standardisation. In essence, this means our customers can confidently navigate evolving security requirements knowing that they are well-prepared.
Lead Participant | Project Cost | Grant Offer |
---|---|---|
THE UNIVERSITY OF WEST LONDON | £59,933 | £ 59,933 |
  | ||
Participant |
||
INNOVATE UK |
People |
ORCID iD |
Waqar Asif (Project Manager) |