One aspect is that any commands can be verified as to have come from a specific source since messages contain the sender and can only have come from that sender because of SAFEnetwork protocol.
Also IoT devices can store their data in verifiable places.
So hacking has to be done on an account basis and that puts it into much more researched and known arena for security methods. Basically if only the devices (or @bochaco’s gateway device) know the credentials then it’ll take a long long time for any hacker to break it. They’ll have to resort to social engineering or hacking the developer’s and/or installer’s systems before the devices are installed.