A practical perspective
I consider myself a realist when it comes to security. The only secure IoT product is a "thing" that is not connected to anything and has no user. Remember that it was a USB stick, not the Internet, that was used to breach physical network isolation in the Stuxnet case.
We don't need yet another technology to tackle the security challenges of IoT. Instead, we should be looking at the way we design and build products. Have you ever known product designers, developers, or architects to do insecure things like store passwords in plaintext or use hard-coded passwords under the guise of convenience for users?
We should challenge ourselves to be creative and build reasonable, secure products that are easy to use. A good example for this secure-by-design approach is Apple's new fingerprint reader on the iPhone. Yes, it can be hacked like anything else -- but it's a big step up from using easy-to-guess passwords or no password at all (see this recent National Cyber Security Alliance/PayPal study, which finds that only one-third of users set a PIN on their phone). Its genius lies in making security inherent and pervasive.
There are well-known security best practices in existing technologies, which -- if applied consistently -- would eliminate or greatly reduce the vulnerability of connected things. Meaningful password settings, encrypted storage of personal information, using OAuth simple device profile or OpenID Connect rather than storing individual account information -- any of these would be a big step toward less vulnerable IoT.
Design with failure in mind
But no technology will ever stop a determined attack on any kind of system, especially in a massively distributed system like IoT. To deal with the risk of acting on compromised or manipulated data or unauthorized access, IoT systems should be designed with failure and breach in mind. Rather than pursuing (and promising) the impossible dream of secure endpoints, we should go with the best possible endpoint security and design critical decision-making processes to "trust but verify" through data correlation.
Credit card companies are a good example of that approach. While today's credit cards have some commonsense endpoint security features (such as chip or PIN entry), credit card companies are constrained by the fact that the use of the credit card cannot be too burdensome to its users. Instead, they rely on seamless strong authentication, risk analysis, and correlating user and past purchase data to detect fraud.