Smart_home_protected_paasmer

Smart Home :- A protected Nest or an Open Book

ManagementTeamMouli1

Kavitha Gopalan

IOT is revolutionizing several industries including the consumer industry. Smart home has emerged as one of the top adopters of IOT with some of the cool innovative products. And its growing at a phenomenal phase. In 2016, 80 million smart home devices were delivered worldwide, a 64 percent increase from 2015, according to IHS Markit . CES 2017 saw around 190 exhibitors showcasing some of the innovative and futuristic smart home offering.

The idea of connecting the everyday home devices to Internet and its ability to be controlled form anywhere was refreshing and everyone jumped on the smart home train. Answering your door even while you are on a vacation, turning on your sprinkler while you are away from home, getting your coffee ready while you still asleep all these looked like a dream from a SCi-FI movie and yet it was affordable and adoptable. This helped in the steep growth of smart home products in the last couple of years. Definitely smart home is taking the concept of home to a new level.

However the question remains if the privacy and security which is the foundation of home will get lost as we move into the era of smart home. Is my private data safe anymore? Am I the only one who knows about me?

Home Smart Home: Domesticating the Internet of Things written by Kent Mundle of toptal discuss this key aspect.

He says “The home is the original security device – the original firewall. But now, as we allow the entire world to float through our walls and into our homes, have we deflated the entire meaning of our home that has stood for millennia? We speak of security and privacy now in the context of technical systems and hardware. But have we forgotten the origin of what privacy meant? In the spaces where we were once the most intimate, by inviting the world in we are becoming the most exposed. To adopt the Smart Home, must we forfeit the home?

Read more here https://www.toptal.com/designers/interactive/smart-home-domestic-internet-of-things

The Smart home devices have become the hub for several security attacks. The recent Mirai security attack used smart home devices as botnet to create havoc. Hence it becomes imperative to secure the connected devices to prevent any unwarranted usage.

PAASMER IOT platform follows a ground-up implementation to ensure data from device to cloud and beyond is secure and no data compromise happens. It also ensures that the devices are not exposed for any kind of attack.

Read more about how PAASMER IOT platform help to build secure IOT products and solutions.

http://blogs.paasmer.co/securing-iot-devices-through-paasmer/

iot-and-security-challenges

Real State of IoT and the Security challenges

ManagementTeamMouli1

Chandramouli Srinivasan

In a recent article by our friend Nermin at Toptal says “The Internet of Things (IoT) has been an industry buzzword for years, but sluggish development and limited commercialization have led some industry watchers to start calling it the “Internet of NoThings”. Double puns aside, IoT development is in trouble. Aside from spawning geeky jokes unfit for most social occasions, the hype did not help; and, in fact, I believe it actually caused a lot more harm than good. There are a few problems with IoT, but all the positive coverage and baseless hype are one we could do without. The upside of generating more attention is clear: more investment, more VC funding, more consumer interest”

He also says the top two challenges that continues to haunt IoT as “1) Security – Just not the vulnerable devices that gets hacked but also the misuse of the data collected from devices. 2) Hardware pain points – Security needs to be built from hardware and that comes at a additional cost”

While the concerns are genuine on security, we have been talking to a few IoT device manufacturers on the need to increase their budget for hardware and software to secure the devices they use or sell. Most of these cases, we still a lot of reluctance to implement additional security at an additional cost on the consumer side while enterprises are willing to secure the devices at an additional cost. Also the new software paradigms of “IoT on ToR” and “IoT on BlockChain” are also starting to get traction and they also are going to come at additional cost. It appears like it will take many more massive security attacks like Anti-DDoS to shift the mindset to put security first in IoT product designs. The questions remains as “Are we willing to pay the price for what?”

Read full article from Nermin in this link : https://www.toptal.com/it/are-we-creating-an-insecure-internet-of-things

Also check out our article on “IoT on BlockChain” in this link : http://blogs.paasmer.co/a-marriage-made-in-heaven-iot-blockchain/

lpwan-iot

The Choice of IOT network – LPWAN leading the way?

