Every Wednesday, we summarize a podcast about cybersecurity so you can read it in about ten minutes or less. This week features Lars Reger, CTO of NXP Semiconductors, who spoke with Brian Santos of the EETimes On Air podcast (#84) about the need to build in IoT security from the beginning. [Note: Questions and answers were edited for brevity and clarity.]
Santo: With the proliferation of the Internet of Things, you need to be concerned with security, right?
Reger responds that with all of the connected and distributed systems, engineers need to be able to do privacy and security by design as well as functional safety by design.
He cites a connected car, as an example. The car is an expensive and complicated connected device. If a company tries to change one component of the car, it would have to requalify the complete autonomous battery electric-driven connected vehicle. He noted that this is not doable in terms of human resources and money. So the company would need to have a person with an architectural understanding deciding how to cut the connected car into domains, into sub-areas. The person would decide how to strictly separate the powertrain of the car from the gateway, from the connectivity domain, from the autonomy domain. That way, if the autonomy domain is changed, the powertrain does not need to be requalified.
This type of disciplined thinking is an important part of the process, Reger explains.