Welcome!

Eclipse Authors: Liz McMillan, Elizabeth White, XebiaLabs Blog, Ken Fogel, Sematext Blog

Blog Feed Post

The Internet of (Secure) Things – Embedding Security in the IoT

By

We’re seeing a glimmer of the future – the Internet of Things (IoT) – where anything and everything is or contains a sensor that can communicate over the network/Internet. The underlying technology enabling IoT is Machine-to-Machine (M2M) communications. Your running shoe tracks your workouts, sending the data to a mobile app. Your wristband tracks your daily activities, including sleep patterns. Your smartphone controls your television. Your tablet displays recorded videos from your home DVR, anywhere in the world. Your refrigerator tracks your food consumption and contacts a nearby grocery store to restock (someday delivered by drones!) Your car self-tunes and in the future may self-drive and be aware of your schedule (so will self-start and adjust the environment when it’s time to go to work). These are examples of consumer-oriented sensors and devices, but that has occurred in parallel with business, professional, infrastructure, government and military applications. Here are some examples…

Healthcare: Think of medical devices and how they’ve progressed – pin pricks for testing blood sugar to diabetes pumps to contact lenses that can monitor your blood sugar. Pacemakers can report statistics on your heart to doctors and hospitals.

Homes/Offices: Companies and utilities are building sensors into major appliances and HVAC systems. You can opt-in to smart metering so that a utility can load balance energy distribution. That capability is starting to reach into the home, with NEST thermostats and smoke detectors for example. Security alarm systems have communicated with operations centers and police for a long time, but now allow monitoring and control from your smartphone. These smart home technologies are also being applied to smart office buildings. Sensors throughout a building monitor power demand, air temperature and moisture, light levels and external factors (e.g. weather reports). That data is integrated with the building control system and room schedules to optimize energy consumption.

Transportation: For automotive vehicles, there are speed and red-light cameras, EZ Pass toll payments, bridge stress sensors, and traffic management systems outside the vehicle. Inside, there are diagnostic monitors, heads-up displays, adaptive cruise control, and integration with smartphone or in-vehicle GPS/mapping systems. Similar sensor systems exist for rail, sea and air transportation.

Agriculture: GPS-directed combines and sensors on everything from sprinkler/irrigation systems to soil/fertilizer quality are connected via a mesh network to optimize production and quality (thanks Ray Van Houtte for your graduate work in the 1970’s!)

Military: Sensor systems are being used to improve operations from logistics to the battlespace. By tracking the details of every item, the supply chain can be dynamic and more easily optimized. Sensors on drones and robots – air, land and sea – communicate to human operators, analysts and soldiers in the field to improve situational awareness and tactics. There’s even an Android app that leverages M2M communication to a scope to enable a sniper rifle to hit the target every time, regardless of the shooter’s expertise.

Last year, there were over 10 billion connected devices, and estimates predict this number to climb to anywhere from 30 to 50 billion by 2020. In terms of sensors, HP Labs estimates that we’ll hit 1 trillion before too long. To leverage the data and information across a number of these areas, HP Labs is working on a project called CeNSE (Central Nervous System for the Earth)

CeNSE intends to deploy billions of nanoscale sensors that detect and communicate information across all five human senses. The goal is to better understand our world in order to improve resource management and predict dangers to safety and security in the physical world.

hpinternetofthings

With these burgeoning capabilities, there needs to be some focus on cyber security. In my previous blogs, I wrote about continuous monitoring. In today’s current environments, attempts to continuously monitor enterprise security are challenged to track their current assets, which for large organizations number in the hundreds of thousands. The IoT will multiply those assets by a million or more. Today those assets are built on a variety of platforms and operating systems; the software is rarely patched and their communications are not secured. We’ve already seen examples of exploits of these systems – automobile telematics, pacemakers, smart TVs, and more. Science fiction depicts the worst of these scenarios in movies like “Terminator” or “The Matrix”, with machines taking over the world. In the latest of these, Ray Kurzweil’s idea of the singularity moves to the dark side, with a human intelligence taking control of the IoT in “Transcendence

Things aren’t necessarily so dire. The need to embed security in the IoT, from sensors to mobile apps to back-end infrastructure, is recognized and there are a number of efforts working to address the issue.