ManagementTeamMouli1

Kavitha Gopalan

IOT is the next technology transition where devices allow us to sense, control and manage the devices by making them smarter and connecting them through an intelligent network.

If you look at the building blocks of IoT there are four main blocks 1) Sensors or things or Edge as you may call it 2) The Local Network; this can include a gateway, which translates proprietary communication protocols to Internet Protocol 3) Internet 4) Back end services.

The local network or the network that connects the “things” and places them on the internet is what we will focus today. Choosing the right communication technology is crucial to the success of building an efficient IOT system.

There are many choices available like cellular, Wi-Fi, ZigBee, Z-Wave, En-Ocean, 6LoWPAN and LPWAN. Most of these technologies except cellular and LPWAN are mostly suited for short range communication typically an indoor kind of application. IOT connects millions of sensors to the internet. For connecting these devices to internet and to be able to control and manage from anywhere would require us to use either cellular or LPWAN.

Here is a simple comparison of various IOT networks available and their distinctive features.

Technology3GLTEWiFiZigbee6LoWPANLPWAN
Long RangeYesYesNoNoLimited 1.5KmYes
Tx Current Consumption500-1000mA600-1100mA19-400mA34mA35mA20-70mA
Operating Battery Life2-4 hours2-3 hours2-8 hours60 hoursVariable10 to 20 years
Module Cost$35-$50$40-$80$5-$8$6-$12$3$2-$5

Long Range, Low power consumption , long battery life and low cost are the key factors which make LPWAN ideal network of choice for IOT. Lets dig a bit deeper into this.

In a typical IOT implementation there could be multiple sensors which could be sensing and transmitting the data. These are readings like the temperature or moisture level etc. which are short and simple message. For examples the Sensors in the factory floor sending data or sensors in the crop field sending the moisture level or location information send by fleets.

Using cellular for transmitting these simple message is overkill. It consumes more power and it is going to be costly. Cellular connections for streaming video, games, and conversation require relatively huge bandwidth compared to the simple status reports that will make up the bulk of Internet of Things transmissions.

The other challenge in an IOT application is the power consumption. LPWAN consumes extremely low power and can operate for years on a battery.

LPWAN provides long range communication, consumes low power and costs very less compared to a cellular network. Many service providers are already considering LPWAN.

What is LPWAN?

LPWAN stands for Low Power Wide Area Network. Long Range, Low Power and Low data throughput are the key characteristics of LPWAN. LPWAN sits in a sweet spot of IOT – Long range and Low bandwidth.

lpwan_iot_network

Some of the characteristics of LPWAN

SpectrumUn licensed <1GHz, 2.4GHz
Long Range10s Km
Battery LifeUpto 20 years
Low BandwidthUpto 100Kbit/s
Low Chip cost<$5
Low subscription Costs<$10
LatencyUpto Mins

LPWAN typical use cases involve long range communications even in dense urban areas or Remote application requiring long battery life. Examples would include Smart city, smart lighting, smart metering, smart factory, Smart grid, Smart agriculture.

There are multiple long range low power networks evolving like SIGFOX, LoRA, WAVIOT. Ingenu, weightless-N.

LoRA and Sigfox are in the top of LPWAN lists with good hardware availability and maturity. Both companies have different technologies and business model but their goal is to make more and more mobile network operators to adopt their technology.And the comparison between them are for another blog.

For now it looks like LPWAN will be leading the way for IOT networks but if 5G comes with a bang to take IOT head on then the table could turn. Only time will tell!

iot_smart_city

Peek into How Smart Cities are Shaping across the Globe

ManagementTeamMouli1

Kavitha Gopalan

Smart City has become more than a buzzword in the recent time, Government and city officials are looking for ways to use the concept of smart cities projects for resolving the challenges faced by cities. According to various market research Smart city market size will grow to around $1.4 trillion by the year 2020 which is quite significant.

It’s difficult to accurately define what is smart city. The idea is to make a city “smart” and efficient to improve the living condition of its citizens and propelling itself for a prosperous growth. It’s a vision in which the challenges in the cities like environment, economic, demographic and social are overcome by using digital technology. A Smart City could help in cities betterment through

  • Efficiency improvement – prevent wastage.
  • Economic impact like reduce cost, increase revenue.
  • Environmental impact like reduced CO2 emission, pollution reduce the wastage of resources like electricity, water.
  • Social inclusiveness – providing open data to public to help then in decision and interacting with city officials.
  • City attraction.

The growth of Internet of things and AI will drive the adoption of smart cities quicker. Internet of Things allow the devices to be interconnected and allows them to communicate their status and data to others. This allows various services in the City to be interlinked and transforming them to a smart city

A smart city will have interlinked city services like trans portion, schools, libraries, transportation systems, hospitals, power plants, water supply networks, waste management, law enforcement, others. By interlinking the information from various city services the inefficiencies and challenges faced by the city could be mitigated.

A smart city should have implemented features like Smart Grid, Smart Traffic management, Smart parking, Smart street light management, Smart natural resource utilization.

Some of the smart City initiatives include

Smart Traffic management: The sensor data from the streets streamed live could transmit status of traffic on streets and connecting this data to the transportation system could divert the traffic to a less congested route. This could also be interlinked to the home assistance device like Alexa to inform citizen on the status.

Other similar application would be a smart parking system. Here the parking spaces fitted with sensors could transmit the status of occupancy and interlinking it to the various parking spaces in the city could allow citizen to find the nearest parking space to their destination through a mobile app.

Smart waste management in which the waste disposal happens in an efficient way and helps reduce the overall cost. Sensors fitted in garbage can signal when they are full and waste disposal can be initiated. This helps in reducing the logistics management of the vehicle to only when required and helps in reducing unnecessary movement of vehicle in road.

Smart Lighting which helps to reduce electricity consumption through the use of smart lighting control, like turning on only when the ambient light is low and turning off when not needed. Smart Lighting systems are frequently also equipped with central management software that monitors usage and leads to maintenance efficiency.

A new report released this year by Juniper research ranked Singapore as the smartest City followed by Barcelona, London, San Francisco and Oslo. They used some 40 metrics to evaluate covering technology, transport, energy, open data and economy higher weight age for transport and energy. Some of the smart city initiative by them includes

Singapore: sensors to track smoking in unauthorized zone , open data from sensors and cameras to track traffic which public can view, smart traffic light , smart parking, Singapore encourages use of public transportation and has reduced the number of private vehicle on road.

Barcelona: smart traffic management system, smart parking technology, smart streetlights, and sensors for monitoring air quality and noise, smart grid pilot projects, smart meters, smart sensors for irrigation.

London: technology to help tackle congestion and make parking simpler and Smart transportation.

SFO: smart parking, smart urban development initiatives, smart transportation.

Oslo: reduce energy consumption and greenhouse gas emissions, sensor network to help improve the care of sick, elderly patients, smart LED lighting and has launched a broad sensing network for monitoring traffic levels.

There are lot of projects that could be done in a city which could deem itself propelling the city to being considered a “smart city”. But will there be a smart City “achieved” status? Probably no because there will always be room for improvement and it will be ongoing process.

iot_block_chain

A Marriage made in Heaven – IoT & Blockchain

ManagementTeamMouli1

Chandramouli Srinivasan

One of the Forrester research predictions for IoT in 2017 is the marriage of IoT with Blockchain which could resolve all the potential security threats & vulnerabilities of IoT. Blockchain was originally designed for financial applications like virtual currency (Bitcoins). However, experts predict that its application in other area like IoT can offer an immense secure advantage.

Blockchain technology – that highly disruptive online general ledger or database – is poised to recast the Internet of Things, opening it up to networks and partnerships to accelerate its value. Blockchain “may have the most impactful potential of the entire portfolio of disruptive technologies that are now emerging.” That’s because blockchain is likely to impact many aspects of business operations and strategies – such as business models, processes, supply chains and customer relationships. The Internet of Things, in particular, is an initiative will see a re-arrangement due to blockchain.

