Why the marriage of Linux and IoT has not been smooth sailing
25 years is a long time, especially in technology. Indeed, 1991 saw the appearance of the world’s first web page, and the introduction of the Notebook.
It also saw the birth of Linux, the world’s best known and most oft-used open source operating system (OS), which continues to play a significant role in how businesses and consumers use IT.
While IoT plays an increasingly important part of our lives, dominating headlines and changing the way we interact with services in the modern world, Linux has played a significant role in establishing IoT’s ubiquity, says Mav Turner, director at SolarWinds.
Linux-based OSes make it easy for developers to create applications that can run on anything, so whether it’s a connected fridge or a smart car, Linux can and has been used to drive innovation in the IoT space. As a result, 73% of IoT developers use Linux to run applications on.
However, the marriage of Linux and IoT has not been entirely smooth sailing. Questions have arisen over security, which is now listed as the the top concern in the IoT industry. While the trend promises connected devices and unrivalled convenience, it also results in a greater number of entry points and vulnerabilities for businesses to be concerned about.
This is especially the case with Linux, which runs across desktops, servers and embedded services at the same time. These three different deployment models represent a wealth of unique threats, meaning the number of security issues Linux faces are greater than ever before.
As Linux’s security capabilities strain to cope with this threat, cyber criminals may be rubbing their hands with glee, while IT managers fear the worst.
IoT is such an attractive proposition that the pressure on businesses to embrace it will only increase. Leaving developers with the unenviable task of surfing the IoT wave while using an OS that’s ill-equipped to handle the security pressures placed upon it.
To locate the problem, we have to go back to the beginning. Linux was conceived as a Unix-alike OS running on commodity hardware, with the Linux kernel representing openness for its users. It was this openness that made Linux so well-suited to driving innovation and, as a result, the development of IoT.
Indeed, it is low cost, commoditised hardware trends that are enabling the continued growth of IoT. The irony here is that Linux is partly responsible for the growth in the number of IoT devices – the same products that are placing extreme pressure on its security.
The security issues that Linux faces, beyond the fact that it was designed for openness rather than security, are plentiful, and include the enormous number of packages running on top of it, as well as its monolithic kernel model.
The number of IoT devices now in use is only making these issues worse, while the challenges of managing the lifecycles of this plethora of network connected devices is another headache for Linux users to contend with.
As a result of the brave new world of IoT, opportunity has arisen for a more security-focused OS for embedded systems. Yet, despite its flaws, the openness and flexibility of Linux makes it almost impossible to displace as the IoT OS of choice.
It’s highly unlikely we will ever see a perfectly secure operating system that actually works for IoT, and, as a result, Linux is likely to stand firm even as more cracks appear, and security issues continue to proliferate.
The author of this blog is Mav Turner, director at SolarWinds
Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow