Chapter 6: Connected Car Security Analysis—From Gas to Fully Electric
Cars are also “things” that are now accessible and controllable remotely. Unlike with
many other devices, the interconnectedness of the car can serve important safety func-
tions—yet security vulnerabilities in cars can lead to the loss of lives. This chapter studies
a low-range wireless system, followed by a review of extensive research performed by lead-
ing experts in academia. We analyze and discuss features that can be found in the Tesla
Model S sedan, including possible ways the security of the car could be improved.
Chapter 7: Secure Prototyping—littleBits and cloudBit
The first order of business when designing an IoT product is to create a prototype, to
make certain the idea is feasible, to explore alternative design concepts, and to develop
specifications to build a solid business case. It is extremely important to design security in
the initial prototype and subsequent iterations toward the final product. Security as an
afterthought is bound to lead to finished products that put the safety and privacy of the
consumers at risk. In this chapter, we prototype an SMS doorbell that uses the littleBits
prototyping platform. The cloudBit module helps us provide remote wireless connectivity,
so we can prototype our IoT idea to send an SMS message to the user when the doorbell
is pressed. Discussion of the prototype steps through security issues and requirements
considered when designing the prototype, and we also discuss important security consid-
erations that should be addressed by product designers.
Chapter 8: Securely Enabling Our Future—A Conversation on Upcoming Attack Vectors
Over the next few years, our dependence on IoT devices in our lives is bound to skyrocket.
In this chapter, we predict plausible scenarios of attacks based upon our understanding of
how IoT devices will serve our needs in the future.
Chapter 9: Two Scenarios—Intentions and Outcomes
In this chapter, we take a look at two different hypothetical scenarios to gain a good appre-
ciation of how people can influence security incidents. In the first scenario, we explore
how an executive at a large corporation attempts to leverage the “buzz” surrounding the
topic of IoT security with the intention of impressing the board of directors. In the second
scenario, we look at how an up-and-coming IoT service provider chooses to engage with
and respond to researchers and journalists, with the intention of preserving the integrity
of its business. The goal of this chapter is to illustrate that, ultimately, the consequences
of security-related scenarios are heavily influenced by the intentions and actions of the
people involved.
Conventions Used in This Book
The following typographical conventions are used in this book:
Italic
Indicates new terms, URLs, email addresses, filenames, and file extensions.
PREFACE xv