The History of IoT Security

History in the Making

The Internet of Things (IoT) may encompass an ever-expanding array of devices but it revolves around one single mission: making life connected. Whether it’s smart temperature controls for a house, health tracker devices, sensors in our vehicles, or monitoring traffic in our cities, IoT is designed to optimize everyday life and help the world run more smoothly.

But this connectivity shouldn’t come at a cost. There’s a big danger that the rapid pace of IoT advancement is potentially outstripping the development of the IoT security infrastructure. Optimization shouldn’t mean easy access for criminals, while convenience isn’t worth sacrificing security. Below, we delve into the history of IoT security, from how the IoT started life as a disparate array of ideas, to how it has grown to transform industries and make all our lives easier. As with any emerging technology, it’s not always been easy, it brings with it challenges that only collaboration can resolve.

A Brief History of the IoT


The Internet of Things may sound like a recent phenomenon but its roots can be traced back to the 19th Century. In fact, the concept of connected devices dates back to 1832, when Baron Schilling designed the first electromagnetic telegraph that allowed direct communication between two machines through the transfer of electrical signals. It’s this Machine-to-Machine (M2M) communication that laid the groundwork for the growth of IoT.


However, it wasn’t until the 1970s that technology had advanced to allow M2M and connected devices to really start to take shape. The rapid development of M2M in this decade led to the emergence of early IoT devices that, true to IoT’s mission, were born out of a desire to make life simpler.


For example, in 1982, a group of students at Carnegie Melon University invented one of the earliest known connected devices to monitor the contents of a Coca-Cola vending machine and save themselves a walk if they knew it was empty.


Of course, it was the emergence of the World Wide Web, proposed by Tim Berners-Lee in 1989, that finally put the internet in the Internet of Things. A year later, John Romkey put this to the test and created a toaster that could be turned on and off via the Internet.


Early examples of IoT design were based around convenience, or simply as a way of proving they could be done. For example, in 1993, scientists at the University of Cambridge created what is believed to be the first 'webcam', designed to report on the fullness of a coffee pot so that they didn't have to go and check it for themselves.


IoT is capable of many things, from making the consumer's life simpler to transforming a wide range of industries, including manufacturing. The IIoT journey can be seen to start in 1992 when programmable logic controllers (PLCs) gained connectivity. Since that time, they have been central to the development and use of automated assembly lines and industrial robots in factories.


The concept of smart cities may sound like something out of a novel, but they too have long been a part of the IoT vision. IoT devices such as connected sensors, lights, and meters that collect and analyze data improve our cities’ infrastructure, public services, and more. In 1994, Amsterdam created arguably the first smart city with a virtual ‘digital city’, De Digitale Stad, to promote internet use.


Although we’ve already seen a number of examples of connected devices in action, it wasn’t until 1999 that the term “Internet of Things” was first coined. It is said to have been introduced by Kevin Ashton, the Executive Director of Auto-ID Labs at MIT when he wanted to attract attention to a new exciting technology called RFID.


IoT development was taken to another level with the advent of cloud computing in the early 2000s that enabled the network of connectivity we exist in today. Fast forward to 2008 and the number of total connected devices in the world had already overtaken the global population.


While the concept of IoT really started to take off in the 2010s, this period also showed us how an increasing network of connected devices also means an increasingly attractive, large target for cybercriminals. IoT security started to become a critical issue for governments, businesses and individual users.


The infamous SUV hack from 2017 - where a team of researchers exploited an update vulnerability to remotely hijack a vehicle and control its speed and direction - shows that single users can be strategically targeted. And we know that hackers are constantly looking for new ways to access people’s data. In 2017 they used an unconventional method to break into a casino, accessing its network via an internet-connected thermometer in a fish tank to extract its database.

PSA Certified and the Future of IoT security

We’ve seen from our exploration of key moments in the history of IoT, that with its rapid development, security has often been an afterthought, or in some cases, not thought of at all!

Fear shouldn’t stop organizations from embracing the benefits of IoT. But it should make them think carefully about the way they’re protecting networks and devices. The future is connected - it’s estimated that there will be 9.27 connected devices per person by 2025 - but if we don’t want chaos then it has to also be secure.

PSA Certified was developed to provide the much-needed global security structure for connected devices. In 2017, Arm introduced Platform Security Architecture (PSA) to transform embedded IoT security and in 2019 this evolved to become PSA Certified: a collaboration between seven expert security companies.

Since then, we have launched a series of security certifications, for silicon vendors, system software providers, and devices, helping companies create innovative new technology that doesn’t create IoT weak links.

  • Throughout 2019, we created the first wave of PSA Certified Level 1 certifications from silicon vendors and system software providers
  • In 2020 we had our first wave of PSA Certified Level 1 device certifications and also saw silicon providers embrace PSA Certified Level 2
  • In 2021 we celebrated the first PSA Certified Level 3 silicon certifications, showcasing protection from scalable software and hardware attacks.

PSA Certified 2021 Security Report

Securing the Future of the IoT

Having explored some of the landmark moments in the IoT’s unexpected history, let’s look forward to where the IoT is heading. Read our 2021 report, exploring how collaboration will help secure the future of the IoT, in the face of ever more sophisticated threats.

Related Links

Find out the true cost of IoT insecurity

Learn about the PSA Certified framework

Share this page

The PSA Certified name, PSA Certified logos, PSA Functional API Certified logo featured on this website are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All rights reserved. Other brands and names mentioned on this website may be the trademarks of their respective owners.

Copyright © 2021 Arm Limited (or its affiliates). All rights reserved.

Sign Up to Receive the Latest from PSA Certified