**1. Introduction**

The present day is a time of unprecedented rapid technology development and the growth of the Internet. The majority of citizens in developed countries are not only smartphone users, but also surround themselves with intelligent devices such as various sensors, smart home appliances or CCTV cameras. These objects, which are capable of collecting, processing and exchanging data via various networks (also without human intervention), make up the Internet of Things (IoT). Researchers estimate that there were 12 billion IoT devices active in 2020 and this number will at least double within five years [1,2]. Unfortunately, people often focus only on the benefits of using IoT devices and tend to underestimate the risks.

Many IoT devices are deployed without sufficient security measures and can be easily exploited by more or less sophisticated attacks [3] with a significant impact on both individuals and society. Remote hijacking of a Jeep on the St. Louis highway is a wellpublicized example of a personal IoT security breach [4]. White hat hackers in cooperation with a brave journalist acting as "the victim", were not only able to manipulate car interiors (display, sound system, air conditioning), but also control the engine and brakes—elevating the severity of the incident from a prank to a potentially fatal attack. On the other end of

**Citation:** Chmiel, M.; Korona, M.; Kozioł, F.; Szczypiorski, K.; Rawski, M. Discussion on IoT Security Recommendations against the State-of-the-Art Solutions. *Electronics* **2021**, *10*, 1814. https://doi.org/ 10.3390/electronics10151814

Academic Editor: Rashid Mehmood

Received: 6 July 2021 Accepted: 23 July 2021 Published: 28 July 2021

**Publisher's Note:** MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

**Copyright:** © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/).

the danger spectrum are hostile actions that affect nationwide systems. Distributed Denial of Service (DDoS) attacks from Mirai malware-based botnets (consisting of thousands of compromised IoT devices) that targeted Internet service providers in France and the USA are a good example of this [5–7].

The original IoT paradigm is changing and system architectures are becoming increasingly edge-focused, moving processing of the data collected by sensors from the cloud into closer edge nodes (fog computing [8–10]) in order to reduce latency and required bandwidth. More and more, applications are expecting IoT nodes to be resilient to network connectivity issues, which means that IoT devices have to retain more intelligence and operation capabilities by themselves. The need for advanced data analysis is driving IoT device implementations in the direction of the entire System-on-Chip (SoC) [11], which consists of multiple interfaces, analog/digital circuits, memories and CPUs running highly functional operating systems, such as Linux. All in all, the attack surface of such highly sophisticated and functional IoT devices has increased greatly.

Many papers have been presented on the subject of IoT security. For instance, Mahmoud et al. [12] in 2015 discussed the security of a robust IoT network, with division into layers (perception, network and application). The authors listed a number of threats and attacks to which such a system is susceptible and, more importantly, raised concerns about existing major gaps in addressing basic security, for example, privacy and confidentiality. In 2019, Mohamad Noor and Hassan published a survey on IoT security research in the years 2016–2018 [13]. The conclusion was far from optimistic, since not much had improved over the years. Similarly, layers were insufficiently secured and not enough effort was put into ensuring comprehensive endpoint security. The rapid growth of IoT technologies was inevitably followed by an equally fast-paced growth of attacks. Insufficient focus on security allowed for the development of new, inventive ways of exploitation. Alladi et al. [14] in 2020 published a case study on vulnerabilities present in consumer devices. Their findings indicate that not only do the manufacturers often neglect proper protection of their devices but also that the users are unaware of the threats posed by, for example, a wireless scale that is in their bathroom. Consequently, many organizations noticed the IoT security problem and took steps to tackle it. Over the last decade, a number of them published documents discussing the importance of secure IoT and proposing guidelines. Some of these recommendations present a very detailed approach, from the design process to the user experience; others focus on just a part of the IoT device's life cycle.

Our work concentrates mainly on hardware and software design and some aspects of later stages of IoT device functioning, such as updating or event logging. The goal of this paper is to analyze how existing solutions for trusted computing, especially dedicated for IoT devices, adhere to these recommendations.

The remainder of this paper is organized as follows. Section 2 discusses our motivation and related work on the subject matter. In Section 3, security guidelines for IoT proposed by various organizations are gathered and compiled into a set of the most common and important. Section 4 contains the analysis of existing technologies addressing IoT security. We chose a number of representative examples and evaluated them against the criteria formulated in Section 3. Finally, Section 5 discusses the results and Section 6 concludes this paper.

#### **2. Motivation and Related Work**

IoT security can be analyzed from multiple angles and numerous publications on the subject are available. As a term, IoT is sometimes used to describe particular solutions, often from different ends of the technology spectrum requiring a specific approach to the subject, while sometimes it represents a general concept. The discussion ranges from security problems of specific technologies, such as RFID networks [15], through solutions of growing popularity, such as blockchain, machine learning or artificial intelligence [16], to innovative propositions such as moving target defense [17], aiming at more elaborate structures, such as IoT networks.

