Responses to OWASP Top 10 - IoT version 2018

1. Weak, Guessable, or Hardcoded Passwords
   1. Devices are not remotely accessible, as they are not running an OS. As such there are no passwords anywhere.
2. Insecure Network Services
   1. Due to the devices being micro-controller based without an OS, we can guarantee there are no services or software running that we did not intend to have.
3. Insecure Ecosystem Interfaces
   1. All device access to the cloud is required to happen through TLS 1.2, with individual device certificates for authorization.
4. Lack of Secure Update Mechanism
   1. We are using AWS IoT services to provide updates over the air, through TLS encrypted MQTT, of signed firmware files.
   2. All firmware updates will do signature verification & self-testing with automatic rollback on failures.
5. Use of Insecure or Outdated Components
   1. Our devices are built with a secure crypto module, where all secrets are generated inside at runtime. Our supply chain does not impact nor encounter cloud sensitive secrets.
6. Insufficient Privacy Protection
   1. The device has no knowledge of anything specific to the customer. This information is all kept and added in the cloud.
7. Insecure Data Transfer and Storage
   1. All data is encrypted in transfer using TLS 1.2, and encrypted as rest in the cloud by AWS DynamoDB
8. Lack of Device Management
   1. We utilize the full device management platform of AWS IoT, with an additional layer on top for cross cloud asset management for device lifecycle management.
9. Insecure Default Settings
   1. All access policies in AWS IoT are linked to device certificates in the cloud, allowing us to restrict or revoke access to individual devices at all times.
10. Lack of Physical Hardening
    1. Sensitive information on the device is limited to its individual device certificate, stored in a crypto module & limited by AWS access policies to not allow cross-contamination of other devices in any way in the cloud.