Security by Traditional IoT Operating Systems

Updated: Apr 13

In the IoT World, the rules of the game are changing, and national security legislation mandates connected devices to be secure. Herein, Operating Systems is going to play a key role in IoT security. This is because if the sensitive resources (keys, certificates) in a device are not protected, how can we ensure that the whole system from IoT Edge to Cloud is secure enough. Even hardware provides security features, an Operating System must securely configure and makes use of hardware resources securely to protect the device.


Up to now, resource constraint small IoT devices/edges have been working with General Purpose insecure Operating Systems/RTOSes but the problem with the traditional IoT Operating Systems is that they were designed many years ago and they did not consider security by the initial design. They are still evolving, trying to support different hardware architectures, different features/middleware's and so high complexity for the past years. They try to support lots of functionality but not real security yet.


There are some security efforts but it is like a modification of a 20 years old tired operating system; can you imagine that how an operating system could be secure with high complexity (a weakness for security) plus shallow modifications.






“Security is not something you could have by modifying an insecure solution; A secure solution must be designed and optimised according to security requirements from scratch; “Security by Design”.” says Murat Cakmak, The Founder of ZAYA.


Security also needs universal policies to comply with such as IoT National Security Legislation which also mapped to IoT Security Certifications. The certification process is a painful and high-cost process, and so, the certification challenges must be considered as a part of the design to offer certification friendly solution for the manufacturers/developers as well.


At ZAYA, we are a highly experienced team in security and IoT certification, and familiar with challenges. Using our expertise, we offer security and certification friendly development environments for manufacturers and developers.


ZAYA secure solutions are designed from the ground up according to security certifications.

ZAYA Secure OS is a secure operating system for IoT devices, it is secure and also protects the whole device from malfunctioned user applications or third party libraries. ZAYA brings secure and platform-agnostic containerisation into MMU-Less resource-constraint processors/MCUs and offers modular certification assessment. (See ZAYA Secure μContainers)


Fortunately, you could have advanced ZAYA security on your existing various hardware architecture (Armv7-m, Armv8-m, RISC-V) with a single software upgrade.


ZAYA is the Z Generation of the IoT Operating Systems, a modern approach for the approaching IoT Era, and its security needs.


For more information, please contact ZAYA Team, and get a free consultation, and detailed introduction about the IoT Security and Secure ZAYA Products; info[at]za-ya.co


Author:

Aytac Toptas

Business Development Director @ ZAYA

aytac[at]za-ya.co


101 views0 comments

Recent Posts

See All