Posts

UK Government Issues Regulations To Secure IoT-Connected Cars

Just days after the first ever bill on IoT security was submitted in the U.S. House of Senate for approval, United Kingdom becomes the second country in the league to create, and impose, security regulations for IoT connected cars in the country. This move by the UK government has not come being inspired by the US legislation on IoT, but due to a few attacks by the hackers on connected cars in the UK recently. One of the cars being targeted in the recent series of attacks on connected cars in the UK was a Tesla, an electric car made by the Tesla Inc., a company whose co-founder is the famous digital innovator Elon Musk.

The UK government’s overall security guidelines revolve around 8 fundamental principles for everyone to care about who operates a “smart” car. For a quick overview, here are those 8 principles the UK government has stressed for the security of connected autonomous cars in the country:

 

8 principles of IoT-connected cars cyber security

 

  1. Organizational security is owned, governed and promoted at board level.
  2. Security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain.
  3. Organizations need product aftercare and incident response to ensure systems are secure over their lifetime.
  4. All organizations, including sub-contractors, suppliers and potential 3rd parties, work together to enhance the security of the system.
  5. Systems are designed using a defense-in-depth approach.
  6. The security of all software is managed throughout its lifetime.
  7. The storage and transmission of data is secure and can be controlled.
  8. The system is designed to be resilient to attacks and respond appropriately when its defences or sensors fail.

 

Source: Principles of Cyber Security for Connected and Automated Vehicles by Government of the U.K.

 

These regulations do seem impressive, though! But there is something much more impressive than these regulations: Why IoT solution developers still lack in crafting as effective security protocols as the innovative IoT solutions they make? Mr. Clovis Lacerda of Parlacom Brazil, perhaps, has the right answer to this: “The core reason why IoT developers fail to cope with the security challenges faced by the IoT industry is their least preference to secure the IoT products, but more on developing quantities, which as we all know, always leads to lack of quality.”

We believe most of us who belongs to the IoT industry, in some way or another, must be in harmony with the words of Mr Lacerda. The expert advisors on IT and other technologies in the UK government might, perhaps, have the same reason; including the series of recent attacks, to recommend the Department of Transport U.K. that the time to regulate autonomous IoT-connected cars has come. Well, we hope that UK’s automated vehicles will become safer after these regulations being imposed, and with this, we are also sure of ushering into a new era in which IoT technology has started to take its official standards and legislatures for everyone to follow. This thing convincingly assures us that IoT is definitely here to stay, and stay it will for long!

The First Official Bill On IoT Security Is Submitted In The U.S. Senate For Approval

Well, looking at the rapid growth and futuristic predictions about the global rise of IoT technology, such a governmental-based legislation to secure Internet of Things was indeed overdue. Four U.S. senators: Mark Warner, Steve Daines, Cory Gardner, and Ron Wyden combinedly proposed the Internet of Things Cybersecurity Improvement Act of 2017 in the U.S. Senate for approval. Even though, the submitted bill only covers IoT-enabled devices that are officially in use for government-specific tasks, many proponents, and legal experts are appreciating this move and believe it will serve as a model for the corporate sector to follow soon. “I believe we are lucky enough to be on the brink of seeing IoT becoming an officially accepted and regulated field for each and all utilizers,” says Mr. Clovis Lacerda, founder of Parlacom Telecommunications Brazil, a mobile IoT/M2M services providers. This statement, as clearly as it is said, does hold genuine merit in it.

But let’s get back to the proposed bill IoT-CIA (short abbreviation of the long name) for the time being. The bill chiefly introduces a set of rules as a “standard” for all kinds of IoT devices that are installed on the sensitive U.S. government networks. Some of the core fundamentals presented in the bill were: IoT devices must not have fixed passwords and should have verified software as well as no loopholes in hardware. The bill further states that only authenticated updates and security patches can be added to government IoT devices, among the various requirements proposed for IoT security in the bill. The bill is expected to make notable adjustments to other related in-practice legislations like the Digital Millennium Copyright Act (DMCA) & Computer Fraud and Abuse Act (CFAA), and will likely to remove certain legal limitations for security analysts/researchers.

