Embedded developers with security Continuous Software Releases in the Internet of Things
Many security threats in the Internet of Things, or IoT for short, stem from bugs that already arise in the course of software development. But where do these threats actually come from-and how do developers react?
Companies on the topic
For IoT applications, it must be ensured that developers can deliver updates on a long-term and timely basis.
(© Tierney – stock.adobe.com)
The Internet of Things (IoT) is a billion euro market in which many companies want to play a part. That is why some seem to give priority to a quick market entry over security. This is all the more dangerous as IoT devices become more and more popular attack targets.
The Linux ecosystem basically strives for a high level of quality. Historically, it has been the community’s sole responsibility to package software and carefully review each application update. It should make sure that the update works as described and on any Linux distribution.
However, this proved to be an increasing challenge for everyone involved, not least because so many support requests and bugs were transmitted via the Linux distributions. Forwarding this information to the corresponding software authors became increasingly difficult.
The greater the number of applications and Linux distributions, the clearer it became that this model no longer carries. The authors of the software took care of the matter themselves: they often chose only one supported Linux distribution and completely bypassed an app store. As a result, they made the applications more difficult to find and – because of a double infrastructure – their operation more complex.
Adequately ward off threats
Vulnerabilities such as Spectre and Meltdown, which are due to vulnerabilities in the hardware architecture of processors, have shown the urgent need for software updates. Even if their management has not yet become much easier for end users in companies.
It is simply no longer acceptable to consider any networked Software as a finished product. Software maintenance must extend over the entire product lifetime, especially in today’s connected world. The growth of robotics applications and edge computing, which bring more devices online, are contributing to the spread of threats.
A survey of IoT professionals by Canonical found that more than two thirds of respondents are concerned about a lack of a generally valid industrial safety standard for the IoT. Another result of the study: almost a third of respondents have difficulty finding IT professionals who are familiar with the topic of IoT security. The Problem is recognized and known. However, without the appropriate qualifications, developers should ensure that the software is robust.
Increasing pressure on the developer
Expectations for developers are rising. Accordingly, the responsibility they are supposed to bear weighs more heavily. They are no longer just the makers behind the scenes; they now run the risk of, for example, a robot arm breaking with their program code or a patch crashing MRI devices.
As an industry, we acknowledge this problem without really doing anything about it. You can have a bad update because software is not an exact science; but then we ask these developers to play destiny and – for the sake of innovation – compromise on security.
On the other hand, developers can exchange the development of their software for a sense of security by simply treating their code as immutable. So it happens that devices are still delivered that never get an update. Developers are driven to this approach by device manufacturers, who see clogged support lines as much more inconvenient than facing a security breach.
The industry continues to develop more and more software components that can be put together and put on the solutions. Developers must not only ask themselves the update question for their own code, but must also trust all developers who face the same decision for all code that is below their own.
How should developers deliver software under this pressure that does not get out of hand when it comes to costs? Even if there is no way around this challenge, snaps could offer a solution.
Expand the offer
Snapcraft is a platform for publishing applications for millions of Linux users. It allows authors to issue software updates that are automatically installed and reset in the event of an error.
This greatly reduces the likelihood of a faulty update blocking a device or affecting the end user experience. If a vulnerability is discovered in the libraries that an application uses, the editor of the application is notified so that the application can be quickly rebuilt and subsequently deployed using the included fix.
Since snaps bundle their runtime dependencies, they work on all major Linux distributions without the need for changes. They are tamper-proof and work in a safe execution environment. A snap cannot modify another application or be modified by another application. Any access to the system beyond its secure execution environment must be expressly granted.
This precise definition provides easier documentation for installing and managing applications. Along with automatic updates that eliminate the “long tail” of versions, more predictable and lower support costs are typical. The discrepancy between what the quality assurance department tests and the application’s behavior on end-user system configurations is minimal.
Snapcraft also offers powerful tools for organizing releases in different release versions (channels). A set of tools can be used to forward app updates from automatic CI builds to quality assurance, beta testers, and finally to all users.
Developers should build their apps with confidence
The difference between a real and a hypothetical threat is not so great. You have to be prepared for a mistake. “Build for failure” is better than accepting that something “can’t go wrong”. Because this comes to cost a company when something goes wrong and it has no plan.
Snaps follows exactly this approach. Instead of seeing software updates as a risky measure and rarely using them, snaps recognizes that updates can fail. When you do this, the snap goes back to the last version without affecting the end user experience. The developer can then find the error without time pressure.
But as software-first companies are constantly being re-established, this puts immense pressure on these teams. Compromises are necessary, but they must not start with safety. Cyber attacks are incendiary. There is too much at stake for companies. Therefore, solutions like snaps should not be ignored.
Developers are becoming increasingly important for numerous business processes in companies. That’s why it’s important to support them and give them the tools they need to do their job. Whether you’re developing for a desktop, cloud, or IoT solution, you should rely on open source and snaps. This combination ensures that users use the latest software and system configuration problems are unlikely.
Martin Wimpress (Image: Canonical)
As a result, Outstaffing developers can write more code and have to debug less. If developers follow this example, you have the time, but, above all, the confidence to continue to develop solutions that are as safe as possible.
* Martin Wimpress is Developer Advocate of Canonical, the company behind Ubuntu.