Get Over-The-Air Updates and Security right for smart products

Omer Keser, Sep 30, 2016 01:44 PM
Smart products are here to make our lives easier. Especially smart appliances are meant to ensure that consumer can use them remotely, gain life hacks, save time and much more. It’s no wonder that many manufacturers concentrate mainly on getting the life hack aspect right. But, what happens when Over-The-Air Updates (OTA) and Security are not given the same amount of consideration?

IoT SecuritySecurity

Let’s look at the two most likely security breaches that could happen:
  1. Our personal data is currency. Entities like Google, Facebook and many others trade user knowledge to deliver better services, products and offers like ads. This makes our data extremely valuable. When any product is made smart, it is connected to the Internet. This means it can be hacked and your data can be taken.
  1. While our appliances running wild in our kitchens may seem far-fetched, hackers trying to harm a particular brand and turning thousands of fridges off just because they can, is not. This level of malicious access is again possible with any product connected to the Internet.

Think of it this way, just as your computer or smartphone can catch a virus because it’s connected, so could any smart product. Our computers and smartphones are protected through regular updates that the manufacturers push directly to us. This means that security loopholes can be patched quickly if exposed and / or fixed before anything happens.

Developing for security is very complex in a connected environment. In the race to getting a smart appliance to marketer faster than the competition, this complex beast is often simplified to save time.

Over-The-Aire UpdatesOver-The-Air Updates (OTA)

In many ways, OTA and security go hand in hand. The updates that are pushed to our smart devices, reach it through OTA functionality. It’s a simple concept really; software evolves consistently and therefore security issues arise consistently also. Hackers never sleep and therefore even more security issues arise. Any smart product has to be updatable remotely to keep it up to date with the latest security standards. And, of course, should a breach have occurred, a fix needs to be able to be sent to the product quickly so that the smart product doesn’t become useless.

This brings us to the next important piece around OTA. Smart products becoming useless quickly. Take a standard refrigerator. It’s lifespan is anything above 5+ years. Now, take software. The standard lifespan is probably closer to 5 months (if even!). So what happens when you merge a product with a long lifespan with smart connectivity?

What you don’t want to happen, is that the smart product becomes useless or requires a manual recall every time a software update has to take place. This could be quite often, because your smart product relies not just on the software of the manufacturer but may integrate with common services such as Google products or other great third party applications.

We need to ensure that product updates can happen remotely. Which brings us back to OTA and the ability to push updates for operating systems, new functionality and security to your connected product regularly so that it remains smart.
Just like security, developing for OTA is complex. There have been examples where it wasn’t included in products and although they were “smart” they had to be recalled (check out these two example from the automotive and appliance sector).

Making it happen

Making security and OTA happen requires skill and experience in dealing with this complex area of smart development. Engineers with these skills are rare and sought after, so hiring and maintaining them is difficult.

In our opinion, you are left with two options:

  1. Work it out internally
This is an option if you have the luxury of a long time-to-market path and are flexible on budgets. Remember, you need to allow for upskilling and complex development in a new field.
  1. Work with a strategic partner

Combining your engineers knowledge and skill about your product with a strategic partner who can work out the new smart piece for you, will save time and money as well as protecting your brand from malicious attacks.

The right foundation will make your smart product successful, secure and useful to your consumers.


Thinking about making your products smart?   TALK TO US ABOUT YOUR OPTIONS TODAY