According to Intel IoT is expected to be a multi-trillion-dollar market, with 50 billion devices creating 44 zettabytes (or 44 trillion gigabytes) of data annually by 2020. But that widely cited 50 billion IoT devices in 2020 number is clearly not correct! Forecast of 50 Billion Devices by 2020 Is Outdated. In 2017 we should be talking about about some sensible numbers. The current count is somewhere between Gartner’s estimate of 6.4 billion (which doesn’t include smartphones, tablets, and computers), International Data Corporation’s estimate of 9 billion (which also excludes those devices), and IHS’s estimate of 17.6 billion (with all such devices included). Both Ericsson and Evans have lowered their expectations from 50 billion for 2020: Evans, who is now CTO of Stringify, says he expects to see 30 billion connected devices by then, while Ericsson figures on 28 billion by 2021.
Connectivity and security will be key features for Internet of Things processors in 2017. Microcontroller (MCU) makers will continue to target their products at the Internet of Things (IoT) in 2017 by giving more focus on battery life, more connectivity of various types, and greater security. The new architectures are almost sure to spawn a multitude of IoT MCUs in 2017 from manufacturers who adopt ARM’s core designs.
ARM will be big. Last year, ARM’s partners shipped 15 billion chips based on its architectures. The trend toward IoT processors will go well beyond ARM licensees. Intel rolled out the Intel Atom E3900 Series for IoT applications. And do not forget MIPS an RISC-V.
FPGA manufacturers are pushing their products to IoT market. They promise that FPGAs solve challenges at the core of IoT implementation: making IoT devices power efficient, handling incompatible interfaces, and providing a processing growth path to handle the inevitable increase in device performance requirement.
Energy harvesting field will become interesting in 2017 as it is more broadly adopted. Energy harvesting is becoming the way forward to help supplement battery power or lose the need for it altogether. Generally researchers are eyeing energy-harvesting to power ultra-low-power devices, wearable technology, and other things that don’t need a lot of power or don’t come in a battery-friendly form factor.
Low power wide area networks (LPWA) networks (also known as NarrowBand IoT) will be hot in 2017. There is hope that f LPWA nets will act as a catalyst, changing the nature of the embedded and machine-to-machine markets as NB-IoT focuses specifically on indoor coverage, low cost, long battery life, and enabling a large number of connected devices. The markets will become a kind of do-it-yourselfers paradise of modules and services, blurring the lines between vendors, users and partners. At the same time for years to come, the market for low power wide area networks (LPWA) will be as fragmented and is already in a race to the bottom (Sigfox, said to be promising costs approaching $1 per node per year). Competing technologies include Sigfox, LoRa Alliance, LTE Cat 1, LTE Cat M1 (eMTC), LTE Cat NB1 (NB-IoT) and other sub-gigahertz options almost too numerous to enumerate.
We are starting to see a battle between different IoT technologies, and in few years to come we will see which are winners and which technologies will be lost in the fight. Sigfox and Lora are currently starting well, but telecom operators with mobile networks NB-IoT will try hit the race heavily in 2017. Vendors prep Cat M1, NB1 for 2017: The Cat M1 standard delivers up to 380 Kbits/second over a 1.4 MHz channel. NB-1 handles up to 40 Kbits/s over 200 kHz channels. Vendors hope the 7-billion-unit installed base of cellular M2M modules expands. It’s too early to tell which technologies will be mainstream and which niche. It could be that cellular NB-IOT was too late, it will fail in the short term, it can win in the long term, and the industry will struggle to make any money from it. At $2 a year, 20 billion devices will contribute around 4% of current global mobile subscription revenues.
New versions of communication standards will be taken into use in 2017. For example Bluetooth 5 that adds more speed and IoT functionality. In 2017, we will see an increase in the number of devices with the new Bluetooth 5 standard.
Industrial IoT to gain traction in 2017. Industrial applications ultimately have the greater transformative potential than consumer products, offering users real returns on investment (ROI) rather than just enhanced convenience or “cool factor”. But the industrial sector is conservative and has been slow to embrace an industrial IoT (IIoT), but is seems that they are getting interested now. During the past year there has been considerable progress in removing many of the barriers to IIoT adoption. A global wide implementation of an IIoT is many years away, of course. The issues of standards and interoperability will most likely remain unresolved for several years to come, but progress is being made. The Industrial Internet Consortium released a framework to support development of standards and best practices for IIoT security.
The IIoT market is certainly poised to grow. A Genpact research study, for instance, indicates that more than 80% of large companies believe that the IIoT will be essential to their future success. In a recent market analysis by Industry ARC, for instance, the projected value of the IIoT market will reach more than $120 billion by 2021. Research firm Markets and Markets is even more optimistic, pegging IIoT growth at a CAGR of 8% to more than $150 billion by 2020. And the benefits will follow. By GE’s estimate, the IIoT will stimulate an increase in the global GDP of $10 to $15 trillion over the next 20 years.
Systems integrators are seeking a quick way to enter the industrial Internet of Things (IIoT) market. So expect to see many plug and play IoT sensor systems unveiled. There were many releses in 2016, and expect to see more in 2017. Expect to see device, connectivity and cloud service to be marketed as one packet.
IoT analytics will be talked a lot in 2017. Many companies will promise to turn Big Data insights into bigger solutions. For industrial customers Big Data analytics is promised to drive operational efficiencies, cut costs, boosting production, and improving worker productivity. There are many IIoT analytic solution and platform suppliers already on the market and a growing number of companies are now addressing industrial analytics use.
In 2016 it was all bout getting the IoT devices connected to cloud. In 2017 we will see increased talk about fog computing. Fog computing is new IoT trend pushed by Cisco and many other companies. As the Internet of Things (IoT) evolves, decentralized, distributed-intelligence concepts such as “fog computing” are taking hold to address the need for lower latencies, improved security, lower power consumption, and higher reliability. The basic premise of fog computing is classic decentralization whereby some processing and storage functions are better performed locally instead of sending data all the way from the sensor, to the cloud, and back again to an actuator. This demands smarter sensors and new wireless sensor network architectures. Groups such as the Open Fog Consortium have formed to define how it should best be done. You might start to want to be able to run the same code in cloud and your IoT device.
The situation in IoT security in 2016 was already Hacking the IoT: As Bad As I Feared It’d Be and there is nothing that would indicate that the situation will not get any better in 2017. A veritable army of Internet-connected equipment has been circumvented of late, due to vulnerabilities in its hardware, software or both … “smart” TVs, set-top boxes and PVRs, along with IP cameras, routers, DSL, fiber and cable modems, printers and standalone print servers, NASs, cellular hot spots, and probably plenty of other gear. IoT world at the moment is full of vulnerable devices, and it will take years to get then replaces with more secure devices. Those vulnerable devices can be used to make huge DDoS attacks against Internet services. The 2016 October 21 cyberattacks on Dyn brought to light how easily many IoT devices can be compromised. I expect that kind of incidents will happen more in 2017 as DDoS botnets are pretty easy to build with tools available on-line. There’s no question that everyone in the chain – manufacturers, retailers and consumers – have to do a better job securing connected devices.When it comes to IoT, more security is needed.
2,275 Comments
Tomi Engdahl says:
Robot Hand Goes Wireless
http://hackaday.com/2017/03/13/robot-hand-goes-wireless/
We can’t decide if [MertArduino’s] robotic hand project is more art or demonstration project. The construction using springs, fishing line, and servo motors isn’t going to give you a practical hand that could grip or manipulate anything significant. However, the project shows off a lot of interesting construction techniques and is a fun demonstration for using nRF24L01 wireless in a project.
Arduino – Make a Low Cost Robotic Hand With Wireless Controlled (using NRF24L01)
http://www.instructables.com/id/Arduino-Make-a-Low-Cost-Robotic-Hand-With-Wireless/
Tomi Engdahl says:
Zero-Intrusion Wireless Light Switch
http://hackaday.com/2017/03/14/zero-intrusion-wireless-light-switch/
What do you do if your light switch is too far from your desk, and you’re in a rental property so you can’t put in extra wiring to install an electronic control for it? Get up and turn it on or off by hand? Of course not!
If you are [Guyfromhe], you solve this problem with a servo attached to a screw-on light switch faceplate, and you control it with a pair of Arduino/nRF24L01 combos. It’s a pretty simple arrangement, the wireless link simply takes the place of a serial cable that instructs the Arduino on the light switch to operate the servo that in turn moves the switch. The whole thing is triggered through his home automation system
$16 Wireless Lightswitch Mark II
http://guyfromhe.blogspot.fi/2017/03/wireless-lightswitch-mark-ii.html
Tomi Engdahl says:
Triggy – Multi-purpose Smart CompanionTag
https://hackaday.io/project/12829-triggy-multi-purpose-smart-companiontag
This smart companion will triggersan action on a smartphone each time a physical change is detected (temperature, displacement, click…)
Multi-purpose smart tag to alert, inform or trigger an action on your smartphone when a physical event occurs. A cloud-based action can also be performed using your Android device as the internet gateway. An application will allow to find tags and to create rules between triggering events and actions to be executed. When using IFTTT, the possibilities are huge: home automation, remote notifications, cloud automation…
Only an Android device is required with the Triggy board, making automation very simple and cheap. Also it will be ultra-low power and small, enabling a lot of usages. “A single tag for many different usages.”
Tomi Engdahl says:
The Connected Toy Conundrum Is Beginning to Boil
http://www.securityweek.com/connected-toy-conundrum-beginning-boil
The prediction business is a tricky thing. You can be right, but until you are proven right, you’re either early or wrong. Being early feels just like being wrong—up until the moment you are right.
When toymaker VTech announced in November 2015 that nearly five million customer records had been leaked (including pictures of and data about children), I predicted that the breach would be a tipping point for security and privacy issues with connected toys. My thesis was based on the notion that nothing stirs the emotions faster than concerns over the privacy and safety of children.
My prediction didn’t get any traction. Just as I was beginning to embrace the notion that I was wrong, a string of recent events may prove that I was just early.
Smart toy security troubles are on the rise
In mid-February, it was reported that Germany’s Federal Network Agency issued a warning to parents about the “My Friend Cayla” doll. The agency, which oversees telecommunications in Germany, advised parents to destroy the doll because it collects and transmits conversations with children.
In early March, it was reported that toymaker Spiral Toys had been hacked, exposing data from over 800,000 users. The data contained personalized voice messages, pictures, and other data collected via Internet-connected teddy bears and the associated smartphone apps.
Securing smart devices goes beyond toy manufacturers
As I have said repeatedly, the term “connected device” should immediately provoke questions such as “to what?”, “for what purpose?”, and “with what level of protection for the data?”
I do not believe that there is malicious intent on the part of the toy manufacturers. They are looking for an angle to sell toys, and IoT and connected devices are hot topics.
It’s time to take IoT security and privacy seriously
Privacy is an ephemeral subject, particularly in the United States. Other countries take a much more pronounced interest in privacy, where I believe Americans have become numb to the subject after selling our privacy souls for free cell phones. However, the basic, immutable law is simple and must be recognized by consumers: If something is IoT or connected it collects data and that data goes somewhere and is stored. While seemingly benign, that data may combine sensitive information—which can be stolen.
