IoT Security and Connected LED Lighting Networks: The Good News, The Bad News and the Way Forward

EIN 43 LightingCyber 400

Nov 12, 2019

A little over a decade ago, the introduction of LED lighting seemed to transform commercial lighting overnight. Now we’re seeing it happen again. This time, connectivity and big data are driving the change, creating a profound shift in how new commercial lighting is evaluated, specified and approved.

Suddenly everyone is talking and writing about connected lighting, networked lighting, smart lighting controls and the Internet of Things (IoT). As more companies explore networkable lighting and connected smart controls, a new player will be sitting at the table: the corporate IT department. And they’re going to be asking a lot of serious questions about cybersecurity.

In general, the more extensively a lighting network is connected to other networks, the greater the exposure to cybersecurity threats. Consider Gartner’s observation in its 2019 review of cybersecurity trends: “Companies have made a ‘smart’ version of basically everything you can think of, but many of those products have glaring security holes.” In fact, according to McAfee, 70% of IoT devices have such security flaws.

What’s worse, cybersecurity and IT experts point out, is that instead of “baking in” security measures as an essential ingredient of product development, many IoT device manufacturers are “bolting on” security after the fact. Which is a bit like constructing an office building without plumbing and electricity. Adding it later is expensive and difficult, if not impossible.

Leading us to the bad news: the security measures protecting the networkable products of many lighting vendors and their customers are almost non-existent or already years out of date.

But doesn’t almost every LED lighting vendor use 128-bit AES encryption and meet the National Institute of Standards and Technolog’s (NIST) FIPS 140-2, Level 1 requirements? In a word, yes. But encryption isn’t the only issue in smart lighting security, and unless encryption is consistently applied as part of a larger cybersecurity strategy, it won’t satisfy enterprise-level IT departments because it won’t protect the network from a myriad of other vulnerabilities.

Here’s the good news: Cree Lighting developed their smart lighting control networks from the ground up with an IT-grade cybersecurity strategy that has proactively excelled in rigorous independent security evaluations.

Cree Lighting recognized from the beginning that its SmartCast Technology would ultimately serve as an open and interoperable IoT platform. With that in mind, Cree Lighting set out to create a secure architecture to protect data and access. Our benchmark isn’t the best practices of the lighting industry; it’s those of the IT industry.

To ensure the security of the platform, Cree Lighting engaged independent cybersecurity consultants to intentionally attempt to hack the SmartCast Intelligence Platform. After extensive penetration testing, this global firm subsequently ranked the cybersecurity measures of the SmartCast Intelligence Platform in the top 10% of all technology companies they’ve tested, which includes leading technology companies that you use every day.

So what’s the way forward?

Today, anyone involved in commercial lighting projects needs to be guided by four basic assumptions:

1. Every lighting control network will eventually be connected to other enterprise networks and/or the Internet.

2. Any lighting control network that doesn’t provide enterprise-level cybersecurity may compromise the company and put valuable assets and resources at risk.

3. Not all lighting manufacturers give cybersecurity the same priority.

4. Since every IoT-enabled lighting network will require the blessing of the corporate IT department, you’ll want to choose a lighting vendor with cybersecurity that will earn IT department approval.

Welcome to the new reality of commercial lighting. Given the stakes, it’s worth the time to learn a little more about IoT security issues and their solutions. 

For additional information, download Cree Lighting’s FAQ on IoT security, developed for lighting designers and specifiers, or our new Position Paper for IT professionals outlining key security features of the SmartCast Intelligence Platform.

Source: https://www.creelighting.com/insights/article/iot-security-and-connected-led-lighting-networks

Related Articles


Changing Scene

  • Grand Opening: Legrand BCS Office in Markham

    Legrand is thrilled to announce the grand opening of their new BCS facility in the heart of downtown Markham, ON, located at 85 Enterprise Blvd, Suite 400, which is set to take place on Thursday, September 19th, 2024. “Our facility in Vaughan will remain open to continue to stock inventory for Canada for all Legrand… Read More…

  • Leviton Canada Achieves Another Year of Carbon Neutrality

    Leviton Canada proudly reaffirms its commitment to sustainability by achieving carbon neutrality once again in 2023. The company has significantly reduced their environmental footprint by 32% compared to 2022, with a substantial impact on transportation. Despite having energy-efficient lighting and relying on hydropower—a clean and renewable energy source—for their facility, transportation (both upstream and downstream)… Read More…


Design

  • Project Story: Sainte-Thérèse High School Outdoor Lighting Upgrade

    Project Story: Sainte-Thérèse High School Outdoor Lighting Upgrade

    August 6, 2024 Built in 1980, the building that houses Sainte-Thérèse high school, in Quebec Canada, was looking a little worse for the wear. Renovation work began with two major projects: introducing a multidisciplinary sports centre, as well as redesigning the parking lots.  The employee and visitor parking lots were completely reconfigured during phase 1… Read More…

  • Resilience Illuminated: Reviving Westminster Pier Park After Devastating Fire

    Resilience Illuminated: Reviving Westminster Pier Park After Devastating Fire

    In September 2020, the picturesque city of New Westminster near Vancouver in British Columbia suffered a devastating setback when an intentionally set fire destroyed much of the city’s waterfront park, including its urban beach, sand volleyball courts, and iconic art installation known as Wow Westminster. The fire, which burned for ten days before firefighters could… Read More…


New Products

  • GB Agencies: HELIX2-LED Area Light

    GB Agencies: HELIX2-LED Area Light

    The HELIX2-LED is a highly versatile fixture designed with a full range of beam distribution options (Type II, III, IV, V), rotatable optics, glare control shields, and control options to create the perfect, most optimized lighting layout for your area. This standard fixture has all-in-one features including 120-347V, Colour Selection, and Lumen Adjustability. The HELIX2-LED Series is… Read More…

  • Eureka Introduces Velia Tubular Luminaire

    Eureka Introduces Velia Tubular Luminaire

    Eureka has recently announced the release of its Velia luminaire. The versatile family is offered in a variety of colors, textures, lengths, and configurations to meet a space’s specific aesthetics. Unique tubular arrangements can be created with Velia; 36 preconfigured clusters are available. Designers can select from three canopy types and then choose one, three,… Read More…