If you are going to develop anything connected (even if only to an SMS service) you should do some research into security. A lot of people put things online, and it doesn't occur to them that every IP in the IPv4 space is constantly portscanned. They don't have any kind of security, and their device gets abused or infected. With SMS there are similar problems. For example, SS7 (the cellular signaling system used in the US) is old and ridden with security and social engineering flaws. If someone has your number, they can do a lot, up to and including exploiting your device.
Whatever security features are on the baseband for your SMS transceiver, you better make sure they're set up right. You can't portscan phone numbers, but you can wardial them with SMS exploits, and your device will have a phone number even if it can't be called. If your device can be commanded over SMS, it will be vulnerable unless you figure out some way to cryptographically sign the message (sender has private key, receiver has public key, sender signs command, receiver verifies signature.) Basebands have lots of extraneous features, like "load this URL", which present attack surfaces, and should be turned off. Even if you don't have a browser on the device (and you won't) a malformed message may cause a buffer overrun or something of the sort, so you want to shut off absolutely every feature that you don't need.