
Code modification
An attack where cybercriminals inject or modify code that’s stored, or running, on a device. Usually made possible by bugs in the software or weak security protocol implementations.
The Internet of Things (IoT) is connecting people, places and devices at a rapid pace. With the surge of connected devices comes the demand and necessity to implement security features for IoT devices. Qualcomm Technologies has a long heritage of providing mobile security solutions. Today, our security solutions are found in billions of commercial devices around the world, utilizing our proven mobile solutions for consumer and industrial IoT applications.
An attack can bring down insecure devices or an entire network, leaving users susceptible to device failure, distributed denial of service (DDoS), data and identity theft, and even physical or personal safety threats. Qualcomm Technologies’ IoT security solutions are designed to scale and help protect against some of these and other threats.
An attack where cybercriminals inject or modify code that’s stored, or running, on a device. Usually made possible by bugs in the software or weak security protocol implementations.
Connected devices use keys to authenticate and encrypt communications over a network. Keys can be stolen if they are improperly protected and then used to unlock sensitive data.
A password can be compromised by random guessing or can be stolen. These are some of the most common attacks, preying on poorly generated, insecure, or improperly stored or encrypted passwords.
Another prevalent form of attack that occurs when a malicious third party sniffs or steals data that’s in transit between two authentic entities or devices and is able to compromise it.
As a member of the IoT Cybersecurity Alliance (IoTCA), Qualcomm Technologies works with global technology leaders to address Internet of Things security challenges. The Alliance brings together industry-leading security providers and experts to raise awareness, establish and share best practices, and develop methods to secure the IoT ecosystem.
Critical to thwarting code-modification attacks, software integrity is the assurance that the code stored and running on the device is from an authentic source, was written in a robust manner, and has not been modified by an unauthorized third party.
Safeguards against spying and tampering for both data at rest (data stored on the device) and data in transit (data that leaves the device). Both are open to a variety of vulnerabilities, which must be considered.
Device protection depends heavily on firmware upgrades and lifecycle management. It is essential that devices in the field can be securely on-boarded, debugged, replaced and decommissioned.
Mutual assurance of the identity of both the cloud and device authentication and attestation uses keys to ensure that the identity of the device is genuine and that both are who they say they are and are in a non-compromised state.
To reduce the risk of compromise for devices that have multiple users, the ability to establish and enforce strong login credentials with separate permissions and roles is crucial.
"We have a footprint in billions of devices worldwide, and we've been working on mobile security for as long as we've been building chips. We have a great deal of expertise and we're able to utilize this into our IoT security solutions."
– Jesse Seed,
Qualcomm Technologies' Director of Product Management for IoT Security
Qualcomm Technologies is a leader in mobile security, with a footprint in billions of devices. Our IoT security offerings—including Trusted Execution Environment, Secure Boot, Storage Security, Debug Security and Key Provisioning—are built on our hardware-based security foundation.
Our security solution is designed to scale across our Mobile, Processor, Modem, Connectivity and Bluetooth System on a Chip (SoC) offerings—utilizing the proven success of those technologies. By integrating our security solution into the hardware, our offering is engineered to be robust technology that’s easy for our customers to deploy.
Our integrated IoT security approach uses a combination of hardware-based security features and software features, without the need for an extra integrated circuit. This robust approach is designed to offer manufacturers and developers both time-to-commercialization advantages and bill-of-material (BOM) savings.
We understand that IoT security is more than chips and features. That’s why we collaborate with not just device manufactures, but with third parties such as software providers, cloud-service providers and mobile network operators, to help ensure that the IoT ecosystem has a comprehensive and security-rich solution between device and cloud.
Learn more about our IoT-specific security approach in our webinar
.
.