The tipping point may have just arrived. On March 6, Consumer Reports announced that they are “launching the first phase of a collaborative effort to create a new standard that safeguards consumers’ security and privacy”. Consumer Reports hopes to push a new open-source standard that addresses privacy and security concerns for connected consumer devices.
Consumer Reports to Begin Evaluating Products, Services for Privacy and Data Security
CR partners with other cyber experts, creating a new open-source industry standard to make connected devices safer
http://www.consumerreports.org/privacy/consumer-reports-to-begin-evaluating-products-services-for-privacy-and-data-security/
Tomi Engdahl says:
Brit infosec’s greatest threat? Thug malware holding nation’s devices to ransom – report
And cheap IoT kit’s not helping matters
https://www.theregister.co.uk/2017/03/14/cyber_security_agencies_ransomware_warning/
The National Crime Agency and newly formed National Cyber Security Centre joint report on cybercrime unsurprisingly names ransomware as the top internet menace.
The report notes that ransomware is a “significant and growing” risk, with file-encrypting malware poses a threat to a greater range of kit beyond PCs. Smartphones, connected devices, wearables and even TVs are also at risk. Distributed Denial of Service (DDoS) attacks are also becoming more aggressive.
David Mount, director, security consulting EMEA at Micro Focus, said: “As this report demonstrates, the IoT is ushering in a new era in security terms. It’s positive that issues like ransomware and IoT security are now part of the national conversation, but we still have a long way to go to encourage connected tech companies to build security into IoT products from the start. All too often device vendors prioritise usability and customer experience over security, and that is putting consumers and businesses at risk. Quite simply, IoT security can no longer be treated as an afterthought.”
“Many Internet of Things manufacturers may be contributing to this rise by not prioritising security when building their devices [for example] many are being produced with predictable passwords that cannot easily be changed.”
He added: “Too many electronics firms want to make their IoT device as cheap as possible. Security is expensive and paying developers to write secure code might mean a gadget is late to market and costly. Ultimately though, insecure products will lead to greater attacks.”
Tomi Engdahl says:
US regulator looks at Internet of Things regulation, looks away
Federal Trade Commission says it won’t step in… this time
https://www.theregister.co.uk/2017/03/14/us_ftc_wont_start_internet_of_things_regulation/
The US Federal Trade Commission is holding off regulating the Internet of Things industry until there is an event which “harms consumers right now”, according to its acting head.
Maureen Ohlhausen, the American regulator’s acting head, told a gathering of cyber security professionals that she was not inclined to impose mandatory regulations on IoT devices.
“We haven’t taken a position,” she said, according to The Guardian.
While the wireless networking side of the Internet of Things seems to have coalesced down to three or four players, it’s the interaction between silicon and security where the Things are still open to exploitation.
Acting Federal Trade Commission head: internet of things should self-regulate
https://www.theguardian.com/technology/2017/mar/14/federal-trade-commission-internet-things-regulation
Maureen Ohlhausen, the commission’s sole Republican and its acting chair under Trump, defended using big data to alter pricing from consumer to consumer
Tomi Engdahl says:
Bluetooth 5 SoC maximizes battery life
http://www.edn.com/electronics-products/other/4458073/Bluetooth-5-SoC-maximizes-battery-life
A multiprotocol, Bluetooth 5-certified radio system-on-chip, On Semiconductor’s RSL10 requires just 62.5 nW in deep sleep mode and 7 mW in receive mode, optimizing battery life in fitness trackers, smart watches, and other IoT and connected health and wellness applications. With its ARM Cortex M3 processor and LPDSP32 DSP core, the highly integrated RSL10 supports Bluetooth low-energy technology and 2.4-GHz proprietary protocol stacks without sacrificing power consumption.
The radio system-on-chip is intended for designs using 1.2-V and 1.5-V batteries and accommodates a voltage supply range of 1.1 V to 3.6 V without requiring a DC/DC converter
RSL10: Ultra-Low-Power Multi-protocol Bluetooth® 5 Certified System-on-Chip (SoC)
http://www.onsemi.com/PowerSolutions/product.do?id=RSL10&utm_source=press_release&utm_medium=PR&utm_term=&utm_content=link-RSL10-page&utm_campaign=RSL10
Tomi Engdahl says:
Philips taps Microsoft as part of indoor-positioning partnering push, adds Bluetooth to the mix
http://www.ledsmagazine.com/articles/2017/02/philips-taps-microsoft-as-part-of-indoor-positioning-partnering-push-adds-bluetooth-to-the-mix.html?cmpid=enl_leds_smartlightingiot_2017-03-13
With location-based services still stuck on the launchpad, the company’s new “Location Lab” reaches out to data and app developers. Meanwhile, Philips finally acknowledges that Bluetooth, not just VLC, can light the way.
In two moves to jump-start the stalled indoor-positioning business, Philips Lighting said it has rounded up IT companies including Microsoft and SAP to develop compelling data-linked uses that might actually attract customers. And in an underlying wireless technology change, Philips quietly revealed that it is now embracing radio-based Bluetooth in addition to the visible light communication (VLC) that it has long preferred.
Osram wedges into indoor positioning by selling Bluetooth chips
http://www.ledsmagazine.com/articles/2017/03/osram-wedges-into-indoor-positioning-by-selling-bluetooth-chips.html?cmpid=enl_leds_smartlightingiot_2017-03-13
Swiss fashion shops install the company’s wireless radio beacons, but not its lights. Is this how the lighting industry can finally crack the location-based services market?
As vendors struggle to sell lighting-based indoor-positioning systems, Osram has come up with a different way to make progress: Sometimes, instead of selling lighting, settle for providing the wireless radio chips that transmit signals such as Bluetooth which are crucial to the technology’s operation.
That’s what Osram did in Switzerland, where it furnished Bluetooth chipsets to a fashion retailer that tacked them onto existing lights at 23 stores throughout the country, including Guess and Marc O’Polo shops. The only purpose the lights serve in the indoor-positioning job is related to power supply: The Bluetooth transmitter runs off the same electricity conduit as the lights, thus avoiding troublesome batteries and their annoying tendency to drain.
Osram refers to the transmitters as “beacons,” a term long associated with signaling via fire and light but which is increasingly common for devices that send out radiowaves such as Bluetooth, Wi-Fi, and radar.
Indoor-positioning systems at Guess, Marc O’Polo, and Gallery shops in Switzerland have induced customers to spend over 10% more than they would have, according to Osram.
While Osram also markets Einstone LED luminaires that contain built-in Bluetooth transmitters
Osram rival GE was promoting indoor positioning as far back as 2013 but has yet to announce a single retail user. It has conducted five pilots according to its lighting and energy group, called Current, powered by GE.
Philips Lighting has announced only two small trials over the last couple of years — at a single Carrefour store in France and at a group of aswaaq stores in Dubai — and none for a year.
To help jump-start the business, Philips has just signed a raft of new partners from the IT industry including Microsoft to try to develop compelling uses.
Bluetooth versus VLC
Philips also revealed that it is now embracing Bluetooth radio chips as a means for sending signals to phones, while continuing to back VLC, the technology which embeds signals in the modulation of LED lightwaves. VLC would also guarantee that lighting companies, as much as IT companies, secure a solid share of the indoor-positioning pie.
Tomi Engdahl says:
Understand BACnet communications for control and monitoring of networked lighting
http://www.ledsmagazine.com/articles/print/volume-14/issue-2/features/networks/understand-bacnet-communications-for-control-and-monitoring-of-networked-lighting.html?cmpid=enl_leds_smartlightingiot_2017-03-13
BACnet is arguably the predominant communication protocol used in so-called building automation and control (BAC) networks. The network platform is used in data delivery between building automation systems (BAS) such as networked lighting systems and building management systems (BMS)/energy management systems (EMS) for monitoring, control, and analytics. This fully open protocol was developed by the American Society of Heating, Refrigeration and Air Conditioning Engineers (ASHRAE) with the first publication in 1995. While BACnet is utilized far more today in applications such as HVAC (heating, ventilation, and air conditioning) as opposed to lighting, the protocol can serve in solid-state lighting (SSL) applications. Let’s discuss BACnet technology in detail and consider how it might be used in conjunction with networked smart lighting as we move to the Internet of Things (IoT) era.
the platform can work with networked LED-based lighting.
The communications in BACnet are object-oriented and based on a client/server relationship, meaning in each data exchange one side takes the role of the client while the other takes the role of the server.
The basic “what” the client is controlling is objects within a BACnet device. As of the updated 2016 publication of the BACnet standard, the publication defined 61 object types. Object types are not necessarily a sign of the application’s functionality or sequence of operation (SOO) available to the client. Many objects are generic and adapted to an application while others are application specific.
Object-oriented platform
These generic type objects such as Analog Input, Analog Output, Analog Value, Binary Input, Binary Output, and Binary Value are not used for a specific application but can be used for the basic characteristic of a particular part of an application’s SOO.
Load Control object was meant for shedding loads in DR events signaling to the BMS/EMS during the auto-discovery phase, since the lighting system has the Load Control object and it can work with DR events out of the box.
The “how” of data transmission are the services that dictate the exchange of the data. As of the 2016 publication of the standard, there were 41 different services. Services are divided into five interoperability areas or categories: Data Sharing, Alarm and Event Management, Scheduling, Device and Network Management, and Trending
Objects and SOO
BACnet objects need to achieve the desired SOO along with the services to communicate efficiently and properly. A SOO could be how the networked lighting system is expected to perform – the function of services. In an SOO when you state you need real-time feedback, alerts on device failure, or ability to modify the timeclock from the BMS, you need the services as well as the objects to achieve an expected result. This is the reason you will hear a system integrator/installer asking for a Protocol Implementation Conformance Statement (PICS) and a points list.
Marrying BACnet and lighting
A shift in what data is exchanged is arguably being spearheaded by the lighting industry and moving toward working within a virtual BACnet environment. BACnet devices and objects have always had the ability to be virtual or physical. Historically, physical devices dominated the BACnet landscape. The sheer number of devices in lighting with intelligent luminaires, however, dwarfs the amount of devices in other building systems. Representing a flexible networked lighting system in a virtual environment allows the logical grouping of devices that make sense for minimizing the number of data points the EMS/BMS collects.
This virtualization helps to keep the intrinsic logic already being performed in the lighting system in place, sharing only results to the EMS/BMS, along with the ability to only require software changes for the inevitable change in space use and churn. An example would be grouping occupancy sensors for a given space instead of sending the status of every individual sensor. The BMS/EMS would receive data that a space, not a sensor, was occupied or unoccupied and the AND/OR logic of that grouping would not need to be programmed into the BMS or EMS, saving programming of that function by the BMS/EMS.
The virtual BACnet environment is different from working with third-party gateways that translate from the BACnet protocol to a proprietary or other non-BACnet protocol.
Objects for lighting
Efforts are underway in the BACnet committee to enhance the data exchange for networked lighting systems with the addition of objects specifically set for applications in lighting. In addendums found within the 2016 BACnet standard, added lighting-centric objects include Analog Lighting Output and Binary Lighting Output. Both lighting objects added functionality specific for networked lighting systems and that in the past required a string of generic objects plus extra programming from the EMS/BMS.