The definition of blockchain is in its ability to digitally deliver “peer-to-peer value exchange.” Security and verifiability is inherently protected through its “globally distributed computations and heavy duty encryption — that ensure the integrity of the data traded among billions of devices without going through a trusted third party. Trust is hard-coded into the Blockchain platform and the platform acts as a ledger of accounts, a database, a notary, a sentry and clearing house, all by consensus.

Here is the picture of a typical Blockchain transaction

iotandblockchain

How can Blockchain be used in IoT?
In an IoT network, the blockchain can keep an immutable record of the history of smart devices. This feature enables the autonomous functioning of smart devices without the need for centralized authority. Thus, the blockchain opens the door to a series of IoT scenarios that were remarkably difficult, or even impossible to implement without it.

By leveraging the blockchain, IoT solutions can enable secure, trustless messaging between devices in an IoT network. In this model, the blockchain will treat message exchanges between devices like financial transactions in a bitcoin network. To enable message exchanges, devices will leverage smart contracts which then model the agreement between the two parties.

In this scenario, we can sensor from afar, communicating directly with the irrigation system to control the flow of water based on conditions detected on the crops. Similarly, smart devices in an oil platform can exchange data to adjust functioning based on weather conditions.

Using the blockchain will enable true autonomous smart devices that can exchange data, or even execute financial transactions, without the need of a centralized broker. This type of autonomy is possible because the nodes in the blockchain network will verify the validity of the transaction without relying on a centralized authority.

PAASMER is one of the few platforms that already has a working prototype implementation of Blockchain for IoT. Production & commercial usage of this implementation is slated for general availability in PAASMER within the next couple of years.

prognosis_paasmer

Prognosis 2017 for IOT

ManagementTeamMouli1

Kavitha Gopalan

IOT has seen unprecedented growth in last few years. But In 2016 IOT saw a lot of traction and the real value IOT brings to enterprise and Industry is driving wider adoption. This could well extend into 2017.

Forrester has recently published their prediction on what 2017 holds for IOT in “Predictions 2017: Security And Skills Will Temper Growth Of IoT”. There are also other research firms publishing IoT prediction for 2017. This blog compiles the key trends emerging from these researches and what the industry experts.

Edge (Fog) Architecture evolution
Edge computing will become vital for Internet of things. Fog computing is concept of moving the cloud closer to the devices collecting the data. This helps to restrict moving only the needed data to cloud and thus saving on bandwidth, latency and security. For Industrial IOT this will become a key architecture. Our platform’s key differentiating factor is our Edge innovation including Edge Operating system, Edge Database, Edge Analytics and Edge Machine Learning.
Know more about Fog Computing from this blog.

Cloud and Artificial Intelligence
Cloud will continue to be an anchor in almost all IOT implementation for data collection. New mechanism for data collection could emerge and AI will play a key role in IOT.

Block Chain and IOT will form the partnership
“We will see the first prototypes of smart contracts built on blockchain” says this Forbes article. Marriage of blockchain and IOT could start emerging in 2017. Blockchain could play a key role in securing IOT. Here is see our article that talks about how we intend to do this marriage on our platform here

Network specifically for IOT will emerge
IOT network requirements are unique, they transfer lots of small bytes of data over different communication channel. Different network topologies have emerged from Zigbee, Zwave and then we have continued using existing ones like Wi-Fi and bluetooth. New wireless communication technologies like LoRaWAN, Sigfox, or 3GPP’s narrowband (NB)-IoT are being designed specifically for IOT. Different countries have launched specific networks for IOT.

Security will be a key discussion point for IOT implementation
We have seen large scale security breach from IOT devices in 2016 like the MIRA attacks. This could continue well into 2017 , new types of attacks using IOT botnets could emerge and security could be a widespread discussion topic. This could lead to higher focus on security for new implementation in 2017.

