IoT security issues and solutions for low-power devices

IoT devices are marvels of compact engineering—small, cost-effective, and energy-efficient for large-scale deployment. This efficiency creates a critical trade-off between security needs and power requirements.

So how do we ensure these devices are secure without sacrificing lifespan?

This article explores IoT security issues and solutions like offloading security processes to the network (using cloud connectors), employing lightweight communication protocols (like MQTTS), and optimizing device design for energy efficiency can help balance security and battery life.

What is IoT security?

IoT security encompasses the technologies, protocols, and strategies used to protect internet-connected IoT devices and networks from unauthorized access, data breaches, and cyber threats.

While securing IoT may seem straightforward, each deployment presents unique challenges due to varying device capabilities, network architectures, and use cases.

What are examples IoT security issues?

IoT devices are a major target in global cyber-attacks with a reported 44% increase year-over-year. Ranging from physical tampering to software and data breaches, the threats are numerous and growing.

There are risks that specifically exploit the limitations of resource-constrained devices:

1. Power-depletion attacks
2. Authentication and cryptographic limitations

Power depletion attacks pose a significant threat, where malicious actors deliberately trigger excessive energy consumption, potentially exhausting batteries and rendering devices inoperable. This vulnerability can lead to denial-of-service conditions, compromising the availability of critical IoT systems.

Authentication issues and cryptographic operations are also vulnerable. IoT devices must often make difficult trade-offs between implementing robust security measures and maintaining efficient power usage, leading to simplified mechanisms that may be vulnerable to compromise.

As battery levels decrease, devices may reduce their security operations to conserve power, which could result in weakened encryption strength during low-power states and inconsistent protection levels.

Why are low-power IoT devices vulnerable to security threats?

The complexity to make IoT devices secure lies in the inherent constraints that make them perfect for specific use cases.

• Limited battery life (often expected to last years): Many IoT devices rely on battery power, often designed to last for years. Running complex security protocols, such as encryption or authentication uses more power, reducing the device’s overall lifespan.
• Minimal processing power: IoT devices typically use microcontrollers with minimal processing capabilities. This makes it challenging to implement resource-heavy security algorithms.
• Low bandwidth networks: IoT devices often operate in low-bandwidth environments like NB-IoT and LTE-M. Transmitting large amounts of encrypted or authenticated data can overload your data consumption, draining the power faster while also increasing data costs.

Consider this real-world example: To send just 10 bytes of temperature data, implementations with security require thousands of additional bytes:

• IP header: ~20 bytes
• TCP header: ~60 bytes (varies)
• TLS header: ~6,500 bytes (highly variable)
• MQTT header: ~10 bytes (varies)
• Payload: 10 bytes

This overhead creates significant challenges for resource-constrained devices. Executing complex encryption algorithms, authentication processes, and storing security credentials and logic on-device use up scarce device resources.

Solutions that offload security functions to the network or employ lightweight security protocols are often more suitable for these devices.

Addressing IoT security issues and solutions for low-power devices

While strong security is critical, solutions must be adapted to device capabilities and operational needs. The key is finding the right balance between security strength and resource efficiency—protecting devices while ensuring sustainable device operation.

Good news is that market trends report growing advancements in energy-efficient chipsets and wireless communication protocols. Here are some of the most efficient ways to secure IoT devices available today.

5 energy-efficient solutions for low-power IoT security issues

1. Offloading device logic to the network

Key benefits of offloading logic:

• Streamlined device operations: Moving SDKs and security processes to the network reduces the amount of sensitive information stored on devices.
• Reduced power consumption: By minimizing data transmission size and optimizing processing, power consumption is reduced which helps the battery life of IoT devices last longer.
• Optimized data usage: By reducing payload sizes, data transmission costs are minimized and further extends the battery life of IoT devices.

This is what Cloud Connectors do best — offloading intensive processing tasks to the network (thanks to how our core network is built). This simplifies device architecture to improve security while making energy and data consumption more efficient.

The results?

A test done with the SIMCOM 7070G module shows overall performance improvements:

2. Communication protocol selection

Choosing the right communication protocols is crucial. Lightweight protocols like CoAP (Constrained Application Protocol) and MQTT (Message Queuing Telemetry Transport) could be better suited for resource-constrained devices than more complex protocols like HTTP.