The objects include many useful properties for lighting. For example, functions like Blink-Warn for after hours, continuous control of lighting level, ramping to a level at a fixed rate of change, fading to a level over time, incremental stepping values up and down, feedback for actual value of light level, total power and instantaneous power of loads, and min-max value for high and low end trim are all properties within the Lighting Output object.
Additionally, the Binary Lighting Output object included those properties above plus added functions found in an intelligent ballast or driver, such as elapsed time that indicates accumulated number of seconds that the light was on and strike count for the number of times the light has transitioned from off to on.
BACnet web services
One of the biggest changes in the 2016 publication of the BACnet standard was the addition of BACnet Web Services. The addition was so monumental it could have been its own new standard. These services help every BAS, including networked lighting systems, exchange data in ways suited for the world of IoT communications. Made for an enterprise-level architecture, BACnet Web Services uses a REST (Representational State Transfer) based service model. The standard defines a Control System Modeling Language (CSML) using a choice of XML (eXtensible Markup Language) or JSON (JavaScript Object Notation) as a common data format for defining, transmitting, and storing data.
The data model and services are protocol independent and can be used to model data from any source including support for data types beyond building control system data such as PDFs, CSV (comma separated values), etc. The standard, however, presents a clear path and guide for modeling the BACnet devices and objects within a device using the BACnet communications we know today while adding semantic tagging and descriptions represented in the data model. Then, it uses either a URL or zipped typed files called xdd described within the standard to communicate machine to machine (M2M) or machine to human (M2H).
Tomi Engdahl says:
Washer/Dryer Monitor
https://www.hackster.io/msmaha/washer-dryer-monitor-623e04?ref=explore&ref_id=trending___&offset=30
Monitor your appliance’s power indicator with a photocell for easy notifications without high voltage wiring.
What it does.
This project allows you to monitor your washer/dryer running status and receive a notification when complete. You can also check on the elapsed time by accessing a web page from the Photon itself.
Tomi Engdahl says:
Net-Connected Systems Wrestle with Cybersecurity
http://intelligentsystemssource.com/net-connected-systems-wrestle-with-cybersecurity/
Defending against cyberattacks gets more challenging every day. Fortunately, there are tools, techniques and organizations ready to tackle the problem.
Security Models
Multiple organizations have recently released security specifications to help fight the battle. The Trusted Computing Group (TCG), a non-profit membership organization including companies from IBM, Intel, Deauville, Microsoft and HP proposed a security model which has many layers; each can be secured with proper security policies implemented. They include Configuration & Management, Monitoring & Analysis, Communication & Connectivity as well as End-point Security. Above all, it includes Data Protection and System Analysis. Figure 2. Additionally, the TCG publishes a design guidelines to support the model and it is free to download.
The UK-based IoT Security Foundation, IoTSF, a nonprofit international organization which promotes IOT security provides a guideline on best practices to secure the networks. Its members include ARM, Green Hills, IBM, Huawei, Intel, Phillips, NXP and others. This specification covers a complete security checklist of device hardware /physical, software, operating system and interfaces including wireless. The specification release 1.0 is also free to download.
Finally, the Industrial Internet Consortium (IIC), with founding members from Bosch, EMC, GE, Huawei, Intel, IBM, SAP and Schneider, offers a free publication entitled Industrial Internet of Things Volume G4: Security Framework. It is a comprehensive documentation covering the framework (configuration, monitoring, analysts and communication), functional view (actuation, sense operation and applications) and the system view (edge, cloud and connectivity). Additionally, it also spells out in details on how to do the end-point protection.
Cybersecurity Isn’t Free
Raj Samani, CTO of Intel’s Security Group, formerly known as McAfee, pointed out the key in a secured system is to be able to identify the sender is indeed a trusted source. The level of security required depends on the types of applications. In the case of automotive and medical applications, high level of security is required. Cybersecurity comes with a price tag. The more secure the system, the higher the price. There is a constant struggle for developers to balance security, risk and affordable system costs.
When devices are connected to each other, how do you know that the party at the other end is the one you intend to connect? To solve this problem, more and more silicon manufacturers are starting to provide secured basic building blocks at the silicon level.
Developing Safe and Secure Software
In software, safety and security are inseparable. In aerospace, for example, if the airplane control software is hacked, the plane will not be safe. To achieve both safety and security, a development process needs to be in place with security built-in from the ground up. Several software vendors offering development tools to help developers to reach the goal of creating safe, security and reliable software.
A Never-Ending Challenge
So, can cybersecurity be achieved? In short, it is a never-ending task as it is a constant race between security developers and the innovative hackers. Building security into the development cycle is important. Paying attention to the entire cloud network, applying security models from TCG, to both software and hardware designs is a good starting point to achieve cybersecurity. This will make future connected cars, smart cities and factories, other IoT applications as well as DoD deployments safer.
Tomi Engdahl says:
IoT and Cloud Computing Gear Up for Military Duty
http://intelligentsystemssource.com/iot-and-cloud-computing-gear-up-for-military-duty/
IoT and Cloud Computing solutions from the commercial world are becoming attractive to defense applications as virtualized computing and sensor networking take center stage.
The Internet of Things (IoT) and Cloud Computing phenomena continue to skyrocket in the consumer, industrial and IT markets, the defense industry is eager to leverage whatever they can from those technologies. What gets confusing however is that the underlying parts of IoT and “the cloud” are pretty much the same things the U.S. military has been evolving toward for several years now. Case in point: the military has long been interested in perfecting ways to move data captured from a multitude of sensors and collecting it on a virtualized “cloud” network where it can be used from any remote location.
But instead of “IoT’ the military has been calling that “Net-Centric” operations for over a decade now. This network-centric idea includes programs to build joint architectures and roadmaps for integrating joint airborne networking capabilities with the evolving ground, maritime and space networks. Note that the military talking about a “Global Information Grid” long before terms like “the cloud” entered the mainstream.
Question of Terminology
The challenge therefore gets to be a little bit of identifying what products and technologies serve the needs of military cloud computing and military IoT even when the terminology may not include “cloud” or “IoT. In its basic sense an IoT network is a connection of sensors, embedded devices and systems. Military cloud computing was Mercury Systems’ motivation to re-entered the ATCA two years ago with its Ensemble HDS8613 dual Intel Xeon server-class processor ATCA blade and the Ensemble SFM8104 40 Gb/s Ethernet/InfiniBand ATCA switch. But there are many vendors in the military embedded computing industry that make high-density severs capable of virtualizing computing without using the word “cloud” in their market. There are many that make networking technologies that function like IoT gateways without using the term “IoT”. And there are numerous vendors expert in technologies that capture and aggregate sensor data and never use terms like “IoT Edge devices”.
One can’t get into the topic of network-centric technologies without including the role of Cisco Systems. The DoD has collaborated closely with Cisco in multiple core network and edge-implantations of the DoD’s networks including what is today called the DoD Information Network (DoDIN).
Meanwhile there are several embedded computing technology companies that are aggressively pursuing the industrial IoT and Cloud Computing market segments alongside—many of which also play in the defense market. It remains to be seen whether or not those companies will have a leg up when it comes to applying IoT and Cloud Computing to military applications.
Hyperconverged Virtualization
While a number of vendors have embraced the idea of coverage embedded computing, KALEAO has made it the centerpiece of its offerings. Last fall the company introduced its KMAX system that provides compute, storage and networking in an integrated platform. As a hyperconverged platform, KMAX dynamically defines “physicalized” computing resources and assigns them directly to virtual machines and applications, without unnecessary software layers (Figure 3). It uses an ultra-efficient lightweight hypervisor called a microvisor. The microvisor works seamlessly with hardware to orchestrate global pools of software defined and hardware-accelerated resources.
Tomi Engdahl says:
Industrial IoT and Open Source: Opportunities and Challenges
http://intelligentsystemssource.com/industrial-iot-and-open-source-opportunities-and-challenges/
By 2020, analysts expect over 50 billion smart devices to be connected to the Internet, creating a significant opportunity for software developers, hardware makers and cloud providers alike. Orchestrating all those devices will pose significant challenges in privacy, scalability and security. Imad Sousou, vice president of the Open Source Technology Center at Intel Corporation will talk about the opportunities and challenges the industrial IoT landscape presents and how secure end-to-end open source solutions will drive this growing market forward.
Keynote: Industrial IoT and Open Source: Opportunities and Challenges – Imad Sousou
https://www.youtube.com/watch?v=Pwc0cX43sec
Keynote: Industrial IoT and Open Source: Opportunities and Challenges – Imad Sousou, Vice President of the Software and Services Group, Intel Corporation
Tomi Engdahl says:
RS Components – New deal IoT gateway to target students and maker market
http://www.electropages.com/2017/03/rs-components-deal-iot-gateway-target-students-maker-market/?utm_campaign=2017-03-14-Electropages&utm_source=newsletter&utm_medium=email&utm_term=article&utm_content=RS+Components+-+New+deal+IoT+gateway+to+target+students+and+maker+market
RS Components has announced that store.Arduino.cc has been appointed as official global reseller of the highly innovative SIMATIC IOT2020 IoT industrial gateway, which is manufactured by Siemens. RS has signed a contract with Arduino.cc, enabling the company to market the industrial gateway product to its primary target audience of students, makers, geeks and young engineers.
The IOT2020 is an open and flexible industrial IoT gateway that is designed for continuous industrial operation and can be used to retrieve, process, analyse and send data to almost any kind of device or network. Offering a variety of interfaces, including Ethernet, USB and micro SD, the product is compatible with open-source software including the Arduino IDE and Yocto Linux, to benefit from programming in high-level languages such as Java, C++ and JSON. The IOT2020 is also expandable with Arduino shields and via an on-board PCIe port.
“RS has been a long-time partner for Arduino, as well as providing excellent support for the large community of developers working with Arduino hardware and software,” said Massimo Banzi, co-founder of Arduino. “The new IOT2020 is an excellent complement to the range of products marketed by Arduino and provides a great way for young engineers to get started and become immersed in the industrial IoT.”
Tomi Engdahl says:
ApP Lite™ (Application Processor Lite)
https://toshiba.semicon-storage.com/eu/product/assp/applite.html
With a push to connect everything to the internet, Toshiba ApP Lite processors not only enable raw data to be fed to the cloud, but also carry out high-performance and efficient signal processing. They extract necessary data through sensors and image recognition, contributing to a reduced data load.
Tomi Engdahl says:
Internet Button ESP8266 & AWS IoT full tutorial
https://hackaday.io/project/20273-internet-button-esp8266-aws-iot-full-tutorial
ESP8266 Internet Button project: when button is pressed, a cloud backend gets a notification and performs an action.
Tomi Engdahl says:
This WAV File Can Confuse Your Fitbit
http://hackaday.com/2017/03/15/this-wav-file-can-confuse-your-fitbit/
As the devices with which we surround ourselves become ever more connected to the rest of the world, a lot more thought is being given to their security with respect to the internet. It’s important to remember though that this is not the only possible attack vector through which they could be compromised. All devices that incorporate sensors or indicators have the potential to be exploited in some way, whether that is as simple as sniffing the data stream expressed through a flashing LED, or a more complex attack.
Researchers at the University of Michigan and the University of South Carolina have demonstrated a successful attack against MEMS accelerometers such as you might find in a smartphone. They are using carefully crafted sound waves, and can replicate at will any output the device should be capable of returning.
It’s Possible to Hack a Phone With Sound Waves, Researchers Show
https://www.nytimes.com/2017/03/14/technology/phone-hacking-sound-waves.html?_r=0
A security loophole that would allow someone to add extra steps to the counter on your Fitbit monitor might seem harmless. But researchers say it points to the broader risks that come with technology’s embedding into the nooks of our lives.
On Tuesday, a group of computer security researchers at the University of Michigan and the University of South Carolina will demonstrate that they have found a vulnerability that allows them to take control of or surreptitiously influence devices through the tiny accelerometers that are standard components in consumer products like smartphones, fitness monitors and even automobiles.
In their paper, the researchers describe how they added fake steps to a Fitbit fitness monitor and played a “malicious” music file from the speaker of a smartphone to control the phone’s accelerometer. That allowed them to interfere with software that relies on the smartphone, like an app used to pilot a radio-controlled toy car.
“It’s like the opera singer who hits the note to break a wine glass, only in our case, we can spell out words”
With dozens of start-ups and large transportation companies pushing to develop self-driving cars and trucks, undetected vulnerabilities that might allow an attacker to remotely control vehicles are an unnerving possibility.
Tomi Engdahl says:
Zero-Intrusion Wireless Light Switch
http://hackaday.com/2017/03/14/zero-intrusion-wireless-light-switch/
What do you do if your light switch is too far from your desk, and you’re in a rental property so you can’t put in extra wiring to install an electronic control for it? Get up and turn it on or off by hand? Of course not!
If you are [Guyfromhe], you solve this problem with a servo attached to a screw-on light switch faceplate, and you control it with a pair of Arduino/nRF24L01 combos
$16 Wireless Lightswitch Mark II
http://guyfromhe.blogspot.fi/2017/03/wireless-lightswitch-mark-ii.html
Tomi Engdahl says:
What is the difference between the LTE-M and NB-IoT protocols?
The matter explained by Digi International’s chief innovator Rob Faludi. NB-IoT suitable links, make do with less than one hundred kilobit data rate, and 1.5-10 seconds delay is not disadvantage.
If the need for faster data, the shorter the delay time and the sensor is in motion, the choice falls on the M-LTE technology.
Source: http://etn.fi/index.php?option=com_content&view=article&id=5970&via=n&datum=2017-03-08_16:07:06&mottagare=30929
More: https://www.digi.com/videos/what-are-the-differences-between-lte-m-and-nb-iot
Tomi Engdahl says:
tinyTILE – Intel Curie Module Based Board
https://www.element14.com/community/docs/DOC-82913
Short Description: tinyTILE is an Intel® Curie™ module based board measuring approx 35 x 26mm.
tinyTILE has solderable holes (standard 40-mil holes on a 0.1” pitch on either side of the board, and two placed on the third side next to the Bluetooth antenna)
I/O connections have the same names and functions as the Arduino/Genuino 101 board
tinyTILE has a micro-USB connector and may be powered and programmed using the Arduino IDE*, Intel® Curie™ Open Developer Kit (ODK), or Anaren Atmosphere*
tinyTILE is an Intel® Curie™ module based board measuring approx 35 x 26mm.
It can be programmed using the Arduino IDE*, Intel’s own software – Intel® Curie™ Open Developer Kit (ODK), or Anaren Atmosphere* – a cloud-based ecosystem that offers a complete end-to-end IoT solution. Each of these environments provide unlimited development possibilities with the tinyTILE.
tinyTILE features the Intel Curie module, a low-power compute module that comes with motion sensors, Bluetooth® Low Energy, and pattern matching capabilities for learning and analysis of sensor data. This enables quick and easy identification of actions and motions. tinyTILE is a complete low-power solution designed for use in wearable devices and rapid prototyping. The Intel Curie module offers features that are ideal for “always-on” applications requiring motion monitoring, wireless capabilities, low power and small size.
Tomi Engdahl says:
Anaren Atmosphere
https://atmosphere.anaren.com/
Atmosphere is an innovative IoT prototyping platform that enables quick and easy development of Wi-Fi and Bluetooth Low Energy (BLE, also known as Bluetooth Smart) applications for iOS and Android mobile operating systems. It combines a cloud-based development environment and local programming application to create a unique means of building a variety of applications by bridging communication between a mobile device, embedded system, and the cloud.
While most IoT platforms focus on either embedded hardware or mobile software, Atmosphere develops both simultaneously. Through the concurrent development of programming an application to embedded hardware, and mobile code to a mobile device, Atmosphere achieves true rapid application development to provide an efficient and user-friendly experience.
Atmosphere is designed to help you easily construct mobile applications, and utilizes a mobile interface to interact with a remote device. Atmosphere allows you to develop both the application’s mobile interface and the embedded system code at the same time using its innovative browser-based “drag-and-drop” development environment while still allowing code customization.
To use Atmosphere, your application is first created using Atmosphere Developer, Atmosphere’s easy-to-use integrated development environment (IDE). Once built, the application is then compiled in the cloud, and Atmosphere Programmer — local programming software — programs the application into the embedded hardware. Simultaneously, the application’s mobile code is ready in the cloud to be used on your mobile device. The result is a cohesive solution of the embedded hardware and mobile device seamlessly working together.
Through your Atmosphere account, you gain access to Atmosphere’s development tools and its associated resources.
Atmosphere generates code that runs on Anaren AIR modules and the Intel Curie module
Atmosphere Developer is a cloud-based integrated development environment that can be used in any Internet browser and allows users of all levels to easily create and build applications. Within this tool you create, layout, and build your application. From simple drag-and-drop elements, to the powerful Code View, you are simultaneously creating an application for a mobile device and the firmware that will be programmed into the hardware. All projects created in Atmosphere Developer are stored and managed in the Atmosphere cloud server
Sign up for a free Atmosphere account
Tomi Engdahl says:
The world’s smallest IoT router, and much more
Nuremberg presents embedded devices, software and tools very extensively. The center will increase the hottest trends, ie the Internet of Things, and – in Germany, when in – car electronics. In particular, all related to the robot machine vision solution cars radar and sensor solutions for many a hot topic.
Of course I left the trade fair presents hundreds of new products. For example, Lantronix has promised to try the demo and the world’s smallest IoT gateway. Xpico 200 router has a size of only 17 x 25 mm and yet it can be used to connect devices to the network with an Ethernet connection or wirelessly via WiFi or bluetooth. All protocol stacks are, of course, the module ready to speed up development.
An interesting newcomer embedded applications is ARM’s dominance challenging first completely open the processor core RISC-V.
Source: http://etn.fi/index.php?option=com_content&view=article&id=6000&via=n&datum=2017-03-14_15:23:18&mottagare=30929
Tomi Engdahl says:
Embedded World, Nuremberg – Small size, optimized for a tight code and lower power consumption. It all reaching for embedded applications. responsible for IAR Systems’ Business Development Anders Holmberg, the code consumes less power, the faster it is. And this is a major selling point and the advantage of the Swedish IAR Systems’ tools.
- We are known as high-quality code. Tool can compress the code by up to 30 percent smaller
ARM processor is superior in virtually all embedded applications. But could open architecture, such as RISC-V to rise to challenge it? Anders Holmberg, the task is at least difficult, if not impossible.
- After all, the RISC-V interesting project and we are following it closely. At least not yet, however, it does not cause any waves for embedded development, that it should respond. But will be closely monitored, Holmberg admits.
Source: http://www.etn.fi/index.php/13-news/6001-nopeampi-koodi-pienempi-tehonkulutus
Tomi Engdahl says:
http://www.microchip.com/promo/CEC1702
CEC1702
The CEC1702 is a full-featured ARM® Cortex®-M4-based microcontroller with a complete hardware cryptography-enabled solution in a single package. This low-power but powerful, programmable 32-bit microcontroller offers easy-to-use encryption, authentication, private and public key capabilities and allows customer programming flexibility to minimize customer risk.
CEC1702 Block Diagram
CEC1702_Block_Diagram
The CEC1702 also provides significant performance improvements when compared to firmware-based solutions. The device’s hardware cryptographic cipher suite reduces compute time by orders of magnitude over software solutions, and, as an example, provides 20x-50x performance improvement for PKE acceleration as well as 100x improvement for encryption/decryption. This robust hardware-based feature set results in applications that can run security measures quickly, effectively and with significantly lower cost and power consumption.
Tomi Engdahl says:
Embedded World Show first day highlights
http://www.electropages.com/2017/03/embedded-world-show-first-day-highlights/?utm_campaign=&utm_source=newsletter&utm_medium=email&utm_term=article&utm_content=Embedded+World+Show+first+day+highlights
Car software design accelerates
NXP Semiconductors launched the S32K1 family
With 10 of the top 15 global car manufacturers already using S32K in next generation vehicles, this platform sets the future direction of automotive ECU development, says NXP Semis.
Silicon Labs unveiled improvements to the EFM32 Gecko microcontroller (MCU) family.
Renesas Electronics unveiled the latest expansion of its Renesas Synergy Platform at the show.
PRQA, a provider of automated static analysis solutions for embedded application development, announced updates to the QA·C and QA·C++ static analysers to provide improved security testing for the C and C++ languages.
Securing those SoC platforms
Imagination Technologies and Barco Silex announced a collaboration through which they are developing IP for secure SoC platforms based on Imagination’s MIPS family of processors. Imagination will integrate Barco Silex’ eSecure solution for embedded security into a new Trusted Element (TE) IP product
ARM dev tool update
IAR Systems announced the availability of an update of its development tools for ARM. Version 8.10 of IAR Embedded Workbench for ARM provides support for the C11 and C++14 language standards.
Tomi Engdahl says:
embedded world – the leading international fair for embedded systems
https://www.embedded-world.de/en
Be it security for electronic systems, distributed intelligence, the Internet of Things or e-mobility and energy efficiency – the embedded world trade fair in Nuremberg enables you to experience the whole world of embedded systems.
https://twitter.com/embedded_world
Tomi Engdahl says:
Testbed Pushes Forward on Time-Sensitive Networking
https://www.designnews.com/automation-motion-control/testbed-pushes-forward-on-time-sensitive-networking/45510413056430?cid=nl.x.dn14.edt.aud.dn.20170315
Driven by an overarching goal of interoperability for machine and automation control components, one of the biggest trends in automation and control for 2017 is the emergence of Time-Sensitive Networking technology.
Driven by an overarching goal of interoperability for machine and automation control components, one of the biggest trends in automation and control for 2017 is the emergence of Time-Sensitive Networking (TSN) technology. This is a story that we will continue to follow as it unfolds because of its far-reaching impact on how automation and motion controllers could be evolving moving forward.
In a new testbed report on the Industrial Internet Consortium website , titled “Results, Insights and Best Practices from IIC Testbeds: Time-Sensitive Networking Testbed,” the working group reports on its progress with testing of early prototypes that have implemented TSN.
A group of a dozen or so leading automation and control suppliers announced late in 2016 that they intend to support the developing TSN standards, and developing new products based on the technology. Suppliers are working in conjunction with both the Industrial Internet Consortium and the AVnu Alliance , and pledged allegiance to the goal of developing product solutions based on this technology including as TSN Testbed partners currently focused on the technical aspects of technical development.