IOT will surely continue emerge as a much hotter technology in 2017. We can definitely see IOT solving lot of real problems and bringing transformation into this world. Only 2017 will tell if these predictions are true and any other new trends will be evolving in the field of IOT.

fotolia_88452577_subscription_monthly_m

A Guideline to CIOs for their IoT Deployments to be Successful

ManagementTeamMouli1

Chandramouli Srinivasan

The proliferation of the Internet of Things will drive widespread adoption of IoT solutions, including IoT platforms. IT leaders and directors of application infrastructure need to understand the capabilities, scope and relationship of IoT platforms to existing IT infrastructure.

Key Challenges:

  • New IoT business solutions are composed of a complex, heterogeneous mix of IoT end points and platforms, and back-end systems and data.
  • IoT platforms typically offer many functionality capabilities, which vary (as do related marketing claims) from provider to provider, and IoT project requirements vary widely, making it difficult for enterprises and service providers to understand, compare and choose products.
  • IoT platforms are often bundled with specific renderings of IoT capabilities (for example,analytics) to solve specific business problems (such as predictive maintenance), but these typically, must be configured or customized to suit, and, at times, these capabilities augment and overlap (or look like) similar capabilities elsewhere in your application infrastructure.
  • Many business units are implementing use cases that include embedded Internet of Things (IoT) solutions. CIOs need to step up to provide leadership that can unleash and capture IoT benefits at the enterprise level.
  • The interplay between the four core capabilities of IoT — sense, communicate, analyze and act – makes it very different from traditional IT. This lack of familiarity makes planning difficult.
  • Confusion about the relationship between IoT, operational technology and digital business makes it a challenge to position IoT correctly within the organization.
  • The complexity and novelty of Internet of Things (IoT) solutions create challenges with controlling scope.
  • The market and technology for IoT are volatile and dynamic, increasing the risk that planned deployments can become obsolete by the time they launch.
  • Procurement options for IoT are evolving and include tying into third-party endpoints and IoT systems. In addition, emerging IoT ecosystems are forming around standards, and leading industrial and consumer brands are extending into IoT.
  • There is a high risk of IoT project failure due to technology complexity; limited internal skills; knowledge, cultural and organizational barriers; and difficulties realizing planned benefits.

Recommendations:

  • Use IoT Solution Scope Reference Model to help identify the key IoT solutions components and understand their roles, importance, and relationship to each other and existing infrastructure.
  • Commission an IoT center of excellence role to explore the potential business value of IoT solutions and their potential impact on existing IT infrastructure.
  • Plan a phased approach, to fully realize IoT project potential. Focus initially on IoT platform deployment and, over time, integrate the platform with back-end systems, data and analytics.
  • Identify the core benefits of IoT that are most relevant to your organization. We define the eight core IoT benefits as improving operations, optimizing assets, enhancing services, generating revenues, increasing engagement, improving well-being, strengthening security and conserving resources. Link these benefits to high-level business objectives to set the strategic context for IoT.
  • Form cross-functional teams of business and technology leaders to brainstorm future business moment scenarios and the role that IoT can play. Then work collaboratively to prioritize those that warrant further development.
  • Plan how your organization can leverage the four capabilities of IoT (sense, communicate, analyze and act) in support of business moment scenarios.
  • Control the scope of early IoT use cases by reducing technology complexity, limiting the number of endpoints, and cutting down or eliminating complex integration with enterprise systems.
  • Monitor IoT market developments on an ongoing basis. Identify opportunities to substitute customized IoT components and related software with commodity mass-market components.
  • Pursue opportunities to tie into third-party IoT and emerging IoT ecosystems first, before engaging in custom development of IoT solutions.
  • Conduct one or more IoT pilot projects before going into a production deployment. Be prepared to iterate through multiple pilots, which will reduce risk by applying lessons learned.
nodemcu1

How to Series Blogs: Connect ESP 8266 / NodeMCU to AWS IoT

ManagementTeamMouli1

Srinidhi Murthy

In this Blog we talk about connecting the simple ESP 8266 / NodeMCU to AWS IoT. Traditionally the simple and easily available ESP 8266 based boards could not connect to AWS IoT. There are two issues that prevent the use of AWS IoT for ESP8266 Arduino and pretty much every other 8-bit microcontroller-based device.

