Menu

IoT FEATURE NEWS

Hot IoT Fuzz: Safeguarding Devices via New Security Assessment Capabilities

By

“With billions of IoT devices in use and more on the way, security testing is more critical than ever to address new threats and evolving regulations.”

Definitely true. The global IoT device market is dynamitic, with notable spikes in growth due to the rise in more confident adoptions of IoT-centric solutions. According to a new report, the project market value is expected to reach $413.7 billion by 2031. That’s a lot of green being thrown at IoT; with more investments on the horizon, so unfortunately too are IoT device vulnerabilities being exploited. Per the report, roughly 57% of devices are at risk of what are classified as both medium-risk and high-severity attacks. Thus, those manufacturing IoT devices are increasingly in need of assessment tools to securely and consistently identify and remediate device security vulnerabilities.

One specific component of a comprehensive security assessment is known as fuzzing or fuzz testing. (We’ll refer to it as the former.) Fuzzing connotes software testing that purposefully injects invalid, malformed, or unexpected inputs into a device in order to reveal hidden defects or less-obvious vulnerabilities. The goal of fuzzing is legitimately to stress applications and cause unexpected behaviors, resource leaks, and crashes – better executed by responsible security teams than bad actors, we’d say.

So, as the quote above specified, security testing (including fuzzing) is critical.

That’s why Keysight Technologies, Inc. and Synopsys, Inc. have now partnered to readily provide IoT device manufacturers with a strong cybersecurity assessment solution that can protect consumers when devices are shipped to market.

Key to this Keysight-Synopsys collab is the Keysight IoT Security Assessment solution, and how the Synopsys Defensics fuzzing tool will be embedded as an option for it.

With Defensics added to Keysight’s solution, thorough vulnerability assessment and resolution capabilities are blended with a versatile “fuzzer” (i.e. fuzzing methods) that can analyze more than 300 distinct protocols used across myriad industries to quickly test for unknown vulnerabilities and potential weaknesses.

Per the Keysight-Synopsys official announcement:

“In addition to reporting security flaws uncovered through fuzzing, the solution detects potential exploits resulting from weak authentication and encryption, as well as expired certificates, Android vulnerabilities and Android Debug Bridge (ADB) exposures, known Common Vulnerabilities and Exposures (CVEs), and embedded flaws in protocol stacks, such as Bluetooth Low Energy attacks like Sweyntooth and Braktooth.”

“Securing IoT devices against brutal attacks has become exponentially more difficult for manufacturers with the demand for new devices and increased functionality,” said Ram Periakaruppan, Vice President and General Manager, Network Test & Security Solutions at Keysight Technologies. “By partnering with Synopsys to add their best-of-breed fuzzing tool, Keysight can provide device makers with a comprehensive security testing solution to identify previously unknown protocol stack vulnerabilities in their devices while assessing them for known threats, all from a single, easy-to-use interface.”

And Scott Johnson, Vice President of Product Management for the Synopsys Software Integrity Group – notably, the person credited with this article’s beginning quote – also stated, “Our collaboration with Keysight will provide a valuable solution for customers that combines hardware and Defensics fuzz testing software to conduct automated IoT security testing.”

A cost-effective way to test IoT devices in unique ways to find faults and prevent undue problems. Sounds like a plan.




Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Direct-to-Device Innovation, Courtesy of Viasat and Skylo Technologies

By: Alex Passett    11/28/2023

Viasat and Skylo Technologies seek to unlock the potential of Direct-to-Device (D2D) services for consumers, businesses and governments around the wor…

Read More

5G IoT Connectivity to Benefit from New Partnership Between OQ Technology and o2 Telefonica

By: Alex Passett    11/27/2023

OQ Technology and o2 Telefonica have signed their MOU on boosting 5G IoT connectivity together, kicking off mainly in Q2 of 2024.

Read More

Schneider Electric Integrates Microsoft Azure OpenAI for Sustainable Solutions

By: Greg Tavarez    11/21/2023

Schneider Electric tapped into its collaboration with Microsoft to integrate Microsoft Azure OpenAI into its operations, utilizing algorithms to gener…

Read More

Connectivity Standards Alliance Unlocks the Future of Digital Access with Aliro

By: Greg Tavarez    11/20/2023

Aliro is a new effort aimed at transforming how users unlock doors or other entry points using their mobile device or wearable.

Read More

AEye Introduces In-Cabin Lidar with Peak Performance

By: Greg Tavarez    11/16/2023

The 4Sight Flex is designed to be energy-efficient and low-cost and can detect objects up to 275 meters away.

Read More