These three key capabilities form the core of TSN:
1. Time synchronization: A distributed, precise sense of time is a base requirement for distributed automation and control.
2. Sending scheduled traffic flows: Based on a precise sense of time, network infrastructure must be capable of forwarding critical automation and control traffic on a timely basis. This is considered an enhancement to the quality-of-service capabilities in most network infrastructures.
3. Central, automated system configuration: Recently, a key trend in networking has been software-defined networking which enables automated, easier configuration. Software-defined networking is particularly important for TSN
Testbed lead, Paul Didier of Cisco, states that standard Transmission Control Protocol (TCP)-based equipment can plug into an Ethernet system using TSN.
“Absolutely. It’s a key requirement to be backward compatible. That’s the whole point, it’s the next version of Internet technologies – Ethernet in particular. You can plug in any device and conventional communication will still work and it will co-exist with this critical automation and control traffic that we’ll have going on. That is the key: we are converging this critical control traffic onto a network that is used by a video camera, Voice-over-Internet Protocol (VoIP) phone, or any other TCP/UDP (User Datagram Protocol) device that you may find in the manufacturing facility. It is by no means required to be a TSN device to connect, but clearly the devices that are TSN capable will benefit from more deterministic service.”
Specifically, the testbed is looking to influence two Ethernet standards: IEEE 802.1 and IEEE 802.3. All TSN testbed work is filtered to Avnu, a standards organization developing the interoperability and certification based on IEEE’s TSN. And through Avnu, it is channeled back into IEEE (Institute of Electrical and Electronics Engineers).
Tomi Engdahl says:
Is the Blockchain Prepared for Enterprise?
https://www.designnews.com/iot/blockchain-prepared-enterprise/25912681256416?cid=nl.x.dn14.edt.aud.dn.20170315
It’s not just for Bitcoins. Everyone’s trying to understand the blockchain and some are already using it. But is the database technology really ready for enterprise?
In recent months various companies representing the oil and gas, finance, and software industries have formed the Enterprise Ethereum Alliance , dedicated to creating an enterprise-grade blockchain using a blockchain app platform called Ethereum. It boasts companies like Microsoft, BP, Intel, and JP Morgan among its ranks.
But for all the excitement building around it, the blockchain has yet to answer one crucial question: Is it really ready for enterprise?
So what is blockchain exactly? In short, it’s a means of creating distributed databases.
Whenever that information is transferred it needs to be verified to make sure it isn’t fake or has been tampered with. In a typical network this is handled by a central database, much in the way that a bank handles money.
Blockchain distributes this entire process. Rather than one or a few central servers, blockchain utilizes a network of what could be thousands of computers, all sharing a system-wide “ledger” that verifies the transaction across the entire large-scale network. Each computer holds bundles of information (blocks) that are chained together using cryptography to form the ledger.
To trick the system you’d have to trick every single machine that holds a copy of the ledger, (which would be an extremely difficult task)
The advantages of blockchain for enterprise applications is that it offers: decentralization, since no one entity holds ownership of the data; both public openness and pseudo-anonymity simultaneously; the ability to create token currencies that can be used to track ownership of data (i.e. who owns what piece of information along a supply chain); and, arguably most attractive, the ability to create smart contracts.
What smart contacts allow is an ability to embed logic into a blockchain for easier process automation. In an IoT context smart contracts can be used to script automated transactions between different connected systems, but in a highly secured way. Information transacted to one device could automatically trigger transactions in other devices, and so on. Imagine being able to automatically and securely pay a supplier as a product moves along the manufacturing process – all without a centralized IT infrastructure.
There are already some emerging use cases in the enterprise space.
Tomi Engdahl says:
Someone made a smart vibrator, so of course it got hacked
https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack
The We-Vibe 4 Plus is a vibrator with a computer inside it – but hackers say it also phones home, telling its makers when it’s being used
The Internet of Things That Can Be Hacked grows daily. Lightbulbs, trucks, and fridges all have computers inside them now, and all have been hacked by someone. But at least you don’t put those inside your body.
Two years ago, someone had the good idea to put a bluetooth connection inside a vibrator, and the We-Vibe 4 Plus was born. The vibrator can connect with a smartphone app that its makers say “allows couples to keep their flame ignited – together or apart”: that is, it can be controlled remotely, while, say, making a video call.
But at the Def Con hacking conference in Las Vegas, two independent hackers from New Zealand, who go by the handles goldfisk and follower, revealed that the way the vibrator speaks with its controlling app isn’t really secure at all – making it possible to remotely seize control of the vibrator and activate it at will.
Smart sex toy maker that collected vibrator usage habits without consent to pay customers $10,000 each
http://www.independent.co.uk/life-style/gadgets-and-tech/news/sex-toy-maker-we-vibe-smart-vibrators-pays-compensation-customers-for-data-collection-without-a7629071.html
Standard Innovation secretly gathered potentially sensitive information, including dates and times of use, temperature levels and changes in intensity
A sex toy maker has agreed to pay customers up to $10,000 each after allegations that it had collected data about its customers’ We-Vibe vibrator usage habits without their consent.
a demonstration at the Def Con hacking conference in August last year showed that the firm was secretly gathering potentially sensitive information about We-Vibe’s users, including dates and times of use, temperature levels and changes in intensity.
What’s more, this information was being stored on Standard Innovation’s servers, alongside customer’s email addresses.
At the time, the company claimed to have gathered the information for “market research purposes”
The company has now settled a class-action lawsuit filed by two anonymous women in the aftermath of the Def Con presentation, agreeing to destroy the information already collected through the vibrator and to stop collecting such data in the future.
Under the terms of the settlement, Standard Innovation will pay out $2.9 million, with customers who bought a We-Vibe before 26 September 2016 and used it with the app eligible to receive up to $10,000, and those who used it without the app entitled to $199.
Tomi Engdahl says:
Nicole Casal Moore / University of Michigan News:
Researchers show how sound waves can exploit accelerometer vulnerabilities in a wide range of tech including IoT, cars, medical devices, and phones
Sonic cyber attack shows security holes in ubiquitous sensors
http://ns.umich.edu/new/multimedia/videos/24664-sonic-cyber-attack-shows-security-holes-in-ubiquitous-sensors
Sound waves could be used to hack into critical sensors in a broad array of technologies including smartphones, automobiles, medical devices and the Internet of Things, University of Michigan research shows.
The inertial sensors involved in this research are known as capacitive MEMS accelerometers. They measure the rate of change in an object’s speed in three dimensions.
It turns out they can be tricked. Led by Kevin Fu, U-M associate professor of computer science and engineering, the team used precisely tuned acoustic tones to deceive 15 different models of accelerometers into registering movement that never occurred. The approach served as a backdoor into the devices—enabling the researchers to control other aspects of the system.
“The fundamental physics of the hardware allowed us to trick sensors into delivering a false reality to the microprocessor,” Fu said. “Our findings upend widely held assumptions about the security of the underlying hardware.
The researchers performed several proof-of-concept demonstrations: They used a $5 speaker to inject thousands of fictitious steps into a Fitbit. They played a malicious music file from a smartphone’s own speaker to control the phone’s accelerometer trusted by an Android app to pilot a toy remote control car. They used a different malicious music file to cause a Samsung Galaxy S5′s accelerometer to spell out the word “WALNUT” in a graph of its readings.
All accelerometers have an analog core—a mass suspended on springs
“Analog is the new digital when it comes to cybersecurity,” Fu said. “Thousands of everyday devices already contain tiny MEMS accelerometers. Tomorrow’s devices will aggressively rely on sensors to make automated decisions with kinetic consequences.”
“If autonomous systems can’t trust their senses, then the security and reliability of those systems will fail.”
The trick Trippel and Fu introduced exploits the same phenomenon behind the legend of the opera singer breaking a wine glass. Key to that process is hitting the right note—the glass’ resonant frequency.
The researchers recommend ways to adjust hardware design to eliminate the problems. They also developed two low-cost software defenses that could minimize the vulnerabilities, and they’ve alerted manufacturers to these issues.
The paper is titled “WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks.”
Tomi Engdahl says:
Steve O’Hear / TechCrunch:
Evrythng, the Internet of Things platform for smart products, raises $24.8M Series B led by San Francisco-based Sway Ventures
Evrythng, the Internet of Things platform for ‘smart products,’ scores $24.8M Series B
https://techcrunch.com/2017/03/14/evrythng-series-b/
Evrythng, the Internet of Things (IoT) smart products platform that gives any physical object a so-called “digital identity,” has closed a $24.8 million Series B funding.
Founded all the way back in 2011, Evrythng offers an enterprise-focused IoT platform for managing what it calls “intelligent software identities” for products that have been made smart via anything from smart tags like QR codes, to NFC, BLE, RFID, or which are directly connected to the internet. In other words, it’s the data layer needed by companies that want to go all in on the IoT trend as part of their digital transformation strategy.
over the past 12 months, Evrythng has announced partnerships with leading global packaging companies Avery Dennison Retail Branding, Information Solutions (RBIS), Crown Holdings and WestRock.
But why, you may ask, does a product’s packaging need to be smart or tentatively connected to the internet? The upside is that, since it has a digital identity via the Evrythng platform, it can be properly tracked throughout the supply chain, including its whereabouts, authenticity and product recalls, for example.
On the consumer side, these digital identities can also be connected to an app to enable things like further product information and various digital experiences, or something as simple as re-ordering a very specific product SKU.
Tomi Engdahl says:
RS Components Is Holding a Contest Centered Around Their SIMATIC IOT2020
http://makezine.com/2017/03/14/simatic-iot2020-provides-gateway-young-engineers/
Tomi Engdahl says:
LightingEurope and IALD issue position paper on human-centric lighting
http://www.ledsmagazine.com/articles/2017/03/lightingeurope-and-iald-issue-position-paper-on-human-centric-lighting.html?cmpid=enl_leds_ledsmagazine_2017-03-15
Seeking both to ensure a unified understanding of the meaning of human-centric lighting or HCL and guide deployment, LightingEurope and the International Association of Lighting Designers have defined expected benefits, typical enabling technologies, and potential applications.
The position paper opens by noting that HCL should deliver some combination of “excellent visual, biological, and emotional effects of light.” The CIE (International Commission on Illumination) is advocating similar concepts for what it calls integrative lighting.
Visual benefits are fairly well understood at this point. The position paper defines biological benefits as alertness, cognitive performance, and good sleep-wake cycles among others. Examples of emotional benefits might be an improved mood or impulse control.
The position paper on human-centric lighting describes the natural cycle of light effects on the human body’s internal clock, and gives examples of how to mimic that cycle with electric light.
The document states, “Human Centric Lighting is aimed at providing the right light for our activities at the right place at the right time.”
Human-centric lighting illuminates the possibilities for wellbeing
http://www.ledsmagazine.com/articles/print/volume-13/issue-7/features/human-centric-lighting/human-centric-lighting-illuminates-the-possibilities-for-wellbeing.html
HCL’s first frontier: Hospitals
There is perhaps no environment more immediately suited to HCL than hospitals. It stands to reason that patients would rest better if bright lights didn’t keep them awake at night. And that they would simply feel better if poorly-lit wards and rooms didn’t induce a general fogginess. Better still if tunable lights mimicked the shifting pattern of sunlight for a strong daytime semblance. To take all of that to a logical conclusion: Patients who rest and feel better surely must recover faster.