One is the requirement to either support certificates or use a crypto library to create “signatures”.

The other is TLS 1.2 or higher. If they allowed TLS 1.1 and added a “pre-shared key” authentication system, similar to the rest of the IoT providers’ de-facto standard for devices like these, there would already be another billion devices on the net.
AWS IoT supports web-sockets with MQTT now, which works on ESP 8266 / NodeMCU but not guaranteed.
This is all about to change … Enter the ESP-OPEN-RTOS ….

The ESP-OPEN-RTOS, a community developed open source FreeRTOS-based framework for ESP8266 WiFi-enabled microcontrollers. This RTOS is intended for use in both commercial and open source projects. Using the ESP-OPEN-RTOS, we have the ability to create a simple event driven RTOS for controlling all Things in the near field via Wifi and also has the support needed to create signatures and supports TLS 1.2 … which means connection to AWS IoT is possible.

ESP-OPEN-RTOS can be installed on any Linux based server like Ubuntu, RHL, SuSE and using the Xtensa tool chain can be cross compiled for ESP 8266 based boards like NodeMCU / Adafruit HUZZAH etc.

The procedure for installing the ESP-OPEN-RTOS, the pre-requisites, necessary SDK’s, tool chain etc is given in detail in the link.

We are not going to delve here on installing the RSP-OPEN-RTOS or the necessary software / SDK. We are going to concentrate on the RTOS Itself and its ability to connect to AWS IoT.

Let’s quickly move to the examples section of the ESP-OPEN-RTOS where we find the AWS IoT example.

Connection to AWS IoT needs the AWS command line Interface to be installed to create policies to allow the Thing (ESP 8266 / NodeMCU) to connect and an ECC based Certificate and private key .pem file to be generated. The detailed procedure is highlighted below.

  • Modify client_config.c to provide your own account-specific AWS IoT endpoint, ECC-based client certificate, and private key.
    1. Your endpoint is in the form of <prefix>.iot.<region>.amazonaws.com. It can be retrieved using the following command:
      1. $ aws iot describe-endpoint
    2. Your ECC-based certificate and private key can be generated by using the following commands:
      1. $ openssl ecparam -out ecckey.key -name prime256v1 -genkey
      2. $ openssl req -new -sha256 -key ecckey.key -nodes -out eccCsr.csr
      3. $ aws iot create-certificate-from-csr –certificate-signing-request file://eccCsr.csr –certificate-pem-outfile eccCert.crt –set-as-active
    3. To convert the certificate or key file into C string, you could try the following example:
      1. $ cat ecckey.key | sed -e ‘s/^/”/g’ | sed -e ‘s/$/\\r\\n”/g’
        Note, more information about using ECC-based certificate with AWS IoT can be found in the following blog
        https://aws.amazon.com/blogs/iot/elliptic-curve-cryptography-and-forward-secrecy-support-in-aws-iot-3/
  • Create and attach AWS IoT access policy to the certificate
    1. $ aws iot create-policy –policy-name test-thing-policy –policy-document ‘{ “Version”: “2012-10-17”, “Statement”: [{“Action”: [“iot:*”], “Resource”: [“*”], “Effect”: “Allow” }] }’
    2. $ aws iot attach-principal-policy –policy-name test-thing-policy –principal “arn:aws:iot:eu-west-1:892804553548:cert/2d9c2da32a95b5e95a277c3b8f7af40869727f5259dc2e907fc8aba916c857e”
      Note, the ‘principal’ argument is the certificate ARN generated from the previous command ‘aws iot create-certificate-from-csr’.
  • Modify include/ssid_config.h with your Wifi access Id and credential.
  • Build and flash the example firmware to the device using the command below:
    1. $ make flash -C examples/aws_iot ESPPORT=/dev/ttyUSB0
      Note, it assumes your ESP8266 is connected through USB and exposed under your Linux host as /dev/ttyUSB0.
  • Once the ESP8266 is connected to AWS IoT, you can use the MQTT client on the AWS IoT console to receive the messages published by the ESP8266 to topic ‘esp8266/status’. You could also publish ‘on’ or ‘off’ message to topic ‘esp8266/control’ to toggle the GPIO/LED (GPIO2 is used by the example).
paasmer_iot_solutions_1