IoT, which was coined first in the 90s, only started to get the recognition it deserved until recently when technologists started to envision a “Digital Revolution” which will transform the world completely into a digital powerhouse, one in which every device and machine will be connected and controlled by the web-based networks and cloud services. However, along with this amazing technology’s rapid growth also comes to some grave security concerns as well. These security concerns were mainly found in accessibility, management, and processing of IoT hardware and software. For example, eliminating the fixed-password issue in IoT devices can alone significantly enhance the security level.

IoT hardware shipped with default passwords programmed within the machines has higher chances of being compromised by an unethical person. The IoT-CIA has addressed this issue neatly in its proposition, which will help regulate low-quality IoT device encryption and force IoT hardware manufacturers to follow the said pattern strictly. Other regulations provided in the bill are also quite significant in enhancing and making IoT more secure. However, the approval is still pending, and even if approved it will be quite U.S. government-specific law. The thing which will be quite exciting to anticipate is to see how major IoT solutions provider take inspiration from this law, once it is being implemented.

Whatever might be the outcome, one thing is highly for certain: The days of IoT technology becoming an official part of “everyday technology” has clearly arrived. Hopefully, after the U.S. government taking up and implementing IoT security code of conduct within their infrastructure, we have every good hope that this will become the role model for all the IoT providers to follow, making IoT safer and easier for all of us, in the end, to use.

A Parlacom Brasil Apoia a Iniciativa do Governo de Impulsionar o Crescimento da Produção Automóvel

eículos inteligentes, carros híbridos e elétricos são apenas uma das muitas tendências em tecnologia. E, embora não a primeira no Brasil e na América Latina, o governo brasileiro quis fazer parte deste mercado promissor, prometendo incentivos para os fabricantes de veículos híbridos e elétricos no início da cerimônia do Salão Internacional do Automóvel de São Paulo na última quinta-feira. O evento, que vai acontecer até 9 de novembro, foi inaugurado pelo Ministro do Desenvolvimento, Indústria e Comércio Exterior, Mauro Borges, e deverá atrair cerca de 800 mil pessoas do Brasil e de toda a América Latina.

O Brasil é um dos maiores mercados automóveis do mundo e um dos maiores fabricantes de veículos do mundo. No entanto, 2014 foi um pouco decepcionante para a maioria dos principais intervenientes do país. No entanto, Borges disse que o Brasil irá fazer ajustamentos na área econômica para retomar o crescimento sólido que ele apontou como essencial para a fabricação de veículos. Ele está confiante que o crescimento econômico do país será retomado em 2015, o que coincide com o início do mandato da presidente recém-eleita Dilma Rousseff. E a iniciativa tem como objetivo estimular o crescimento econômico do país e manter a produção automóvel.

” Temos de trabalhar para estimular a cadeia de tecnologia. O governo da presidente Dilma (Rousseff) vai trabalhar para incentivar os automóveis híbridos e elétricos,” disse Borges. A fabricação e produção de veículos, e o seu efeito sobre a versatilidade urbana foram as primeiras questões que tiveram a atenção das autoridades e dos administradores do setor de veículos no primeiro dia do referido evento. O Prefeito de São Paulo, Fernando Haddad, até iniciou uma verdadeira campanha para estabelecer a bicicleta, pistas de ônibus e outras opções de transporte.

A produção de veículos e seu impacto na mobilidade urbana foi um assunto abordado por autoridades e executivos do setor automóvel no primeiro dia do encontro em São Paulo, onde o Prefeito Fernando Haddad deu início a uma verdadeira cruzada para estabelecer ciclovias e pistas de ônibus designadas.

Clovis Lacerda, fundador da Parlacom Brasil, um dos maiores fornecedores de soluções máquina-a-máquina (M2M) jo país, apoia a iniciativa do governo. “Com milhares de fabricantes, fornecedores, desenvolvedores e programadores de vários setores, todos com o objetivo de conectar tudo a uma rede das coisas, conhecida com a Internet das Coisas (IoC), não é uma surpresa que a comunicação M2M esteja na vanguarda de tudo isso”, ele disse.

Lacerda observou ainda que isto será uma grande oportunidade, não só para os fabricantes de veículos mas também para os fornecedores e operadoras de soluções M2M. “Todos podemos tirar partido desta oportunidade e aproveitá-la para sustentar o crescimento na produção automóvel, bem como expandir em outros mercados verticais como a Telemática e Serviços de Rastreamento, Serviços de Informação e Lazer de Veículos e Serviços de Carro Conectado.