Moeslund and Langhorn look after patients who have suffered brain traumas from car accidents, falls, strokes, aneurysms, and other conditions. According to the two nurses, the system, provided by Danish circadian and ergonomic lighting specialists at Chromaviso, appears to be having the desired effect.
Prior to installing the Chromaviso lighting and control system, patients would typically sleep fitfully and were disoriented, often not knowing what time of day or night it was, Moeslund noted.
But that is now changing. Moeslund recalls how one patient, benefitting from the Chromaviso lighting system, slept so soundly that the staff could not wake him at 6 a.m. for a scheduled check. “But after the lights started slowly turning on at 6:30, he woke up,” she recalled
“The light itself is not healing, but it improves what you would expect as basic human functions,” Skov Hansen said. “It’s like walking – entrainment to day and night is one of the basic functions we have. We need sleep each and every night, and we need it in constant occurrence. And it is light that is the main entraining factor. The main source to synchronization is the light and the daily pattern of light and darkness.”
Blue days, dark nights
Lighting-based circadian entrainment works in many ways. Much of it is related to coordinating artificial light’s intensity and spectral makeup (the varying blends of blue, red, green, and other wavelengths that combine to form different color temperatures of white light) throughout the day to a pattern that follows the sun’s time-honored daily routine of a spring-like day. For millions of years, the sun has delivered an increasingly blue-rich icy white color through its peak hours of brightness. It shifts toward warmer reds and ambers as it moves toward sunset.
Blue enriched light stimulates the circadian rhythm, also known as the body clock.
Circadian lighting systems administer light that follows the gradual shift from invigorating, intense blue-rich white down to relaxing reds and oranges in the evening. The red and orange facilitate the flow of the sleep-promoting hormone melatonin. Too intense blue-rich light in the evening and night would disturb the production cycle of melatonin and thereby would disturb sleep.
On the Kelvin (K) temperature scale, the cool blue-rich whites counterintuitively have higher numbers, measuring around 5000K, 6000K, or more. Warm, reddish whites have lower numbers. Conventional incandescent lamps, considered warm, are associated with 2700K or lower.
LED circadian lighting system will soar to the Space Station
What better place, then, to set up a living laboratory of LED-based circadian lighting than the Space Station? That’s exactly what Brainard and his colleagues from Harvard University and NASA’s Johnson Space Center are doing.
They’ve developed a system of tunable LED lights that have three basic settings: general vision for most of the day, circadian phase shifting/acute alerting when required, and a pre-sleep setting to induce restfulness.
Tomi Engdahl says:
Aurora draws closer to IoT luminaires, previewing AXiO and talking up services
http://www.ledsmagazine.com/articles/2017/03/aurora-draws-closer-to-iot-luminiares-previewing-axio-and-talking-up-services.html?cmpid=enl_leds_ledsmagazine_2017-03-15
Aurora Lighting has been talking the talk of Internet-connected lighting for some time, and now it has moved closer to walking the walk: Last week it previewed a set of lights with built-in sensors and Bluetooth chips that let retailers collect data and communicate with in-store shoppers, which it plans to sell as a service as much as a product.
The company’s AXiO line embeds Internet of Things (IoT) circuitry from Gooee, a startup founded by Aurora founder Andrew Johnson, who is CEO of the two separate companies.
Aurora is one of about 30 lighting companies that has committed to building the Gooee Inside engine into its LED lighting products. It was among the three who ceremoniously received the first development kits from Gooee last November at the LuxLive 2016 show in London, along with Feilo Sylvania and John Cullen Lighting.
IoT-enabled lighting holds promise across different industries, but Aurora is focusing its initial AXiO efforts on retailers, who could use it to track and guide customers around stores, to offer discounts delivered to individual shoppers’ smartphones, and to collect data on customer behavior. Those are the same sorts of activities that prompted Philips and Zumtobel to announce IoT lighting users at EuroShop last week.
“Our IoT integrated lighting platform enables retailers to harmonize their customers ‘click and brick’ experience across a wide range of application and installation scale, from convenience to targeted brand promotion and enterprise initiatives,” Salt said. “By designing and creating a lighting platform with Gooee Inside, an Aurora network of lighting is not only generating incredible visual and stimulating displays but valuable data and consumer insights for the retailer. Now decision makers have the ability in real time to enjoy clear information based on timely trends that they can use to create even more value and advantage, for example, creating special offers to enhance a product’s sales.”
Aurora declined to reveal specific pricing information. But Salt revealed to LEDs that the company will go to market with two different business models, both of which include a software-as-a-service subscription model for activities such as customer engagement. One charges for the lights in a traditional capital expenditure (capex) manner, while the other charges for them in a lighting-as-a-service, operational expenditure (opex) approach.
“Our connected IoT lighting platform offers retailers everything as a service, and as such we can deliver exceptional value beyond illumination,” Salt said.
Both Philips and Zumtobel cited data as a key attribute to IoT lighting when they announced separate indoor-positioning deployments last week — Philips with an EDEKA Paschmann supermarket in Dusseldorf, and Zumtobel with an E.Leclerc “hypermarket” in France.
AXiO uses embedded Bluetooth beacons to transmit meshed signals to smartphones and provide shoppers with a map of the store, with product information, and with tailored promotions and discounts. It does not use visible light communication (VLC)
“It would be possible to include VLC technology alongside Gooee if the customers’ requirements benefit from this integration,”
Some industry observers believe that VLC will be more useful as a two-way Wi-Fi type technology than as a one-way transmitter of location information, where Bluetooth suffices.
Gooee releases development kits for IoT lighting engine
http://www.ledsmagazine.com/articles/2016/11/gooee-releases-development-kits-for-iot-lighting-engine.html
Published on:November 23, 2016
Smart lighting startup Gooee today released development kits to indoor LED luminaire makers, hitting a milestone on the path to commercializing Gooee-enabled Internet of Things (IoT) lighting in 2017.
Gooee kicked off the LuxLive 2016 exhibition here by ceremoniously handing over hardware and software to Aurora Lighting, Feilo Sylvania, and John Cullen Lighting. The three LED lighting vendors are among approximately 30 OEM customers — mostly luminaire makers — that have committed to building Gooee chips and sensors into their systems. The trio will now kick the tires and help St. Petersburg, FL-based Gooee work out final tweaks so that Gooee can start manufacturing in March.
IoT lights equipped with components from Gooee will be able to take note of factors such as room occupancy, lighting levels, climate, and motion, and then communicate that information to individuals and systems to act on. Actions could range from automatically adjusting lighting and heating levels, to engaging customers in retail stores, to spotting patterns in room usage via cloud data analysis that might lead to reassigning facilities or to designing new layouts in stores. It also gives lighting companies more of an entree into selling services as opposed to products.
“The disruption that the IoT will bring will dwarf the disruption that the introduction of the LED has brought our industry,” said Bastiaan de Groot, Feilo Sylvania’s global director of strategy and new business development.
Feilo Sylvania will focus on developing lighting that collects data about room usage and helps companies optimize space utilization and property allocation.
“The demand is for occupancy data,”
Chinese-owned, London-based Feilo has already deployed an occupancy-centric IoT lighting system using similar technology from Gooee’s Australian rival Organic Response at the headquarters of Dutch standards body NEN in Delft, the Netherlands.
In announcing the maiden handover of development gear, Gooee revealed that its system includes a management portal — basically a web-based application — that helps facilities managers automate the lighting system through rules, scenes, scheduling, and device management.
The Gooee Development Kit includes hardware called the Gooee IoT Gateway, which is required for the IoT system. It also includes sensors; boards for wireless interface modules (WIMs), which connect to lighting fixtures, handle controls, and contain the beacons; application process interfaces (APIs) for enhanced security; and access to the Gooee portal. The beacons can help with functions such as indoor positioning, in which they track customers around stores. Operators can switch on the beacons through the portal or the APIs.
Initially, Gooee is providing its own sensors but will eventually also supply others’. The first batch of sensors focuses on movement, direction, ambient light, and the hue of the light fixture.
“Not everyone knows yet exactly what [IoT lighting] is, but you have to get involved and get in there and try,” said van der Kolk. “The business is changing from a product business to a more service-led business.”
Neil Salt, managing director of the IoT division at Aurora, called the IoT “the next generation” for the lighting industry, and lauded the Gooee technology as “an enabler for this to happen.” Aurora’s CEO and founder, Andrew Johnson, is also Gooee’s CEO and founder. Aurora was one of Gooee’s first customers.
Tomi Engdahl says:
The BeagleBone Blue – Perfect For Robots
http://hackaday.com/2017/03/15/the-beaglebone-blue-perfect-for-robots/
There’s a new BeagleBone on the block, and it’s Blue. The BeagleBone Blue is built for robots, and it’s available right now.
A 9-axis IMU, barometer, motor driver, quad encoder sensor, servo driver, and a balancing LiPo charger are all included. The difference in this revision is the processor. That big square of epoxy in the middle of the board is the Octavo Systems OSD3358, better known as a BeagleBone on a chip. This is the first actual product we’ve seen using this neat chip, but assuredly not the last
Meet BeagleBone® Blue. Robots. Fast.
https://beagleboard.org/blog/2017-03-13-meet-beaglebone-blue
BeagleBone® Blue is the affordable and complete robotics controller built around the popular BeagleBone® open hardware computer. Linux-enabled, Blue is community-supported and fully open-source. High-performance, flexible networking capabilities are coupled with a real-time capable Linux system and a compelling set of peripherals for building mobile robots quickly and affordably. By utilizing the pre-configured WiFi access point, starting code development is as simple as connecting a battery and opening a web browser.
Tomi Engdahl says:
Embedded World, Nürnberg – not just found in companies, which would not be mentioned in product launches and demos embedded technology giant at the fair IoT: that is, in the Internet of Things.
Programmable PSoC-circles, known as Cypress was no exception.
- Micro-controllers such as the ARM M0′s performance is simply not enough. Application Processors are again often too costly and resource hungry. PSoC 6 solves both of these problems, Ogawa praised.
PSoC 6 is a dual-core (ARM Cortex-M4 and Cortex-M0 +) manufactured in 40-nanometer process, a programmable circuit. 40 nanometers is highly optimized vähävirtaisuutta process in mind.
PSoC 6 security is taken care of device-level environment for TEE (Trusted Execution Environment). It allows you to do so Secure Boot and data protection with different encryption algorithms.
Source: http://www.etn.fi/index.php/13-news/6009-cypress-tulee-vahvalla-piirilla-iot-alueelle
More:
PSoC® 6: PURPOSE-BUILT FOR THE IoT
http://www.cypress.com/event/psoc-6-purpose-built-iots
This is your IoT game-changer. Now you don’t have to choose between high-performance and low-power. PSoC 6 delivers both, plus the security that next-generation IoT devices demand. All on the famous PSoC programmable fabric. The endless possibilities are built-in. Problem solved.