Selecting the right protocol varies per use case and priorities. MQTT for example is widely used for sending messages between devices and a server, while MQTTS is its secured version, albeit typically increasing traffic and drains devices’ batteries faster.

One way to resolve this is through our TLS Connector. If you’re interested to learn more, here’s a tutorial to go from MQTT to MQTTS to save data and battery for IoT devices to stay secure.

3. Proactive monitoring and updates

Proactive monitoring and timely updates are crucial for mitigating emerging threats and maintaining a robust security for your IoT devices.

To help you stay ahead of potential issues, our core network allows us to provide a comprehensive suite of tools that gives better device visibility, features that are not usually available to most network operators.

• Real-time monitoring: Continuously monitor traffic patterns with our Traffic Monitor. This allows you to identify anomalies and potential security breaches in real-time.
• Create custom alerts: Abnormal data consumption tells you that there is something going on. Whether it’s security related or not, setting alerts for data thresholds is IoT best practice. Check out this tutorial for setting up usage alerts using our API.
• Proactive updates: Regularly update device firmware to patch vulnerabilities and protect against emerging threats. Utilize lightweight protocols to minimize the resource impact of updates on your devices.

4. Secure remote management

IoT devices often require remote access for updates, debugging, and management. However, unsecured remote connections can become entry points for attackers.
Address this challenge by providing secure, reliable ways to manage devices remotely.

VPN and IPsec are often overlooked security tools for IoT (there’s also some confusion between APN and VPN). This approach not only reduces device exposure but also simplifies management and strengthens overall security. The key features are:

• Encryption offloading: OpenVPN and IPsec handle encryption at the network level, optimizing device performance.
• Firewall compatibility: OpenVPN enables devices to bypass firewalls by mimicking HTTPS traffic, ensuring uninterrupted connectivity.
• Access control: Only authorized users can access devices, reducing the risk of tampering or unauthorized modifications.

Onomondo’s VPN solution allowed Payworld Belgium to remotely control payment transactions, ensuring secure and efficient operations. This enabled their team to steer data directly to their cloud environment, without installing additional software on their devices. Read the full story here.

5. Energy-efficient device design

Designing devices with energy efficiency in mind includes selecting low-power components, optimizing sleep modes, and minimizing data transmission frequency. One recent innovation is energy harvesting.

Energy harvesting lets IoT devices power themselves by capturing and converting energy from their surroundings, like heat or vibrations, instead of relying solely on batteries.

Integrated approach to security and efficiency for IoT devices

Device, network, cloud, and data security offer solution to secure IoT deployments, even if they’re resource-constrained devices. While GSMA standards secure device-to-RAN transmissions, internet-bound data requires additional protection. Our Connectors minimize data usage while maximizing security against threats.

For expert advice on end-to-end IoT security, we recommend watching this webinar. It also includes guidance on regulations and certification which adds another layer of complexity to IoT security.

Resources:

• Rozlomii, I., Yarmilko, A., Naumenko, S. (2024). Data security of IoT devices with limited resources: challenges and potential solutions. Proceedings of the 4th Edge Computing Workshop (doors 2024). Vol. 3666, pp. 85-96. https://ceur-ws.org/Vol-3666/paper13.pdf
• Michaël Mahamat, Ghada Jaber, Abdelmadjid Bouabdallah. Security and energy-efficiency in the Internet of Things: Challenges and solutions. Colloque InterUT Systèmes sûrs et durables, Université de Technologie de Compiègne [UTC], Feb 2023, Paris, France. 10.34746/0txt-bh48. hal-04011817. https://hal.science/hal-04011817/document
• Security Features of LTE-M and NB-IoT Networks | Mobile IoT Security Report. GSMA. https://www.gsma.com/solutions-and-impact/technologies/internet-of-things/wp-content/uploads/2019/09/Security-Features-of-LTE-M-and-NB-IoT-Networks.pdf
• LTE; 5G; Battery Efficient Security for very low throughput Machine Type Communication (MTC) devices (BEST) (3GPP TS 33.163 version 15.4.0 Release 15). 2018. https://www.etsi.org/deliver/etsi_ts/133100_133199/133163/15.04.00_60/ts_133163v150400p.pdf