EUHubs4Data’s IoT-SESOD experiment supported by EGI

SECURING YOUR IOT DEVICE WITH FBOMS FROM DEVASTATING CYBERATTACKS

The high number of active IoT devices globally is expected to grow from 7.6 billion in 2019 to 24.1 billion in 2030 (more than 3 times!), and their high speed of adoption has raised worries about their security.

At the same time, the current state of IoT cybersecurity is overlooked and can be described with the three following facts:

  • 5 minutes is usually needed to attack a plugged into the internet IoT device 
  • 5,200 cyberattacks IoT devices experience on average per month 
  • 205 days it takes to fix critical security vulnerabilities

For all these reasons, these days businesses have to look for high-quality cybersecurity solutions that can provide deep-level protection.

Firmware is a core part of any connected device and plays a critical role in controlling main device functions. Firmware security and its continuous maintenance make an IoT device HIGHLY secure to use.

“An ability to see all the components integrated into the firmware (FBoM) is a time-efficient way to determine necessary actions in case vulnerabilities are found in one of the components.”

In the EUHubs4Data IoT-SESOD project, Binare is aiming to take off the label “black box” from IoT devices by generating complete and accurate (I)IoT firmware SBoMs and their always-up-to-date vulnerability (CVE) mappings.

The EUHubs4Data IoT-SESOD experiment results have uncovered the critical need to perform binary IoT firmware analysis & identify the software components in IoT device firmware: 7.9 M vulnerabilities & 3652 distinct CVEs identified in 14.000 firmware files, 2733 distinct software components & 178 device types from 215 vendors.

Thanks to EGI support and mentoring during EUHubs4Data, Binare was able to benefit from the first-class support of researchers and High-Performance Computing (HPC) specialists. Overall, over a 9 month IoT-SESOD project period, EGI and its infrastructure partners offered Binare access to a whopping 2.1 million CPU-hours and 4.2 million GB-RAM-hours of computing power.

Binare is a deep firmware-level security platform for vulnerable IoT devices. Binare’s automated cybersecurity solution not only identifies vulnerable software components in firmware like an X-ray machine but also takes care of new emerging cyber threats by continuous monitoring of the components.

Binare’s component analysis tool is a must-have for critical infrastructures such as healthcare, energy and transportation where decisions have to be made very fast in response to new vulnerabilities and cyber threats. These days the speed with which new vulnerabilities emerge is quite high and if you don’t keep up to this speed, it becomes a huge risk that can turn into a reality within seconds! Binare’s unique technology guarantees high-level firmware protection of IoT devices: scanning & fixing SINGLE insecure firmware is always a better option than fixing (or securing, recalling, etc.) MILLIONS of vulnerable, exploited or otherwise impacted devices post-deployment/post-OTA due to that single firmware that is found vulnerable.

Find out more about Binare and the experiments:

Posted in binary analysis, Blog, cybersecurity, EUHubs4DATA, News.