Code modification
An attack where cybercriminals inject or modify code that’s stored, or running, on a device. Usually made possible by bugs in the software or weak security protocol implementations.
Qualcomm IoT Security
IoT Security Features
The Internet of Things (IoT) is connecting people, places and devices at a rapid pace. With the surge of connected devices comes the demand and necessity to implement security features for IoT devices. Qualcomm Technologies has a long heritage of providing mobile security solutions. Today, our security solutions are found in billions of commercial devices around the world, utilizing our proven mobile solutions for consumer and industrial IoT applications.
Typical security threats.
An attack can bring down insecure devices or an entire network, leaving users susceptible to device failure, distributed denial of service (DDoS), data and identity theft, and even physical or personal safety threats. Qualcomm Technologies’ IoT security solutions are designed to scale and help protect against some of these and other threats.
Key compromise
Connected devices use keys to authenticate and encrypt communications over a network. Keys can be stolen if they are improperly protected and then used to unlock sensitive data.
Password compromise
A password can be compromised by random guessing or can be stolen. These are some of the most common attacks, preying on poorly generated, insecure, or improperly stored or encrypted passwords.
Man-in-the-middle
Another prevalent form of attack that occurs when a malicious third party sniffs or steals data that’s in transit between two authentic entities or devices and is able to compromise it.
Securing the IoT ecosystem.
As a member of the IoT Cybersecurity Alliance (IoTCA), Qualcomm Technologies works with global technology leaders to address Internet of Things security challenges. The Alliance brings together industry-leading security providers and experts to raise awareness, establish and share best practices, and develop methods to secure the IoT ecosystem.
IoT device security needs.
Software integrity
Critical to thwarting code-modification attacks, software integrity is the assurance that the code stored and running on the device is from an authentic source, was written in a robust manner, and has not been modified by an unauthorized third party.
Data protection
Safeguards against spying and tampering for both data at rest (data stored on the device) and data in transit (data that leaves the device). Both are open to a variety of vulnerabilities, which must be considered.
Firmware upgrades and lifecycle management
Device protection depends heavily on firmware upgrades and lifecycle management. It is essential that devices in the field can be securely on-boarded, debugged, replaced and decommissioned.
Device-to-cloud authentication
Mutual assurance of the identity of both the cloud and device authentication and attestation uses keys to ensure that the identity of the device is genuine and that both are who they say they are and are in a non-compromised state.
User authentication, permissions and roles
To reduce the risk of compromise for devices that have multiple users, the ability to establish and enforce strong login credentials with separate permissions and roles is crucial.
Our Device Footprint
"We have a footprint in billions of devices worldwide, and we've been working on mobile security for as long as we've been building chips. We have a great deal of expertise and we're able to utilize this into our IoT security solutions."
"We have a footprint in billions of devices worldwide, and we've been working on mobile security for as long as we've been building chips. We have a great deal of expertise and we're able to utilize this into our IoT security solutions."
– Jesse Seed,
Qualcomm Technologies' Director of Product Management for IoT Security
A secure foundation.
Qualcomm Technologies is a leader in mobile security, with a footprint in billions of devices. Our IoT security offerings—including Trusted Execution Environment, Secure Boot, Storage Security, Debug Security and Key Provisioning—are built on our hardware-based security foundation.
Scalable solutions
Our security solution is designed to scale across our Mobile, Processor, Modem, Connectivity and Bluetooth System on a Chip (SoC) offerings—utilizing the proven success of those technologies. By integrating our security solution into the hardware, our offering is engineered to be robust technology that’s easy for our customers to deploy.
Robust solutions
Our integrated IoT security approach uses a combination of hardware-based security features and software features, without the need for an extra integrated circuit. This robust approach is designed to offer manufacturers and developers both time-to-commercialization advantages and bill-of-material (BOM) savings.
Collaborative solutions
We understand that IoT security is more than chips and features. That’s why we collaborate with not just device manufactures, but with third parties such as software providers, cloud-service providers and mobile network operators, to help ensure that the IoT ecosystem has a comprehensive and security-rich solution between device and cloud.
IoT security webinar
Learn more about our IoT-specific security approach in our webinar
Have a question about product security?
.
.