National Institute of Standards and Technology (NIST) in 2020 published a document that focuses on defining an IoT device cybersecurity capability core baseline [18]. NIST describes the core baseline as a minimal set of capabilities that an IoT device should be equipped with so that it supports common cybersecurity controls. Advanced security schemes can be built on this basis. However, NIST does not provide advice on how it should be achieved. We decided that this was an interesting perspective and further research on the matter would be beneficial, especially for manufacturers and developers. As a first step, we conducted a literature search and checked whether other organizations provide guidelines regarding IoT device security. Secondly, we examined whether existing, state-of-the-art technologies can be utilized to fulfill the requirements.

We came across multiple survey articles regarding aspects of IoT, from wide-ranging analysis of an entire IoT system [19], to works focusing on protocols [20,21], IoT platforms [22] and frameworks, based on contemporary, commercial examples [23]. In each of these papers, security was considered but the emphasis was rather on existing issues and challenges of discussed solutions, instead of means of protection. To the best of our knowledge, no surveys focusing specifically on IoT *device* security capabilities were available.

Additionally, we researched surveys on IoT security. Our findings showed that the focus of the published work is again more on the challenges than on the solutions. For instance, Macedo et al. in 2019 [24] provided a systematic literature review focused on defining four main aspects of IoT security—authentication, access control, data protection and trust. Their work is addressed to manufacturers, developers, consumer and providers of IoT. Interestingly, the authors recognized a lack of reference architectures to develop secure IoT solutions. Nonetheless, the paper does not present existing guidelines and a link to state-of-the-art technologies. Abdul-Ghani and Konstantas [25] in their work provide an overview of several documents regarding the best practices for securing IoT, published by renowned organizations, such as the Broadband Internet Technical Advisory Group (BITAG) or the IoT Security Foundation (IoTSF). They also recognize the need for standardized security and privacy guidelines for IoT. In contrast to our approach, the analyzed guidelines are not confronted with existing commercial solutions.

Finally, we investigated the availability of articles presenting an overview of contemporary solutions, which could be applicable for securing IoT. In their paper published in 2018, Maene et al. [26] gathered over ten different technologies, dedicated to trusted computing. Similarly to our work, they are compared against a set of criteria. However, these criteria are based on capabilities offered by analyzed solutions, rather than existing guidelines. Even though the trusted computing solutions discussed in this article can, in some cases, be successfully used for IoT applications, there are other technologies catered specifically for this purpose that are in our opinion worth considering.

#### **3. Security Recommendations for Internet of Things**

With the number of connected IoT devices growing bigger each year, the question of security has become crucial. The threats and risks related to IoT devices, systems and services are manifold, and evolve rapidly. Hence, it is important to understand what needs to be protected and to develop specific security measures to protect the *things* from cyber threats. While a strict set of regulations on IoT security is ye<sup>t</sup> to be established, a need for guidelines was first identified by the industry in the early 2010s and the discussion has continued since then.

#### *3.1. Existing Guidelines*

Numerous institutions across the globe have proposed their recommendations, in order to help developers, distributors and users ensure a secure IoT infrastructure. Government organizations, international associations and advisory groups are aware of the problem and have published many documents on the subject, to name *some* among many more:


Our analysis focuses on just a number of them. A time cut-off of 2017 has been adopted for two reasons: rapid IoT industry development might outdate some concepts and, on the other hand, recent publications often reference older ones and align with them in *essential* matters. Furthermore, industry standards issued by renowned organizations or manufacturer associations have been considered over simple brochures or articles. Last but not least, it was important that the given document (or its independent section) primarily concentrates on secure IoT *device* implementation itself, as this is a foundation for deliberations in the next sections.

NIST, part of the U.S. Department of Commerce, in 2020 issued a report, "IoT Device Cybersecurity Capability Core Baseline" (NISTIR 8259A) [18]. The authors define an IoT device cybersecurity capability core baseline, which is a set of device capabilities generally needed to support common cybersecurity features that protect data, systems and ecosystems. The proposed baseline represents a coordinated effort to produce a definition of common capabilities, which is not an exhaustive list. This document highlights activities that aim to improve cybersecurity levels in manufactured products, which in consequence reduces the number of exploited IoT devices.

