The following is a list of security recommendations and ideas that have traditionally worked. Again, it is important to have a blanket of security:
- Use the most current operating system and libraries with all relevant patches
- Use hardware that incorporates security features like Trusted Execution. Environments, Trusted Platform Modules, and non-execute spaces.
- Obfuscating code in the hopes a hacker will not reverse engineer it is relatively useless. Sign, encrypt and protect your firmware and software images, especially those freely available on a company website.
- Randomize default passwords.
- Use a Root of Trust and secure boot to ensure you have a "golden" image of software running on a customer device.
- Eliminate hardcoded passwords in ROM images.
- All IP ports must remain closed by default.
- Use Address Space Layout Randomization, Stack Canaries, and Gaurd bands in memory through modern operating systems.
- Use automatic updates. Provide manufacturers with a mechanism to fix and patch bugs and vulnerabilities in the field. This requires a modular software architecture.
- Plan for end-of-life. An IoT device may have a long usable life, but it will need to be disposed of eventually. This should include methods to securely wipe and destroy all persistent memory (flash) from the device.
- Use bug bounties programs. Reward your customers and users for finding and reporting bugs, especially defects likely to expose a zero-day exploit.
- Subscribe and participate in US-CERT active threat management to become immediately aware of active exploits and cyber threats.
- As tempting as it is to simply build a project with MQTT, HTTP, or other insecure protocols, only ship with security and authentication enabled through TLS or DTLS. Encrypt data from the sensor to the cloud.
- Employ anti-debug fuses on the package. Blow fuses in manufacturing to securely debug channels prior to releasing a product.