Author: David Purón, Barbara IoT
Undoubtedly, deploying Internet of Things (IoT)-connected devices, whether they are sensors, edge gateways, or large equipment, presents significant challenges in terms of usability and security. Contrary to what might be assumed, achieving seamless usability and robust security for connected devices proves exceedingly complex. The current landscape is fragmented across multiple vendors, technologies, standards, and user requirements, further complicating the integration and testing of IoT security solutions. This requires substantial time, resources, and particular domain expertise. Unfortunately, the security of some "legacy" IoT security stacks, such as Trusted Execution Environments (TEEs), has been compromised due to their extensive code base developed over the years and the complexity involved in integrating them with sophisticated hardware.
In this context, it is strongly believed that cybersecurity should be a community effort. While companies may compete with each other for customers and projects, when it comes to safeguarding against modern cyberattacks and advanced cybercrime organizations, they should be together, sharing information and co-creating defense mechanisms that minimize the increasing risks of the connected world. Motivated by these convictions, Barbara IoT proudly contributes to the CROSSCON project. The primary objective of CROSSCON is to establish an innovative IoT security framework that is open and easily adaptable across diverse devices, directly addressing the fragmentation challenges mentioned above. By building upon the conventional trusted services offered by current TEEs, CROSSCON aims to enhance and expand the security measures available, enabling companies like ours to elevate the security levels of our products and services.
Barbara collaborates with critical industry players, such as energy and water utilities, assisting them in acquiring data from sensors, actuators, and industrial equipment, processing them at the Edge with sophisticated applications and Machine Learning models. This brings a substantial impact on their business and operational performance. However, it also unveils a new attack surface on the OT (Operational Technology) networks and data, which were once isolated. By integrating the CROSSCON stack into our Edge Operating System, we anticipate streamlining our product development and maintenance across a diverse array of hardware architectures. This move will also bridge the gap towards compliance with essential security industry standards, such as IEC-62443-4-2, highly sought-after by our customers, especially in the realm of the highest security levels.
Together, we forge ahead, reshaping the IoT landscape to be not only easy and secure, but also open and interoperable.