The achilles heel of any technical security solutions is the physical access to hardware - once accessed; any hacker can theoretically break any security protocols in place to obtain the IoT firmware or data from the memory chips of the micro-controllers. Hackers can steal intellectual property (business ideas), spy on sensitive information or make modifications to firmware changing the functionality of the IoT device.
When targeting a specific CPU on an IoT device; the business logic and application are compiled into well known and common CPU opcodes (such as avr, ARM or MIPS) - which when executed on the device perform specific operations. Extracting the information from memory chips is not difficult; and in doing so the contents can be easily reverse engineered using any number of developer tools designed for such a purpose.
An alternative is to use intrusive hardware solutions to protect the contents of memory chips from third party access; however - such solutions require proprietary hardware design that must be formulated as part of the design process from the beginning of the IoT project. Shield was created to be a security extension of the Brawl IoT virtual machine and developer sandbox; the business logic and application for the Internet of Things can get the same level of protection provided by intrusive and expensive hardware solutions right within the IoT ecosystem.
Each IoT device in the ecosystem will have its firmware delivered encrypted (unique amongst all devices) - preventing a third party from being able to intercept, modify or steal intellectual property as it is delivered. An additional security layer at runtime ensures the IoT firmware and memory banks run through an encryption suite to protect them third party spying and modification in real time.
Utilizing RIoT Secure's technology stacks would be the simplest and most secure to build and deploy your IoT deployment.
