Internet of things (IoT) networks has become a standard part of many organizations’ operations. As these networks grow in size and complexity, managing them becomes increasingly challenging, leading businesses to rely on third-party management solutions. Amazon Web Services (AWS) is one of the most popular thanks to features like device shadows.
AWS has been the dominant force in cloud services for years, accounting for roughly a third of the market since at least 2017. Consequently, many companies use AWS to manage their IoT networks, which presents several benefits but also raises some concerns. AWS’s Device Shadow service is perhaps the best example of this duality.
What Are IoT Device Shadows?
The Device Shadow service aims to simplify and improve communication between different IoT devices on a network. It does this by creating “shadows,” which are files on the cloud that work as a stand-in for a given device. These make a device’s state available to apps and services even when not connected to AWS IoT.
If a device disconnects, whether intentionally or not, from the network, its state will still be visible to other devices and apps via its shadow. Consequently, you can still send commands to disconnected IoT endpoints.Device shadows come in two forms: named and unnamed. Named shadows enable users to divide an endpoint into multiple shadows, each representing a different property. Unnamed shadows, of which each device can only have one, represent the entire device in a single shadow.
Advantages of Device Shadows
IoT device shadows come with several key advantages, all relating to improved communication between devices. These are particularly useful to organizations with large IoT fleets, as managing multiple endpoints across different environments is often challenging.
Here’s a closer look at the most prominent benefits of device shadows.
1. Improved Synchronization
Since device shadows can act as a proxy for disconnected devices, they improve synchronization across large networks. Imagine you are sending a new security update across your organization’s IoT network. Without shadows, every device would have to be connected at once to enable a simultaneous network-wide update.
With shadows, connectivity is no longer as prominent a concern. The shadow of a disconnected device would receive the update, then install it once the device reconnects. You wouldn’t have to update each device individually, which would be inefficient, and you wouldn’t have to worry about each device’s connectivity.
By mitigating connectivity issues, shadows help keep all devices on a network synchronized. Low bandwidth or network disruptions won’t compromise synchronization. This process also works if a device is busy, not just disconnected.
2. Increased Visibility
Device shadows also create more visibility within your IoT network. Traditionally, if a device disconnects, you wouldn’t be able to access information about its state from another device or app. Since shadows hold this information on the cloud, they remove that barrier.
Shadow files can contain a wealth of data. In addition to showing a device’s current and desired states, they include metadata like timestamps. When you look at a device shadow, you can get a more comprehensive view of how data flows through your IoT network. This can aid cybersecurity efforts by revealing information like where syncing issues occur.
3. Reduced Network Traffic
Shadows eliminate the need to request information from a device to learn its state. As a result, they also reduce network traffic. A shadow’s ability to hold commands while a device is busy, then issue it once free, further reduces traffic. Less traffic will, in turn, improve security.
An expansive IoT network running many simultaneous commands runs the risk of overloading the network. Since shadows move some of the weight of those commands to the cloud, communication between devices remains uninterrupted. Having fewer disruptions between devices decreases vulnerabilities by removing potential opportunities for cybercriminals to enter the network.
4. Accelerated App Development
Communication between shadows is uniform even when device standards and protocols are not. There are more than 21 different connectivity standards for IoT devices, not including the several security protocols they may also use. This fractured landscape traditionally poses a challenge for app development across large IoT networks, but shadows simplify it.
Shadows provide a uniform interface for interacting with different devices, enabling more straightforward communication. Applications can send commands to any part of the network using just a REST API. As a result, you can develop new apps and services for your IoT network faster, enabling quicker security updates.
Security Concerns With Device Shadows
For all of device shadows’ benefits, they still carry some lingering security concerns. Many of these are possible to mitigate, but users unaware of these risks may create new vulnerabilities in their IoT networks by embracing shadows too quickly. Here are the most pressing cybersecurity issues associated with using device shadows.
- Unauthorized Access
The most concerning aspect about device shadows from a cybersecurity perspective is that they expand device access. IoT networks already pose potential risks since hackers can use seemingly mundane devices as gateways into your network. Shadows could potentially make this unauthorized access easier by enabling even disconnected devices to act this way.
You may not typically think of an IoT device as a threat to your larger network if it’s disconnected. If that device still has a shadow running on the cloud, its connectivity is almost irrelevant. Hackers could still send commands to it that will take effect as soon as it reconnects to the network.
These unauthorized commands may go unnoticed since disconnected devices wouldn’t be a prominent threat under different circumstances. While the commands hackers can send to and through shadows are limited, they can still cause damage. Cybercriminals could turn devices on or off or stop needed firmware updates.
- Blind Spots From Availability Zones
If your IoT network expands across a large geographic area, you may encounter security issues from AWS’s availability zones. These zones help partition networks and isolate problems, but they can create an obstacle with device shadows. Since shadows only work across a single availability zone, IoT devices in other zones will have blind spots.
If part of your network in one zone experienced an outage, you couldn’t address it through device shadows. All of the benefits of these services would quickly diminish, leaving devices in the compromised zone vulnerable.
Using Device Shadows Securely
These security concerns don’t render device shadows too dangerous to use, but they do warrant action. The most crucial step towards device shadow security is vigilance. Considering the possibility of a hacker using shadows to control your IoT devices, you should monitor all shadow data closely.
Thankfully, shadows’ transparency makes this monitoring process easier. You’ll be able to see any pending commands, as well as a shadow’s update history, making it possible to isolate unusual behavior. Any network activity that seems out of place deserves further attention.
All connections on AWS IoT use a client ID, which is a unique identifier that indicates what device or user is sending data or commands. If you restrict which client IDs can access which types of connections, you’ll mitigate shadows’ ability to affect other IoT devices on the network. Standard IoT best practices like network segmentation and user training will further help secure your AWS IoT networks.
IoT Networks Produce Complex Security Considerations
Managing IoT networks requires a balancing act between convenience and security. Features like device shadows can improve the former but carry special considerations for the latter. As you expand your device networks and use these features, remember to consider all of their security implications and take appropriate action.About the author: Devin Partida covers cybersecurity topics for International Security Journal, AT&T's Cybersecurity blog and ReHack.com, where she is the Editor-in-Chief. Find her there to read more of her work.