Tomi Engdahl says:
tiny1617 Product Family
Next-Generation tinyAVR Family
http://www.microchip.com/promo/tiny1617-mcu-family
tinyAVR devices offer an unrivalled combination of miniaturization, processing power, analog performance and system-level integration. The tinyAVR MCU is the most compact, feature-rich device in the AVR family.
AVR® 8-bit CPU
Up to 20MHz
Event System
The Event System allows peripherals to communicate directly with each other without involving the CPU or bus resources. The Event System is network independent of the traditional data bus paths. This means different triggers at the peripheral level can result in an event, such as a timer tick triggering a reaction in another peripheral. The Event System has six independent channels and offers a fixed latency of two cycles.
Tomi Engdahl says:
Smart utility meters enhance utility operations
http://www.csemag.com/single-article/smart-utility-meters-enhance-utility-operations/8ea50b87def09967e0246f5a8cf22c2a.html
The capabilities of advanced metering infrastructure offer opportunities for improving service and preventing lost revenue through phase error analysis.
The onset of the advanced metering infrastructure (AMI) era of electricity metering has brought about numerous changes to utility-industry operations. A primary driver for the deployment of AMI meters and systems is their ability to bring more granular data into integrated back office utility systems. This data-regarding outage events, consumption, voltage, and more-can then be processed by systems to accelerate power-restoration times, improve end-user energy monitoring, and strengthen infrastructure analytics.
One often overlooked capability is phase error event reporting, whereby the AMI meter reports specific event messages to the AMI head-end system when phase overvoltage, undervoltage, and/or outage conditions are detected by the AMI meter. While outage- and restoration-event messages are typical integration points for AMI deployments to improve reliability and operational efficiency, voltage sag- and swell-event messages are not typically of interest to utilities without an accompanying advanced distribution- automation program. However, both of these types of event messages are of particular relevance and interest with regard to transformer-rated meters.
Accuracy is of utmost importance for protecting utility revenue streams and avoiding preventable revenue loss.
Detection and analytics
The key to minimizing and preventing lost revenue is through early detection. Without daily event reporting and historical data trending offered by AMI meters, these issues could sit unnoticed for months or years until the next time the circuitry is serviced or investigated.
Prior to the adoption of AMI meters, most of these issues were not easily identifiable.
Most AMI meters and systems already are capable of bringing the data into utility systems, and many AMI meters and systems already include this data in default configurations. The key is to put effective reporting and analytics processes in place to turn the event data into useful information and work orders.
Tomi Engdahl says:
Companies announce strategic partnership for the IoT
http://www.controleng.com/single-article/companies-announce-strategic-partnership-for-the-iot/76fc521144e90a94177ad6a7e1c7a0f2.html
Opto 22 and IBM have agreed to a partnership to bridge the gap between existing industrial assets and infrastructure, and the digital world of mobile, cloud, and information technology.
Opto 22 announced acceptance into the IBM Watson IoT Partner Ecosystem. This strategic partnership provides developers with a full stack toolset for building applications that connect real-world signals and data from industrial “things” to the digital world of information technology, mobile, and cloud computing.
The partnership between IBM and Opto 22 is intended to enable developers to design, prototype, and deploy applications to connect existing industrial assets to the IBM Watson IoT platform and share their data, capabilities, and resources with other connected systems and assets, to build the Industrial Internet of Things (IIoT).
Developers can connect, set up, and manage edge processing devices like programmable automation controllers from Opto 22 and apply real-time analytics, cognitive services, and blockchain technology to the data generated by these devices. Cognitive APIs deliver natural-language processing, machine-learning capabilities, text analytics, and image analytics to help developers realize the potential of the cognitive era with the IBM Watson IoT Platform.
Tomi Engdahl says:
Four IIoT connectivity challenges for businesses
http://www.controleng.com/single-article/four-iiot-connectivity-challenges-for-businesses/8ebe34b3e0ab56dbba478020945ccd9b.html
Companies looking to implement an Industrial Internet of Things (IIoT) strategy need to address several potential issues as they seek to bridge the gap between operations technology (OT) and information technology (IT).
1. Connecting disparate communication mediums
Very often, industrial networking technologies do not leverage Ethernet as their physical communications layer. Instead, they may use anything from RS232/485 to modems to proprietary wiring depending
2. Using non-standard methods of identification
Unlike IP addresses in the IT world, many industrial things don’t use standard addressable schemes for uniquely identifying themselves on the network.
3. Determining a request/response model
Industrial networks have historically followed a request/response model. If a particular thing is interested in a piece of data contained in another thing, it will make an appropriate connection, request the piece of data, and wait for a response containing the result. Although this pull model is fine for things living within the same digital boundary of operations, it won’t work for the outside IT world because of security and scalability requirements. Instead, IIoT likely needs a push model, where industrial data flows outbound to a cloud platform.
4. Enabling short-term data storage
Within the context of a single industrial network, we may find thousands of things that together may generate several thousand data points. Though this sounds like a small set of data, real-time operations requirements will necessitate these points to be sampled at sub-millisecond rates for data change detection. In the past, this high-frequency data would be simply analyzed, acted on accordingly, and thrown away. As companies move to making this data available to IIoT, thye will need short-term storage to ensure it can be pushed to other parties when they are available.
Tomi Engdahl says:
Strategy and standards help determine Big Data, IIoT value
http://www.controleng.com/single-article/strategy-and-standards-help-determine-big-data-iiot-value/9080d59dab9899559660b74ce4138fbc.html
Cover Story: There are many tools for capturing the potential value Big Data and the Industrial Internet of Things (IIoT) provide, but companies need to know what kind of information they want and how to gather it securely.
Companies that want to capitalize on Big Data and the Industrial Internet of Things (IIoT) are trying to unlock and harness the value from the data they are gathering. However, as the old saying goes, “one man’s trash is another man’s treasure,” and that is true in terms of machine and production data. A machine builder’s Big Data priorities may be very different from the information an end user manufacturer desires.
The first steps required for determining the data types necessary for each application are identifying the key business and production challenges IIoT technology should address. After that, a plan must be created to store and analyze data to generate insights that will help support continuous improvement efforts within a company’s operations.
On the end user side, this may include a wide range of information types—including categories such as direct, indirect, or derived data—depending on the established goals. Direct or “raw” data such as field sensor information is unfiltered and often hasn’t been converted into engineering units. Indirect data, such as motor temperature or vibration data, might be filtered. Derived data, which comes from data acquisition and subsequent calculations, include metrics such as overall equipment effectiveness (OEE).
Established Big Data, IoT standards and protocols
Data structures and standards are important for assuring industry conformance and represent that important first step towards regulated data acquisition and transmission methods. As IoT and cloud technologies continue to make inroads into industrial markets, data and protocol standardization efforts will become important forces behind conformance and interoperability. Working groups such as the OPC Foundation have highlighted the need for improved data acquisition and transmission in higher-level systems while maintaining defined data structures and data access rights.
More companies also are using established IoT protocols to transmit data to the dashboards of plant engineering staff and decision makers. These protocols are designed to define the data transports mechanism, which is a channel where the data can be moved to a local database or in a public or private cloud. The format of the recorded date is not defined by the protocol, which allows it to be packaged in a neutral format, such as java string object notation (JSON), or in a compact format such as binary. This data-interchange format is easy for industrial controls to understand and it enables interoperability for many cloud platforms, middle layer software, and analytics packages on the market.
Standardized data formats represent another important step toward the convergence of information technology (IT) and automation. It also assures that industrial devices present all data in a widely usable format that can be parsed to find the data’s real value.
Tomi Engdahl says:
Low Complexity Ethernet at the Edge a Bonafide Concept?
https://www.designnews.com/automation-motion-control/low-complexity-ethernet-edge-bonafide-concept/180229651456467?cid=nl.x.dn14.edt.aud.dn.20170316
The size, power, and cost of the Ethernet interface itself has been a deterrent to its use in simple field devices such as sensors and actuators. But perhaps new ideas and technology can make it possible.
At the recent ODVA Industry Conference, Tom Weingartner, marketing director for the Deterministic Ethernet Technology group at Analog Devices, conducted a technical session to explore the possibilities and spur discussion on use of Ethernet technology in network edge devices. His thought-provoking proposition was to define a concept, what he calls “Low-complexity Ethernet,” that would bring reliable EtherNet/IP communication to sensors and actuators, and also identify directions that could enable brownfield installations to take advantage of bringing EtherNet/IP to edge field devices.
According to Weingartner, “the concept of low-complexity Ethernet holds the promise of providing cost effective, low power, reduced area connectivity for simple EtherNet/IP devices. Such a concept can be realized in an open manner coupled with advanced features in next generation Ethernet MACs and Ethernet switches.”
By scaling a device’s communication software, it would be possible to fulfill the connectivity requirements of systems, such as EtherNet/IP, while minimizing the software footprint. The idea is that scaling, in turn, would reduce Flash and RAM hardware requirements to the point where a single chip processor with memory could be utilized in the design of a field device.
The conclusion is that “by taking advantage of advanced features in next generation Ethernet MACs and Ethernet Switches, it is possible to reallocate the Ethernet function from the processor into the PHY thereby creating a Low-complexity Ethernet device.”
These devices would provide the processor with a simple SPI interface to the Ethernet network
the controller no longer has to process every Ethernet message from the network.
“Rather than needing an A-class ARM processor to execute application and network software, a single chip processor with memory can be a simple, low-cost M-class controller. It is through this combination of hardware partitioning and software tailoring that we can achieve the concept of bringing EtherNet/IP to the edge,” the paper concludes.
Tomi Engdahl says:
Smart Home: $20 Threshold, Lingering Privacy Concerns
http://www.btreport.net/articles/2017/03/smart-home-20-threshold-lingering-privacy-concerns.html?cmpid=enl_btr_weekly_2017-03-16
According to Parks Associates, 50% of U.S. broadband households surveyed consider $20 or more per month for a comprehensive smart home service to be a good value. More than 26 million U.S. households own at least one smart home device, which represents a 35% increase from the beginning of 2016. However, privacy concerns remain a barrier to wider adoption.
“The key challenge in today’s smart home market is to move adoption beyond the early market and achieve mass adoption,”
adoption rate of smart home products increasing from 19% of U.S. broadband households at the end of 2015 to 26%
“Almost half of consumers rank privacy as their greatest concern about connecting devices to the Internet, and 40% have experienced a privacy or security problem with a connected device in the past year.”
This market trend is a significant barrier to IoT development
Tomi Engdahl says:
Spatial data once per second 17 with milliwatts
New UBXM8230CT circuit from u-blox
process in which the GNSS-circuit blocks are a big part of the shut down up to 80 percent of the time.
- As we cut power consumption significantly smaller. However, at the same time positioning accuracy is maintained very close to it, which at full power consumption is achieved, Bousquet says. of the center of Zürich demo measurements prove the claim.
In practice, UBXM8230CT circuit needs a 43 milliampere signal in order to produce spatial data once per second at full power. Super-E-mode, the current consumption drops to 15 mA, or about a third. Geographic Information will continue once a second, even if the accuracy is suffering a little.
The receiver’s power consumption can be shrunk even more, if the designer is sufficient spatial data less frequently.
