IoT systems by their nature incorporate many points of connectivity across different types of devices, and over different types of communication networks. The complexity of IoT systems requires security engineers to compose a defense-in-depth strategy for mitigating the many threats associated with those points of connectivity.
The concept of defense-in-depth seeks to eliminate or reduce single points of vulnerability that result in security failures and possible compromise. This requires layered defenses across the entire ecosystem and technology stack—for example:
- Physical layer attacks aimed at compromising hardware
- Link layer attacks on your wireless protocols
- Network layer attacks ...