Click here to close now.




















Welcome!

Eclipse Authors: XebiaLabs Blog, Ken Fogel, Sematext Blog, Marcin Warpechowski, Trevor Parsons

Blog Feed Post

The Internet of (Secure) Things – Embedding Security in the IoT

By

We’re seeing a glimmer of the future – the Internet of Things (IoT) – where anything and everything is or contains a sensor that can communicate over the network/Internet. The underlying technology enabling IoT is Machine-to-Machine (M2M) communications. Your running shoe tracks your workouts, sending the data to a mobile app. Your wristband tracks your daily activities, including sleep patterns. Your smartphone controls your television. Your tablet displays recorded videos from your home DVR, anywhere in the world. Your refrigerator tracks your food consumption and contacts a nearby grocery store to restock (someday delivered by drones!) Your car self-tunes and in the future may self-drive and be aware of your schedule (so will self-start and adjust the environment when it’s time to go to work). These are examples of consumer-oriented sensors and devices, but that has occurred in parallel with business, professional, infrastructure, government and military applications. Here are some examples…

Healthcare: Think of medical devices and how they’ve progressed – pin pricks for testing blood sugar to diabetes pumps to contact lenses that can monitor your blood sugar. Pacemakers can report statistics on your heart to doctors and hospitals.

Homes/Offices: Companies and utilities are building sensors into major appliances and HVAC systems. You can opt-in to smart metering so that a utility can load balance energy distribution. That capability is starting to reach into the home, with NEST thermostats and smoke detectors for example. Security alarm systems have communicated with operations centers and police for a long time, but now allow monitoring and control from your smartphone. These smart home technologies are also being applied to smart office buildings. Sensors throughout a building monitor power demand, air temperature and moisture, light levels and external factors (e.g. weather reports). That data is integrated with the building control system and room schedules to optimize energy consumption.

Transportation: For automotive vehicles, there are speed and red-light cameras, EZ Pass toll payments, bridge stress sensors, and traffic management systems outside the vehicle. Inside, there are diagnostic monitors, heads-up displays, adaptive cruise control, and integration with smartphone or in-vehicle GPS/mapping systems. Similar sensor systems exist for rail, sea and air transportation.

Agriculture: GPS-directed combines and sensors on everything from sprinkler/irrigation systems to soil/fertilizer quality are connected via a mesh network to optimize production and quality (thanks Ray Van Houtte for your graduate work in the 1970’s!)

Military: Sensor systems are being used to improve operations from logistics to the battlespace. By tracking the details of every item, the supply chain can be dynamic and more easily optimized. Sensors on drones and robots – air, land and sea – communicate to human operators, analysts and soldiers in the field to improve situational awareness and tactics. There’s even an Android app that leverages M2M communication to a scope to enable a sniper rifle to hit the target every time, regardless of the shooter’s expertise.

Last year, there were over 10 billion connected devices, and estimates predict this number to climb to anywhere from 30 to 50 billion by 2020. In terms of sensors, HP Labs estimates that we’ll hit 1 trillion before too long. To leverage the data and information across a number of these areas, HP Labs is working on a project called CeNSE (Central Nervous System for the Earth)

CeNSE intends to deploy billions of nanoscale sensors that detect and communicate information across all five human senses. The goal is to better understand our world in order to improve resource management and predict dangers to safety and security in the physical world.

hpinternetofthings

With these burgeoning capabilities, there needs to be some focus on cyber security. In my previous blogs, I wrote about continuous monitoring. In today’s current environments, attempts to continuously monitor enterprise security are challenged to track their current assets, which for large organizations number in the hundreds of thousands. The IoT will multiply those assets by a million or more. Today those assets are built on a variety of platforms and operating systems; the software is rarely patched and their communications are not secured. We’ve already seen examples of exploits of these systems – automobile telematics, pacemakers, smart TVs, and more. Science fiction depicts the worst of these scenarios in movies like “Terminator” or “The Matrix”, with machines taking over the world. In the latest of these, Ray Kurzweil’s idea of the singularity moves to the dark side, with a human intelligence taking control of the IoT in “Transcendence

Things aren’t necessarily so dire. The need to embed security in the IoT, from sensors to mobile apps to back-end infrastructure, is recognized and there are a number of efforts working to address the issue.

In private industry, there are companies using their expertise in cybersecurity to provide solutions in this space – QNX, acquired by Blackberry, and Mocana. QNX is a mature Unix operating system that over the years has built the most secure real-time operating system (RTOS) for embedded systems, Neutrino. It’s being used in automobile systems, home appliances, and to secure M2M communications.

Mocana is working on a new type of product code called AtoM (App-to-Machine) that will allow different users to manage and control devices securely, depending on their authority. In addition, they have built a Device Security Framework that provides end-to-end security for any device, based on US Government standards and regulations

On the open source side, there is an effort to build common communication platforms and interfaces for the IoT called AllJoyn that simplifies device information and configuration, onboarding, notification, control, and audio streaming.

Similarly, the AllSeen Alliance expands AllJoyn’s framework to multiple manufacturers and communication fabrics.

By enabling the integration of the variety of devices to communicate and connect, these initiatives will provide a common framework to secure and monitor the IoT. It’s something we have to build in to the IoT ecosystem now. If we wait, we’ll be playing catch-up, just like we are in Internet security – but at a much larger scale. Of course, with billions and trillions of devices and sensors, the accumulation of this information leads to a discussion of big data and big security data, which I will address next time.