ENISA created a number of documents on secure IoT development. In 2017, "Baseline Security Recommendations for IoT" [27] was published. The aim of this work was to provide insight into the security requirements of IoT, with a focus on Critical Information Infrastructures. The paper offers a thorough analysis of existing cybersecurity threats, along with a comprehensive set of measures in order to protect IoT systems. The authors developed a series of recommendations based on the results of their research, the views expressed by the experts, and good practices, as well as security measures used in the industry. It is worth noting that this document provides an elaborate list of other security standards regarding IoT, which can be a valuable starting point for further research.

Documents published by the GSMA provide very useful insight and pose questions that IoT designers and network administrators will find useful while discussing system security. The"IoT Security Guidelines" document set [28–30] should especially be considered at the early stages of development, as it asks a series of important questions regarding security which are very helpful during the process. These documents promote a methodology for developing secure IoT services to ensure security best practices are implemented throughout the life cycle of the service. The authors provide recommendations on how to mitigate common security threats and weaknesses within IoT services. The set of documents analyses two ecosystems—service and *endpoint*—but also provides a number of real-life examples.

IETF and IRTF are cooperating, parallel open standards organizations, that focus on short-term and long-term Internet-related research, respectively. They have issued a couple of highly informative drafts regarding IoT security. In 2017, "Best Current Practices for Securing Internet of Things" [31] was published by IETF. This report collects guidelines for IoT designers and developers, written by engineers from Network Heretics, Mozilla and Arm. It offers valuable remarks on low-level IoT development, by discussing the authentication, encryption, and design of a device and firmware. Even though it is now labelled as expired, we find this document provides valuable input into the discussion. In March 2021, another draft was released—"Security Technical Specification for Smart Devices of IoT" [32]—collecting detailed recommendations from hardware to software level and proposing a secure IoT device model. In April 2019, IRTF published "RFC8576— Internet of Things (IoT) Security: State of the Art and Challenges" [33]. In this document, the authors present a list of already existing guidelines regarding IoT security; they report and predict the development of IoT and point out possible challenges, especially with reference to the nature of resource-constrained IoT devices (e.g., in terms of algorithms and protocols that would allow IoT devices to safely operate in a heterogeneous network with powerful, potentially malicious Internet resources). The aforementioned publications are complementary to each other and were issued by cooperating organizations, therefore conclusions drawn from them are presented together.

The IoTSF and ioXt Alliance are composed of industry leaders, manufacturers and governmen<sup>t</sup> organizations, dedicated to creating a security and privacy standard for IoT— some of these entities belong to both of these organizations. The first consortium published "Secure Design—Best Practice Guides" [34] at the end of 2019. This document highlights the importance of maintaining a chain of trust throughout the hardware and software layers of IoT device. The ioXt Alliance has recently published "ioXt Pledge: The Global Standard for IoT Security" [35], in which eight core principles are defined and described. It considers a wide range of subjects, such as secured interfaces, proven cryptography, software verification/updates and vulnerability reporting mechanisms. The organization offers a certification program and creates a network of authorized laboratories. It also encourages independent researchers to participate in the certification process, by validating that every security requirement is fulfilled.

It is worth highlighting that ISO is currently working on their own guidelines. As of June 2021, ISO/IEC CD 27400 "Cybersecurity—IoT security and privacy—Guidelines" is still under development [36].

#### *3.2. Evaluation Criteria*

In this section, we created a set of recommendations with a focus on SoC hardware and software security, deriving from the documents mentioned in Section 3.1. This selection is later used to analyze the state-of-the-art IoT security technologies. The aim of Table 1, presented later in this section, is to collect the most common and important recommendations from the analyzed literature and to provide a solid overview of what is expected from a well-secured IoT device. As already described in Section 2, our starting point was a security core baseline for IoT devices defined by NIST and, as mentioned in Section 3.1, the main focus during criteria analysis was put on secure IoT device implementation. Therefore, high level concepts, such as, for instance, network structure or its security remained out of scope. On the other hand, topics such as the safety of an industrial or automotive IoT node and its capability to operate in various environmental conditions (e.g., temperature, humidity, contact with harsh chemicals) do concern device architecture, but are mostly related to its reliability instead of security. Only the aspects of physical access to the device relevant at the chip level were considered, because those regarding the product level can be very location or application specific.

The analyzed papers have multiple points in common. In Table 1, we collected the most prevailing suggestions and divided them into the following groups on the basis of key functionalities:


The intent was to mimic the process of constructing a secure IoT device by creating a checklist of requirements it has to fulfill. Almost all of the analyzed documents proposed the functional classification of secure IoT device characteristics with some exceptions. A relevant example is GSMA's document [30], where the requirements were distributed by implementation priority (Critical, High, Medium, Low). Categories presented in this paper are similar to the ones recommended by ENISA [27], but the number of groups was reduced, and an appropriate level of granularity was maintained, which allowed for concise comparison of available secure IoT implementations.