Source: http://etn.fi/index.php?option=com_content&view=article&id=6012&via=n&datum=2017-03-16_15:15:15&mottagare=30929
Tomi Engdahl says:
Linux dominates the embedded
Embedded World, Nürnberg – from the inside of most embedded devices found in today Finno-oriented operating system. Linux’s position is clearly reflected in the Nuremberg exhibition halls.
Even a few years ago Linux was not considered best choice in many applications that require real-time. Now real time Linux is offered dozens of companies at the fair.
Linux has the advantage of platform versatility. on top of the kernel can be built as well as general-purpose control solutions that very closely for a specific application tailor-made solution.
Another advantage of Linux is security. Linux bends well for applications where security – for example, storage and protection of public keys – have been made to the device level.
Linux kernel fineness is precisely the openness and flexibility. Linus Torvalds is sometimes said that the core is likely to have to bring more security features, but this will not be made in such a way that the kernel development in some way to slow down or compromised.
Currently, the implementation of information security will either Linux vendors and suppliers responsibility. This is not an obstacle, but above all the opportunity. Intel is now part of Wind Rover’s new industrial control platform Titanium Control is a good example of this.
Titanium allows businesses to upgrade to 20 years old control system to meet current needs. The model devices / nodes control is OpenStack-stack, counting takes place in the Wind Rivers Industrial Grade Linux and Data is stored in the cloud. This means in practice Linux all the different levels.
Wind River’s strategy director Gareth Noyes, this is the only way to put the old control systems to support the IoT world.
Source: http://etn.fi/index.php?option=com_content&view=article&id=6014&via=n&datum=2017-03-16_15:15:15&mottagare=30929
Tomi Engdahl says:
Planes, Trains, Automobiles, and Digital Transformation
http://www.securityweek.com/planes-trains-automobiles-and-digital-transformation
When most people think about technology innovation in the transportation sector, connected and self-driving cars immediately come to mind. But digital transformation is happening across other transportation industries as well.
Long recognized for its excellence across the supply chain, DHL has added head-mounted displays that use augmented reality to streamline the picking process, increasing employee productivity while maintaining shipment accuracy. Dehli International Airport Limited (DIAL) is using digital technology to understand passenger preferences so that retailers are better prepared to accommodate airport visitors with the right products and services at the right time. Komatsu uses sensor tracking in construction and mining vehicles to create valuable global economic data that can be used to anticipate and plan for evolving demand patterns. Metrolinx, a government agency of Ontario, operates a state-of-the-art connected rail system that includes free passenger Wi-Fi, onboard infotainment, and fare collection and validation, with more innovations to come. And these are just a few examples.
A few notable trends are making digital transformation a priority for many transportation providers.
Commoditization. This phenomenon is nothing new.
Data is king.
Tapping into telematics. As the cost for telematics declines, more transportation providers are able to use telematics to gain greater insights into fleets of vehicles, aircraft, ships, and railcars.
Third-party interconnectivity. Planes, trains, automobiles – you name it – OEMs have always been part of the manufacturing supply chain. Now new partners are extending the supply chain as a data economy has emerged around the transportation sector. These partners buy, analyze, and sell data used to drive decision making related to sales, marketing, insurance, product development, and more.
To develop a strong security posture while capturing digital value, transportation providers need to ask themselves some important questions, including:
1. Where does security reside in my company? Security can’t be put into a silo and removed from the business decision making process.
2. Do we have the necessary visibility to understand and manage third-party risk?
3. Are we prioritizing our security investments appropriately? Threat modeling helps you understand the types of threats and level of exposure you face.
Digital transformation isn’t going to happen overnight, but the transportation sector is well on its way. Security must go hand-in-hand with important business decisions.
Tomi Engdahl says:
How IoT Growth Invites Opportunities and Hackers
http://intelligentsystemssource.com/how-iot-growth-invites-opportunities-and-hackers/
IDC, a global market intelligence firm, projects the total Internet-of-Things (IoT) spending will double to reach $1.3 trillion by 2020. USA alone will be spending $386 billion. (Source: IDC Worldwide Semiannual Internet of Things Spending Guide, version 2016H1). Wireless connection is not new so why the sudden excitement? The emergence of analytics, big data, low cost connections and most importantly the practice of the meaningful use of data has achieved something never imagined possible before.
Soon, Smart Manufacturing will no longer be a slogan but a requirement to be successful. In production, efficiency means profit and a line down can be disastrous. IoT can provide preventive maintenance support by, say, monitoring the temperature profile of machines and give early warning before overheating occurs.
With IoT, the vending machine will detect if inventory is running low and inform the warehouse to dispatch a truck to refill the vending machine. Customers never experience “empty”. The same solution can apply to industrial application to ensure propane will never run out.
There are many competing offerings of IoT connections in the market. The main advantages of LTE are that it can use the infrastructure already in place including building and operating of cell towers, established channels and billing systems.
The IoT opportunities also attracted hackers around the world. In recently years, hackers are more sophisticated and innovative. What used to be disruptive and annoying behaviors have turned into a scheme to distort money from hospitals, banks and business of all sorts.
Other attacks include taking over controls of connected vehicles by hackers, malicious software sent to vehicles via the automakers’ software upgrade systems, the disruption of bring down power grids and more. Additionally, the fear of medical devices being hacked has been on the minds of many security experts.
Pros and Cons of Discrete Design vs. Modules
Successful IoT connections require integration of software, hardware and wireless technologies. Seamless connection to LTE is easier said than done. On the hardware side, generally there are two approaches; design with discrete components from the ground up versus using a module. Each has its advantages and disadvantages. If the end goal is to have high-volume production, the discrete approach may be more cost effective. On the other hand, for small to medium volume, designing with modules can potentially shorten development (and test) time and bring products to market faster.
What Does the Future Hold?
IoT is almost certain to continue to grow worldwide. New IoT applications will be uncovered continuously. Various industries will rely on IoT to gain the competitive edge. Hackers and developers will continue to get smarter and the race between cyberattacks and cybersecurity will heat up. IoT companies will dash to bring products out. To balance opportunities and security, you need to be proactive.
Tomi Engdahl says:
IoT Cybersecurity Challenges
http://intelligentsystemssource.com/iot-cybersecurity-challenges/
LTE (Long Term Evolution) is emerging as a viable and valuable alternative to other RF (Wi-Fi, etc.) connection technologies for some classes of IoT devices.
LTE is the dominant fourth-generation (4G) cellular technology
But LTE still has security vulnerabilities: these include that it is possible to completely take down the LTE network, as well as to partially block communication, intentionally with the help of jamming signals, or unintentionally through various forms of interference.
An example of unintentional interference issues includes the coexistence issues with Air Traffic Control (ATC) S-band radar and Digital TV bands. Device multi-standard transceivers also present coexistence issues. From the perspective of designing a reliable device that can protect its operation and data, there are several larger problems. It is possible to spoof phone numbers and messages, to eavesdrop on calls and texts, and to spread malware through exploiting LTE vulnerabilities. These vulnerabilities affect potentially every Android device.
Compared to Wi-Fi, the LTE IoT device design would seem to have some inherent security advantages such as a unique device identity provided by the LTE / system, but cell phones can be cloned, such as by cloning the SIM card, so these are illusory advantages. The strongest device identity and PKI seems to be that based on the device itself generating a unique private/public key pair, employing something like the PUF (physically unclonable function), but the LTE / GSM cell network employed IMEI (International Mobile Equipment Identity) number is useful as a network identifier.
This secure design approach is built upon principles and mechanisms such as “separation” (virtualization and firewalls), authentication, verification, authorization, access control, layers of encryption, and key management. But even with all of this, there may still be penetrations leading to unauthorized configuration and software changes. To detect anomalies and then to remediate discovered problems there needs to be a monitoring and management system.
Conceptually, the camera would be one or more CCDs (charge coupled devices, the actual semiconductor that provides the video signals), a processor, some software processing RAM and storage, video memory cache (as a video buffer), a power supply and battery, and an LTE transceiver (such as the Digi XBee Cellular LTE Cat 1 embedded modem). Power may be provided by the grid, or by a solar panel.
Attempts to electronically attack this device will generally be defeated by the network firewall access control, and secure communications enabled by device-generated (unspoofable) identities and end-to-end encryption, all of which are supported by the underlying foundational technologies such as virtualization and the storage firewall. But don’t forget the management and monitoring solution.
Tomi Engdahl says:
IoT DEVICE SECURITY B U I LT-IN,NOT BOLT-ON
https://www.digi.com/pdf/digi-iot-device-security-nxp-wp.pdf
The 10 Security Factors Every Device Designer Should Consider
Limited only by designers’ imaginations, the Internet of Things (IoT) is changing how people live. From medical devices and fitness trackers to tank sensors, smart thermostats, intelligent streetlights, water monitors, and more, the IoT is in more places than ever.
However, by relying on wireless networks, those hundreds of millions of IoT devices present a greater “attack surface,” making them tempting frontline targets for competitors, hackers, disgruntled employees, and other bad actors. Unfortunately, the tools and techniques we’ve applied to PC/smartphone platforms often don’t work well in the IoT.
IoT solutions can’t simply implement a strong password over a TLS connection – the most common approach for PC/Internet applications. IoT solutions need a different approach, and the effort required to identify and mitigate unique security risks in embedded systems is often underestimated, if not overlooked entirely.
Security is a Balance Between Economic Cost and Benefit
Given enough time, money and expertise any system can be hacked, so it is important to design a system to deter an attacker by making it uneconomic
The 10 Security Techniques Every IoT Designer Should Consider
1. Packet Encryption
2. Message Replay Protection
3. Message Authentication Code
4. Debug Port Protection
5. Secure Bootloader
6. Pre-Shared Keys
7. Secure Shell
8. Public Key Exchange
9. Transport Layer Security
10. Wi-Fi Protected Access (WPA2)
Security threats to embedded devices in IoT solutions are increasingly common, as attacks have become easier to carry out. These can include confidentiality breaches, service theft, data integrity, and service availability.
IoT systems have unique security requirements and challenges, mostly due to resource limitations. Six core methods (packet encryption, message replay protection, message authentication code, debug port protection, secure bootloaders and pre-shared keys) are typically compatible with the unique needs of M2M terminal devices. Increasingly, four other methods (SSH, PKE, TLS and WPA2) can be used with smaller M2M terminal devices as available system resources expand.
Tomi Engdahl says:
Intelligence to stupid goods – a major project begins
Finnish-Thing2Data major project makes tyhmistäkin smart objects, without the need for a continuous online connection. The goal is to as much as 20 billion annual savings for the Finnish economy. The system utilizes, for example, block chain technology.
Our ambitious goal is to quickly create a new globally workable solution. For this project, has established extensive international corporate and public sector consortium.
Thing2Data is kind of the Internet of Things without the internet – or rather, without a constant Internet connection, and the need for the IP address.
“It takes too long before all the goods to be smart. I will not get on the internet of objects contact us if you do not know the address of the object or the protocol, “explains the project initiator and leader, Risto Linturi, Chairman of the Board of Directors Sovelto and multi-innovation project, an old hand.
Source: http://www.tivi.fi/Kaikki_uutiset/tavaroiden-uber-tuo-alyn-tyhmillekin-tavaroille-suurhanke-alkaa-6540964