Unfortunately, security is one of those things that is seldom considered sufficiently, if at all. Security is invisible and, therefore, difficult to measure. Functionality is much more entertaining, and it is visible and demonstrable. It can turn heads, raise money, and give positive feedback. Security, on the other hand, cannot give positive feedback. And it is difficult to raise money for it, since it is difficult to prove security claims are valid. Lack of security, however, can give negative feedback, but only when it is too late.
If security problems are grave on the internet as a whole, for things on the internet, it's even worse. Devices, not operated by human, and supposed to work for years, perhaps without being able to be updated, are at great risk of being compromised and utilized for malicious purposes. The goal of this chapter is to motivate the reader to take security for the Internet of Things into account from the very beginning...