by Steve Hoffenberg, with Chris Rommel, Jaunuary 2015
What questions are addressed?
Efforts to restrict unauthorized access to connected devices are necessary but not sufficient to provide security.
Nearly every element of a device's internal systems can be security-enhanced. The degree to which these systems should be protected is a critical decision in the design process.
Implementation of multiple security measures does not guarantee complete security.
Penetration testing by security professionals is an essential best practice for development of connected devices.