IOT Solution Architecture Styles

ManagementTeamMouli1

Chandramouli Srinivasan

There are many ways to architect the Internet of Things implementations for enterprises. CIOs must consider security, privacy, cost, ease of access, agility and performance to determine the best architecture for each enterprise.

Enterprises will build and adapt their Internet of Things implementations based on a combination of these five main architecture styles:

  • Thing-centric. Things are smart on their own and store most of their data on-board. Things are self-sufficient and communicate to the Internet only for centralized coordination and analysis.
  • Gateway-centric. The gateway houses the application logic, stores data and communicates with the Internet for the things that are connected to it. Things don’t have to be as smart, because the gateway provides these resources.
  • Smartphone-centric. The smartphone (or any mobile device) houses the application logic, stores data and communicates with the Internet for the things that are connected to it. Things don’t have to be as smart, because the smartphone provides these resources.
  • Cloud-centric. The cloud will act as the central connection hub, power analytics and provision data storage. Things don’t have to be as smart, because the cloud will provide these resources
  • Enterprise-centric. Things are behind a firewall and are geographically collocated. There is little need to extend out to the external Internet.

Guideline:

Each architecture has its own advantages and disadvantages. These architectures are designed to be style models that most enterprises will want to combine according to their needs. The reason why the names of each of these architectures are appended with “centric” (for example, cloud-centric) is that we expect that most enterprises will not pursue a pure implementation. For example, an enterprise might favor a smartphone-centric architecture, but may still rely significantly on cloud resources.

Enterprise CIOs and IT leaders should use these steps as a way of thinking about how to implement these architectures:

  1. Find the architectures that fit your use cases. Use the criteria in the Choosing the Right IoT Architectures section. Expect to have different use cases that require different architectures within the same enterprise.
  2. Choose or build an IoT platform that can support these chosen architectures — (ideally, all architectures, even the ones you won’t adopt immediately).
  3. Consider emerging technologies that may eliminate the advantages and disadvantages of an architecture style. For example, high-performance messaging protocols (for example, Data Distribution Service remove the latency in the cloud to provide real-time communications as if the machines were locally close. The cost of computing, storage and communications will also be an emerging factor. For example, a decreasing cost of hardware against a rising cost of communications would influence an enterprise toward a thing- or gateway-centric style, as opposed to a cloud-centric style.

Choosing the Right IoT Architectures by Prioritizing Constraints

To properly evaluate which architecture styles fit best, enterprise CIOs and IT leaders should consider the following criteria. There is no right answer. Often, what is perceived as an advantage in some situations (for example, using cloud resources to remove cost and complexity from things) is actually a disadvantage in other situations (for example, connecting to the cloud is problematic or less secure).

The Priority constraints that needs to managed are

  1. Cost of hardware, software and data.
  2. Connectivity & technical requirements based on reliability and quality of service; Real-Time Performance.
  3. Data and Security.
  4. Users and Implementations complexity.
securing_iot_devices-through_paasmer

Securing IoT Devices through PAASMER

ManagementTeamMouli1

Kavitha Gopalan

The recent DDoS attack using connected devices was massive and disruptive to say the least. The attack which was done using internet enabled Cameras affected lot of websites Twitter, Amazon, Reddit, Netflix, and more. The attack specifically targeted the DNS (Domain Name System) that maps human readable website address to their IP address.

