Another post in the series on “IoT Device Security Considerations and Security Layers“, this time looking at Operating Systems.

There are many Operating Systems available for use on IoT devices and there are more being developed all the time. These range from specific Operating Systems targeted at a specific IoT Chip set to ones that can be used across a number of devices. Some of the names in this field are well known by every day consumers and some not so well known but are strong in this area.

At this time there are not many standards agreed across the industry, but more group specific depending upon which platform you are developing on. The main standards that exist are around networking and connectivity. Groups and Communities currently discussing and creating IoT Standards). Some of these are around security and securing the IoT devices.

There are a number of standard practices that you can carry out to help secure your IoT device at the Operating System level:

Right Operating System

Choosing the right Operating System is key to ensuring your IoT Device will function as you require it to and support the applications you are using. You should look to only install the Operating Systems elements that are needed to reduce any future Security Issues through none used modules. Streamlining (or removing none used modules) also reduces the amount of space needed on the IoT device.

Upgrades

Upgrading to latest versions of the Operating System at regular intervals will ensure that you have the latest software and that additional space is not taken up with old patching files. This also ensures any known security holes in the Operating System are protected. This also has the added benefit of keeping up with any new features introduced into the Operating System.

Patching

Patching of both the hardware BIOS and Operating System should be considered. Ensuring that the BIOS is at the latest level makes any patching more effective as the Operating System and patches are normally created and tested on the latest hardware and releases.

Regular patching needs to be carried out in order to fix any known exploits or Security holes in the Operating System/ Some latest Operating Systems patch automatically at a regular interval which when configured allow this task to just be a monitored one to ensure devices are being updated.

Access

Only allowing the users or systems that need access to the device and removing all other accounts and access rights will secure the device. The levels of access control, user id’s and passwords will be dependent on the Operating System used. These can range from local settings to a centralised control such as Active Directory.

Below are some links to Operating Systems and their supported hardware platforms.

Brillo

• https://developers.google.com/brillo/?hl=en

Contiki

• http://www.contiki-os.org/
• http://www.contiki-os.org/hardware.html

FreeRTOS

• http://www.freertos.org/
• http://www.freertos.org/RTOS_ports.html

Linux

http://www.linux.org/

mbedOS

• https://www.mbed.com/en/development/software/mbed-os/

Microsoft

• http://www.microsoft.com/en-gb/server-cloud/internet-of-things/overview.aspx

OpenWSN

• https://openwsn.atlassian.net/wiki/pages/viewpage.action?pageId=688187
• https://openwsn.atlassian.net/wiki/display/OW/Hardware

Riot

• http://www.riot-os.org/
• http://www.riot-os.org/#usage

Tiny OS

• http://www.tinyos.net/
• http://tinyos.stanford.edu/tinyos-wiki/index.php/FAQ