In private industry, there are companies using their expertise in cybersecurity to provide solutions in this space – QNX, acquired by Blackberry, and Mocana. QNX is a mature Unix operating system that over the years has built the most secure real-time operating system (RTOS) for embedded systems, Neutrino. It’s being used in automobile systems, home appliances, and to secure M2M communications.

Mocana is working on a new type of product code called AtoM (App-to-Machine) that will allow different users to manage and control devices securely, depending on their authority. In addition, they have built a Device Security Framework that provides end-to-end security for any device, based on US Government standards and regulations

On the open source side, there is an effort to build common communication platforms and interfaces for the IoT called AllJoyn that simplifies device information and configuration, onboarding, notification, control, and audio streaming.

Similarly, the AllSeen Alliance expands AllJoyn’s framework to multiple manufacturers and communication fabrics.

By enabling the integration of the variety of devices to communicate and connect, these initiatives will provide a common framework to secure and monitor the IoT. It’s something we have to build in to the IoT ecosystem now. If we wait, we’ll be playing catch-up, just like we are in Internet security – but at a much larger scale. Of course, with billions and trillions of devices and sensors, the accumulation of this information leads to a discussion of big data and big security data, which I will address next time.

 

This post first appeared on George Romas’ HP Blog.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder and partner at Cognitio Corp and publsher of CTOvision.com

@ThingsExpo Stories
"delaPlex is a software development company. We do team-based outsourcing development," explained Mark Rivers, COO and Co-founder of delaPlex Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
We all know the latest numbers: Gartner, Inc. forecasts that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from last year, and will reach 20.8 billion by 2020. We're rapidly approaching a data production of 40 zettabytes a day – more than we can every physically store, and exabytes and yottabytes are just around the corner. For many that’s a good sign, as data has been proven to equal money – IF it’s ingested, integrated, and analyzed fast enough. Without real-ti...
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
I wanted to gather all of my Internet of Things (IOT) blogs into a single blog (that I could later use with my University of San Francisco (USF) Big Data “MBA” course). However as I started to pull these blogs together, I realized that my IOT discussion lacked a vision; it lacked an end point towards which an organization could drive their IOT envisioning, proof of value, app dev, data engineering and data science efforts. And I think that the IOT end point is really quite simple…
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
Big Data, cloud, analytics, contextual information, wearable tech, sensors, mobility, and WebRTC: together, these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at @ThingsExpo, Erik Perotti, Senior Manager of New Ventures on Plantronics’ Innovation team, provided an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it ...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
Is your aging software platform suffering from technical debt while the market changes and demands new solutions at a faster clip? It’s a bold move, but you might consider walking away from your core platform and starting fresh. ReadyTalk did exactly that. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, will discuss why and how ReadyTalk diverted from healthy revenue and over a decade of audio conferencing product development to start an innovati...
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus...
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
Manufacturers are embracing the Industrial Internet the same way consumers are leveraging Fitbits – to improve overall health and wellness. Both can provide consistent measurement, visibility, and suggest performance improvements customized to help reach goals. Fitbit users can view real-time data and make adjustments to increase their activity. In his session at @ThingsExpo, Mark Bernardo Professional Services Leader, Americas, at GE Digital, discussed how leveraging the Industrial Internet a...
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
The best-practices for building IoT applications with Go Code that attendees can use to build their own IoT applications. In his session at @ThingsExpo, Indraneel Mitra, Senior Solutions Architect & Technology Evangelist at Cognizant, provided valuable information and resources for both novice and experienced developers on how to get started with IoT and Golang in a day. He also provided information on how to use Intel Arduino Kit, Go Robotics API and AWS IoT stack to build an application tha...
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
IoT generates lots of temporal data. But how do you unlock its value? You need to discover patterns that are repeatable in vast quantities of data, understand their meaning, and implement scalable monitoring across multiple data streams in order to monetize the discoveries and insights. Motif discovery and deep learning platforms are emerging to visualize sensor data, to search for patterns and to build application that can monitor real time streams efficiently. In his session at @ThingsExpo, ...
Verizon Communications Inc. (NYSE, Nasdaq: VZ) and Yahoo! Inc. (Nasdaq: YHOO) have entered into a definitive agreement under which Verizon will acquire Yahoo's operating business for approximately $4.83 billion in cash, subject to customary closing adjustments. Yahoo informs, connects and entertains a global audience of more than 1 billion monthly active users** -- including 600 million monthly active mobile users*** through its search, communications and digital content products. Yahoo also co...