Free Trials

Download a free trial to find out which Altium software best suits your needs

How to Buy

Contact your local sales office to get started on improving your design environment

Downloads

Download the latest in PCB design and EDA software

  • PCB DESIGN SOFTWARE
  • Altium Designer

    Complete Environment for Schematic + Layout

  • CircuitStudio

    Entry Level, Professional PCB Design Tool

  • CircuitMaker

    Community Based PCB Design Tool

  • NEXUS

    Agile PCB Design For Teams

  • CLOUD PLATFORM
  • Altium 365

    Connecting PCB Design to the Manufacturing Floor

  • COMPONENT MANAGEMENT
  • Altium Concord Pro

    Complete Solution for Library Management

  • Octopart

    Extensive, Easy-to-Use Component Database

  • PRODUCT EXTENSIONS
  • PDN Analyzer

    Natural and Effortless Power Distribution Network Analysis

  • See All Extensions
  • EMBEDDED
  • TASKING

    World-Renowned Technology for Embedded Systems Development

  • TRAININGS
  • Live Courses

    Learn best practices with instructional training available worldwide

  • On-Demand Courses

    Gain comprehensive knowledge without leaving your home or office

  • ONLINE VIEWER
  • Altium 365 Viewer

    View & Share electronic designs in your browser

  • Altium Designer 20

    The most powerful, modern and easy-to-use PCB design tool for professional use

    ALTIUMLIVE

    Annual PCB Design Summit

    • Forum

      Where Altium users and enthusiasts can interact with each other

    • Blog

      Our blog about things that interest us and hopefully you too

    • Ideas

      Submit ideas and vote for new features you want in Altium tools

    • Bug Crunch

      Help make the software better by submitting bugs and voting on what's important

    • Wall

      A stream of events on AltiumLive you follow by participating in or subscribing to

    • Beta Program

      Information about participating in our Beta program and getting early access to Altium tools

    All Resources

    Explore the latest content from blog posts to social media and technical white papers gathered together for your convenience

    Downloads

    Take a look at what download options are available to best suit your needs

    How to Buy

    Contact your local sales office to get started improving your design environment

    • Documentation

      The documentation area is where you can find extensive, versioned information about our software online, for free.

    • Training & Events

      View the schedule and register for training events all around the world and online

    • Design Content

      Browse our vast library of free design content including components, templates and reference designs

    • Webinars

      Attend a live webinar online or get instant access to our on demand series of webinars

    • Support

      Get your questions answered with our variety of direct support and self-service options

    • Technical Papers

      Stay up to date with the latest technology and industry trends with our complete collection of technical white papers.

    • Video Library

      Quick and to-the-point video tutorials to get you started with Altium Designer

    Internet of Things Security Issues Prompt Government Intervention

    November 28, 2017
    Man presses a lock button and offers IoT gear on a virtual GUI

    When you look at an Internet of Things (IoT) device like a fork or a juicer, what do you see? Like me, you probably see a gadget that was designed for a particular purpose. Less upstanding citizens may see a digital weapon instead of an innocuous gizmo. In the past several years, there have been several high-profile distributed denial-of-service (DDoS) attacks that were enabled by poorly-secured IoT devices. Hackers infiltrate light bulbs and other smart household items and incorporate them into huge botnets that can then be used to take down online services. These assaults recently led to the introduction of the Internet of Things Cybersecurity Improvement Act of 2017 in the US Senate.

    A Recent Wave of IoT Botnet Attacks

    If you’re not familiar with botnets, they may sound like something from a science fiction novel; however, they’re quite real. They can shut down company websites. This past year hackers were even able to bring down huge of the Internet using IoT botnets. This threat is not coming but already here.

    First, let’s talk about distributed denial-of-service (DDoS) attacks. Every year my college football team sells its season tickets on a single day. They always sell out, so people are usually waiting at their computers for the sale to open so that they can buy their tickets. However, with so many people trying to use the service at once, it usually crashes. Think of it like a traffic jam on a roadway. If there are too many cars (or computers) nothing moves. This is the basic idea behind a DDoS assault. Hackers will take over computers or, in our case IoT devices, using malware. These malicious programs let the hackers control the gadgets (also known as zombies) and overload a target website.

    When my college’s ticket website goes down, it’s not really a big deal. They still sell all the tickets, but it just takes longer. If hackers cripple a payment website, though, companies can lose hundreds of thousands—even millions—of dollars while the website is offline. These attacks can also be used to incapacitate portions of the Internet as a whole.

    In 2016 the Mirai botnet attacked a company called Dyn, which runs many US Domain Name Server (DNS) services. As a result, many people in the US were not able to access the Internet. To mount such a massive strike, the Mirai botnet used hundreds of thousands of poorly-secured IoT devices, in this case mostly webcams. Many other botnets are being built from smart gadgets with substandard security as we speak. The United States Government has been slow to acknowledge this threat but is now taking action.

    Black hat hackers may target insecure networks
    Botnets can be used to overload websites or other online services.

    US Legislation Tries to Hold Back the Tide

    Recently, the US Senate introduced bipartisan legislation to correct this problem, which would require designers to meet certain security standards in order to sell their products to the federal government. These standards compound the challenge of meeting the FCC’s radiated and conducted emissions standards. However, the proposed act’s standards highlight weak points in IoT device design and indicate some key areas for designers to consider.

    Primary standards of the proposed legislation:

    • Devices should be able to receive and install a software patch. Either enable over the air updates for your product or make it possible for the user to install patches.
    • Designers should avoid integrating known vulnerabilities into their products. If they discover a weakness during design, they should disclose it to the appropriate federal agency. Don’t intentionally include backdoors into your hardware or software.
    • IoT communications should rely only on standard protocols, such as Bluetooth or 5G.
    • No device should have a hard-coded password, which is part of what allowed the Mirai botnet to infect hundreds of thousands of devices, like WiFi light bulbs.​​

    The legislation does not appear to be extremely rigid. There will be allowances on a case-by-case basis for gadgets that don’t meet their requirements. That being said, the risk of IoT devices being infected and grafted into massive botnets is significant. Even without that legislation, designers should seek ways to more effectively secure software and hardware alike.

    Smart light bulbs illuminate Internet of Things (IoT) devices
    Don’t let your light bulb become part of a zombie army

    Designing a PCB is never easy, and these new government requirements won’t make it any easier. Fortunately, great PCB design software can help you stay ahead of such legislative action to secure your designs. CircuitStudio® boasts a wide variety of tools that will help you manage the details and craft IoT devices that reflect increased security standards.

    Have more questions about IoT security? Call an expert at Altium.

    most recent articles

    Back to Home