In this attack the malicious malware named Mirai was infected to the smart home devices like connected cameras that were vulnerable. Mirai spreads itself by scanning the Internet for IPs owned by common connected devices. These devices are often left with factory logins passwords and weak security protocols. The software uses this weakness to upload itself onto the device and take it over. Once the device is infected it will act like a botnet and sends spurious traffic to website swamping them that the website won’t be able to handle the load that it could break down. Cyber-attacks are not new but smart device that have IP address and that are not properly secured are vulnerable and could open the gate for more serious and dangerous attack.

IoT is influencing our lives in numerous ways by bringing lot of value. But at the same time IoT involves connecting the devices to Internet. Any connected objects like cars and home appliances are vulnerable. On one hand the enormous amount of data from the smart devices need to be secure and safe and should not fall into the wrong hands and on the other hand the smart devices acting like botnets to create DDOS type of attack.

Therefore, building secure IoT products and solution are top priority and IoT product manufacturer, software vendors and platform vendors all have the task at hand to build a system which is secure and can prevent these kinds of attack.

Solving the Security Threat Using PAASMER platform
As a secure IoT platform, PAASMER’s goal has been to ensure that IoT service/products built using the platform is highly secure.

PAASMER Security framework follows a ground-up implementation to ensure data from device to cloud and beyond is secure and no data compromise happens during. It also ensures that the devices are not exposed for any kind of attack.

PAASMER Security framework and how data safety is ensured is defined as below.

Device Level security
Device level security in PAASMER ensures the edge devices and gateways are not vulnerable and they do not expose their IP address to other devices which are not authorized for the access. This prevents any type of attack on them.
PAASMER Device level security is implemented in MISTY Operating system/Firmware package for IoT devices. The key features include

  1. Secure Boot
  2. Secure Provisioning
  3. Secure updates and patches

The secure boot validates and authenticates the software in the device each time the device powers up through a digital signature. This ensures no unknown software or malware is running on the device. An additional hardware chip called TPM provides enhanced security.

Secure provisioning uses secure tokens to establish the device into the network. Once the devices communicate its presence a secure token is released for the device to communicate with the gateway.

The IoT devices also need regular software updates and patches to keep them safe from malicious virus and attacks. However, what usually happens is once these devices are installed its forgotten. That’s why PAASMER offers Over the air software updates and patches which ensures the user does not need to bother about doing regular software update. Its automatically updated when a new patch is available after a secure device authentication.

Access Control, Authentication and Authorization
Access Control is built into the operating system to ensure that only authorized users are accessing the device. User level policy, Device level policy limits the access to users/device to the function they must perform. Multi-layered authentication like username/password, passcode based authentication, strong password rule and policy based access is defined at the device layer. PAASMER security framework forces customers to rest password during the initial registration process forcing them to change the factory password and also implements stringent rules for passwords.

Device authentication allows each device to validate itself when they enter the network thus removing device trying to sneak the network.

Data Encryption
PAASMER also provides end to end Data encryption. All the data service from the device to gateway to cloud to applications are encrypted so no data theft is possible while the data is moving.

PAASMER Security Framework leverages the SSL 3.0 and TLS 1.0 standards to leverage the latest in session and security frameworks to ensure security for the data. All communications require valid certificates that are authenticated every time a client connects.

PAASMER also ensures the data itself is encrypted with the Advanced Encryption Standard (AES) encryption specification.

Secure Communication
PAASMER mandates the usage of secure network tunnel for device communication with the cloud. The choice of network tunnel can vary between each use case. Handling all device communications over the secure network tunnel ensures that there is no network spoofing of device data or controls. Special Ant-DDoS choices on network tunnel ensures protection against the DDoS attacks.

Conclusion
To reap the full potential of IoT the security challenges faced by IoT devices should be mitigated. While the onus of Securing IoT devices lies with the platform vendors, software vendors, product manufacturers and consumers alike, vendors need to harden security in each of their offering by following end to end security implementation. By using PAASMER platform, IoT manufacturers can leverage the inbuilt security elements to build an Secure IoT platform in a quick , efficient way.