The security of a connected device is not a single property called "an encrypted channel". As the OWASP IoT Top 10 (2018, with later revisions) consistently shows, the most frequent weaknesses are weak passwords, outdated firmware, insecure interfaces and unencrypted data flows. A modern IoT architecture is protected on at least four layers: transport, authentication, message integrity and software lifecycle.

Transport layer: TLS

Client-to-cloud traffic is overwhelmingly protected by TLS. TLS 1.3 (RFC 8446, 2018) needs fewer round trips (1-RTT or 0-RTT) than its predecessors and uses modern AEAD ciphers (AES-GCM, ChaCha20-Poly1305); weak primitives such as CBC, RC4 and MD5 have been removed. On mobile and embedded clients, certificate pinning adds a defence against state-level or CA-forgery attacks. When both server and device present X.509 certificates, the result is mutual TLS (mTLS).

Symmetric encryption: AES

Where asymmetric cryptography is too expensive for constrained devices, symmetric keys take its place. AES-128 and AES-256 (FIPS 197, 2001) are the industry standard; MCUs with hardware acceleration (e.g. STM32, ESP32, nRF) are widespread. For authenticated encryption the AES-CCM and AES-GCM modes are preferred, giving confidentiality and integrity in a single primitive.

Cellular networks: NB-IoT and LTE-M

NB-IoT (3GPP Release 13, 2016) and LTE-M start with SIM-based authentication; because the operator cannot be the only trusted layer, additional encryption is applied at the application layer. DTLS (RFC 9147) provides TLS-equivalent security over UDP and is commonly paired with the CoAP protocol.

Key management and the secure element

Real security depends on how keys are stored on the device. Modern MCUs use approaches such as: a Secure Element (e.g. ATECC608, NXP SE050), a Trusted Execution Environment (ARM TrustZone) and a per-device unique key burned in at manufacture. Designs in which a single key unlocks the entire fleet (master-key reuse) are a known vulnerability.

Replay protection: a message integrity code (MIC or HMAC) on its own is not enough; an attacker can record a valid old message and resend it. The fix is a monotonically increasing counter, a timestamp or a nonce. LoRaWAN uses a 32-bit FCnt; TLS uses sequential record numbers for the same purpose.

Software update (OTA) security

Over-the-air firmware update is the most critical attack surface. The accepted pattern for secure OTA is: signed firmware (typically ECDSA P-256), secure boot (the bootloader verifies the signature), rollback protection (downgrade to a vulnerable older version is blocked) and A/B partitions (a failed update reverts to the previous image). NIST SP 800-193 (Platform Firmware Resiliency, 2018) is the reference document.

Authorisation and audit

At the application layer, role-based access control (RBAC) and immutable audit logs are considered necessary for compliance. In the European Union GDPR (2016/679, in force 2018), and in Türkiye KVKK (Law No. 6698, 2016), impose log-keeping, access restriction and right-to-erasure requirements on systems that hold personal data. Irrigation automation usually collects only technical data (flow, moisture, pressure), so the personal-data surface is limited; user account information, however, falls under these regimes.