 

This post first appeared on George Romas’ HP Blog.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley, former CTO of the Defense Intelligence Agency (DIA), is Founder and CTO of Crucial Point LLC, a technology research and advisory firm providing fact based technology reviews in support of venture capital, private equity and emerging technology firms. He has extensive industry experience in intelligence and security and was awarded an intelligence community meritorious achievement award by AFCEA in 2008, and has also been recognized as an Infoworld Top 25 CTO and as one of the most fascinating communicators in Government IT by GovFresh.

@ThingsExpo Stories
In his session at @ThingsExpo, Lee Williams, a producer of the first smartphones and tablets, will talk about how he is now applying his experience in mobile technology to the design and development of the next generation of Environmental and Sustainability Services at ETwater. He will explain how M2M controllers work through wirelessly connected remote controls; and specifically delve into a retrofit option that reverse-engineers control codes of existing conventional controller systems so they don't have to be replaced and are instantly converted to become smart, connected devices.
The 3rd International WebRTC Summit, to be held Nov. 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA, announces that its Call for Papers is now open. Topics include all aspects of improving IT delivery by eliminating waste through automated business models leveraging cloud technologies. WebRTC Summit is co-located with 15th International Cloud Expo, 6th International Big Data Expo, 3rd International DevOps Summit and 2nd Internet of @ThingsExpo. WebRTC (Web-based Real-Time Communication) is an open source project supported by Google, Mozilla and Opera that aims to enable bro...
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advanced analytics, and DevOps to advance innovation and increase agility. Specializing in designing, imple...
Containers are not new, but renewed commitments to performance, flexibility, and agility have propelled them to the top of the agenda today. By working without the need for virtualization and its overhead, containers are seen as the perfect way to deploy apps and services across multiple clouds. Containers can handle anything from file types to operating systems and services, including microservices. What are microservices? Unlike what the name implies, microservices are not necessarily small, but are focused on specific tasks. The ability for developers to deploy multiple containers – thous...
SYS-CON Events announced today that IceWarp will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IceWarp, the leader of cloud and on-premise messaging, delivers secured email, chat, documents, conferencing and collaboration to today's mobile workforce, all in one unified interface
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades. With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be.
Too often with compelling new technologies market participants become overly enamored with that attractiveness of the technology and neglect underlying business drivers. This tendency, what some call the “newest shiny object syndrome,” is understandable given that virtually all of us are heavily engaged in technology. But it is also mistaken. Without concrete business cases driving its deployment, IoT, like many other technologies before it, will fade into obscurity.
As more and more data is generated from a variety of connected devices, the need to get insights from this data and predict future behavior and trends is increasingly essential for businesses. Real-time stream processing is needed in a variety of different industries such as Manufacturing, Oil and Gas, Automobile, Finance, Online Retail, Smart Grids, and Healthcare. Azure Stream Analytics is a fully managed distributed stream computation service that provides low latency, scalable processing of streaming data in the cloud with an enterprise grade SLA. It features built-in integration with Azur...
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and analyzed? As an area of investment, how might a retail company move towards an innovation methodolo...
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on demos and comprehensive walkthroughs.
Contrary to mainstream media attention, the multiple possibilities of how consumer IoT will transform our everyday lives aren’t the only angle of this headline-gaining trend. There’s a huge opportunity for “industrial IoT” and “Smart Cities” to impact the world in the same capacity – especially during critical situations. For example, a community water dam that needs to release water can leverage embedded critical communications logic to alert the appropriate individuals, on the right device, as soon as they are needed to take action.
WebRTC services have already permeated corporate communications in the form of videoconferencing solutions. However, WebRTC has the potential of going beyond and catalyzing a new class of services providing more than calls with capabilities such as mass-scale real-time media broadcasting, enriched and augmented video, person-to-machine and machine-to-machine communications. In his session at @ThingsExpo, Luis Lopez, CEO of Kurento, will introduce the technologies required for implementing these ideas and some early experiments performed in the Kurento open source software community in areas ...
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Treloar, President and COO of Bebaio, will explore examples of brands transforming their businesses by t...
With the Apple Watch making its way onto wrists all over the world, it’s only a matter of time before it becomes a staple in the workplace. In fact, Forrester reported that 68 percent of technology and business decision-makers characterize wearables as a top priority for 2015. Recognizing their business value early on, FinancialForce.com was the first to bring ERP to wearables, helping streamline communication across front and back office functions. In his session at @ThingsExpo, Kevin Roberts, GM of Platform at FinancialForce.com, will discuss the value of business applications on wearable ...
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises are using some form of XaaS – software, platform, and infrastructure as a service.
SYS-CON Events announced today that Micron Technology, Inc., a global leader in advanced semiconductor systems, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Micron’s broad portfolio of high-performance memory technologies – including DRAM, NAND and NOR Flash – is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of technology leadership, Micron's memory solutions enable the world's most innovative computing, consumer,...
As more intelligent IoT applications shift into gear, they’re merging into the ever-increasing traffic flow of the Internet. It won’t be long before we experience bottlenecks, as IoT traffic peaks during rush hours. Organizations that are unprepared will find themselves by the side of the road unable to cross back into the fast lane. As billions of new devices begin to communicate and exchange data – will your infrastructure be scalable enough to handle this new interconnected world?
While many app developers are comfortable building apps for the smartphone, there is a whole new world out there. In his session at @ThingsExpo, Narayan Sainaney, Co-founder and CTO of Mojio, will discuss how the business case for connected car apps is growing and, with open platform companies having already done the heavy lifting, there really is no barrier to entry.
SYS-CON Events announced today that the "Second Containers & Microservices Expo" will take place November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities.