Top News: IoT Rules at Mobile World Congress (MWC)
After a week of everything mobile, at least in Barcelona at the Mobile World Congress (MWC), it is only fitting this week’s top news recap focuses on the other three letter acronym so hotly discussed from the show – IoT. Whether you have been living under a rock or just hadn’t embraced the fascination with the latest handheld smart technologies and cellular networking, this week’s Mobile World Congress (MWC) presented by GSMA, brought together around 800 mobile operators from more than 250 companies from around the globe to discuss the latest products, software and innovations that will push the IoT space even further into maturity. Some of the key themes to come out of this year’s MWC were the fifth generation wireless systems or 5G, the impact this next-gen tech and mobile will have on the Internet of Things (IoT) and the booming IoT businesses laying the foundations of the connected world. Now as you nestle up to your favorite mobile device or smart tablet, relax and dive into this week’s IoT news roundup from MWC! MWC: 5G Key to unlocking IoT … Just Not Yet (IndustryWeek) As the MWC surged forward with excitement for 5G to finally unlock IoT, experts warn the connective battle isn’t over, as the world dives into incorporating 5G throughout. Agence France-Presse with Industry Week reports that, “5G is the term on everyone’s lips at the Mobile World Congress in Barcelona and a global race to develop it is under way.” IoT Race Heats up at MWC 2016 (RCR Wireless) The race heats up for IoT, as 2G networks scramble to find a new way to connect with the announcement of 5G at MWC 2016. “Mobile World Congress is all about the newest wireless technologies, but this year the end of an old technology is driving conversations around the Internet of Things.” This Week’s 5G Buzz Indicates IoT is Finally Kick-Starting (VentureBeat) The hot topic on everyone’s mind this week had to be 5G and the need for more IoT connectivity. Leon Hounshell, with Greenwave Systems reminds us that, “Regardless of the hype, CES and MWC do not reveal an IoT revolution, but they certainly show us a determined evolution, where devices will unceasingly become more connected, open, and smart.” Mobile World Congress: Internet of Things Business is Humming (USA TODAY) This week may have shown us a lot of shiny new IoT products for consumers, but the truth is IoT for business will really dominate deal-making. USA TODAY believes that, “It’s not hard to see why. Gartner forecasts that the market for IoT services will top $101 billion this year, nearly 30% more than the $78 billion that businesses spent last year. By 2020, spending for services like network deployment, operations management and data analytics is forecasted to balloon to $257 billion.” Mobile World Congress: Why Every Brand Should Become a Tech Brand (Campaign Live) Connectivity is everything, and moving forward in this technological age the MWC believes all companies should become a tech brand in order to incorporate IoT. Natalie Bell with Campaign Live states that, “We are now in an era of connecting everyone and everything. So, while Mark Zuckerberg is urging us to focus on the former and ensure wider basic connectivity across the entire globe, there’s a huge tech focus on the latter — the Internet of Things, which will be greater enabled by the increasing capacity in 5G. It’s this vast array of connected objects that have caught my attention this year.”
Utilities: Where Data Flows Like Water at the Speed of Light
(Image courtesy Flickr Creative Commons) More than a decade ago, the choices were few to address the needs of data gathering and recording. Water and wastewater utilities, for example, had to be able to use a ‘one size fits all’ unit with set parameters and make their systems adaptable to the technology of the day. Since then, many municipal water systems, such as those in Southern Utah, have had to broaden the area from which they gather, use, and reclaim water. Most growing areas are even facing the dilemma of higher demands on services while trying to stay within shrinking budgets and manpower cutbacks. This is because in the past, many viewed electronic data gathering as a ‘want’ instead of a ‘need’ until now. As with any limited resource, scarcity often drives innovation as people are tasked to do more with less. Such is the current state and convergence of water/wastewater utilities and the Internet of Things (IoT) – an emerging paradigm in which more data and information can be gathered and acted upon during the processes of collecting, treating, monitoring, and distributing water. With the unprecedented demand for cities and municipalities to maximize water resource allocation, local government officials began implementing smarter methods to address the challenges of today and hurdle the potential obstacles in the future. By using new technology in the form of sensors, IoT networking and data analytics, city officials, local citizens, and businesses are now more accurately predicting everything from crop yields to at-home water conservation. This technological evolution is part of a much larger undertaking that has both garnered international attention and prompted action all the way to the Federal level of the United States government. Smart Cities Initiative Connected In response to the new Smart Cities Initiatives, cities around the country are beginning to take advantage of the $160+ million in Federal research and technical collaborations to help their local communities tackle key challenges such as lessening traffic congestion, reducing crime, fostering economic growth, creating jobs, managing the effects of a changing climate, and improving the delivery of city services and quality of life. According to a White House fact sheet on Smart Cities, emerging technologies have “created the potential for an ‘Internet of Things,’ a ubiquitous network of connected devices, smart sensors, and big data analytics. The United States has the opportunity to be a global leader in this field, and cities represent strong potential test beds for development and deployment of IoT applications.” Given the growth of these highly connected networks, Smart Cities are using wireless communication technologies to build critical infrastructure and support public services. According to the research firm Gartner, an estimated 1.1 billion connected things were used by Smart Cities in 2015, with this total rising to 9.7 billion by 2020. What Is on the Horizon for Utilities? As Smart Cities initiatives continue grabbing headlines and captivating imaginations, public utilities and their customers have the most to gain in the short term. Coordination and collaboration amongst a cities’ local government, utility operators, researchers, and technology vendors is key to bringing these “smart initiatives” to light. For example, Orlando, Florida was a destination of choice for many involved in these smart city transformations, as DistribuTECH 2016 brought approximately 12,000 people together from more than 60 countries across the globe to keep the focus on the future of electric power delivery and a smart utilities infrastructure.
Solving The Challenges of Remote Wi-Fi in the Industrial Internet of Things
Most of us can relate to the frustration of when the Wi-Fi is down, or running slowly, or if we travel away from an established network and aren’t able to connect to another one nearby. The lack of Wi-Fi makes it impossible to check our emails, look up something on the internet, connect with others, or get our work done efficiently. In short, it makes us feel a little helpless and a whole lot of cranky because we’ve become way too accustomed to getting the information we want – when we want it – and staying in 24/7 connection with our world. Now, if we’re challenged by our Wi-Fi experiencing a service blip in a metropolitan area, imagine a remote industrial setting like an oil pad, a water treatment plant, or a rural electric tower. All of these reside in what is known as the access layer – or at the very outer edge of an IT network. Not only is there usually no internet connectivity in the access layer, but these devices are typically operating in rugged terrain where they’re experiencing extreme and volatile weather conditions such as wind, snow, blistering heat, tornadoes, dust storms, etc. Each of these access layer settings is part of a larger industrial Internet of Things (IIoT) network that connects the information gathered from local sensors that transmit or receive operational data. From there, they pass it along through subsequent network touch points all the way to the IT department at headquarters where this data is collected, analyzed, and acted upon for improved decision making. So, at the access layer – sometimes in the middle of nowhere where there can be no Wi-Fi networks for miles – talk about being disconnected from the world! Adding the environmental component to that, as well as the fact that most of these remote sites aren’t adequately monitored and data security is at risk, it makes your occasional Wi-Fi challenges seem a bit tame, yes? Here’s where wireless IIoT communications technology can help transmit this critical sensor data from remote industrial locations with no Wi-Fi connectivity all the way to where they’re supposed to go – and at very high speeds. This week, FreeWave is launching its new WavePro™ WP201 shorthaul and Wi-Fi platform that delivers secure collection, control, and transport of Voice, Video, Data, and Sensor (VVDS™) information from the access layer. Think of it as high-speed, rugged Wi-Fi connectivity that can be positioned in that oil pad, power plant or wherever Wi-Fi is needed. It will not only connect these sensors to the internet, but can also transport voice and video to create an instant in-field network, provide greater visibility into what’s going on at these sites, and better protect remote assets. The Advent of Short Haul and the Access Layer Change is inevitable, and change is taking place in SCADA, M2M and IIoT networks. SCADA networks started as networks that transported periodic process updates and used low bandwidth networks with longer links to meet their mission. Today, remote SCADA and Wi-Fi networks are transporting more data from more sensor data with greater frequency in order to drive operational efficiency into business processes. SCADA and M2M networks are becoming more multi-functional than their predecessors. These networks are transporting more than sensor data from the remote site to the enterprise. These networks linking remote sites to the enterprise network are now transporting: Video for remote process monitoring, enhanced site security and theft deterrence Voice, since cellular coverage is not ubiquitous Data so field personal have access to information needed to work efficiently This combination of data types is what FreeWave terms as VVDS™ (voice, video, data and sensor). VVDS transport is now a requirement for your wireless network. Another change occurring in traditional SCADA networks is that link distances are decreasing. In the past, SCADA networks with wireless links of more than 10 miles were common. Today, wireless links in excess of 10 miles typically use high speed, microwave, point-to-point (PTP) systems because of the increased capacity demands of VVDS. The WP201 links the formerly unconnectable and is designed to not only meet the harshest environmental conditions, but also encrypts the data to keep it secure and protected. It can be used in a wide variety of industries like oil & gas, utilities, mining, disaster recovery, facility automation – anywhere where field sensor information needs to be transmitted to servers for Sensor-2-Server™ (S2S™) connectivity. The applications are almost limitless. With higher speed, shorter wireless links, FreeWave defines wireless networks in three tiers: Long Haul (or the Distribution Layer) are wireless links from 5 miles, and greater and are typically implemented using high speed, PTP microwave systems. Short Haul (or the Aggregation Layer) are wireless links from 1 to 8 miles that are easily implemented using high speed, 2.4GHz or 5GHz radios with directional antennas to create point-to-multipoint (PMP) networks for data and information aggregation, or PTP links that provide network ingress/egress points. Close Haul (or the Access Layer) are PMP networks with wireless links operating from a few feet to a couple of miles to transport VVDS data. Designing and deploying wireless networks using a layer approach that enables each layer to be optimized for transport and for cost ─ leveraging the right equipment at the right point. The WP201 and its remote Wi-Fi and short haul capabilities is the first in a series of S2S products that FreeWave is offering to be that critical communication bridge in the IIoT world. So in your own operations, what are some ways you might incorporate the WP201 into your network?
Guest Post: IHS Predicts IIoT Cybersecurity Will Increasingly Be Implemented in Hardware
By Sam Lucero, Sr. Principal Analyst, M2M & IoT at IHS Technology IIoT & Cybersecurity As IIoT systems create ever more critical dependencies in plant, energy infrastructure, and transportation environments, developers and deploying organizations will turn to hardware-enabled cybersecurity to stave off proliferating cyberattacks. Although the use of secure processors in smartcard applications, such as bank cards, mobile phone SIM cards, and digital ID documents is common, IIoT developers have barely begun to adopt a hardware-enabled approach. Instead, “root of trust” technologies, such as secure key storage, cryptography, and secure boot, are handled in software on the main application processor of the device. IHS estimates that in 2015 only 9.8% of all secure processors shipped were intended for IoT applications (that is, all of IoT, not just IIoT). The challenge with this software-based approach is that security functions on the application processor share common memory resources with other functions and are therefore exposed and vulnerable to malicious attack. Hardware isolation reduces (but cannot completely eliminate) this exposure and therefore dramatically increases the security of the device. This increased security is fundamentally why bankcards, mobile phones, and now ePassports, have shifted to the use of hardware-based security. Looking Ahead A lingering question regarding the use of secure processors in IIoT applications is whether implementation will be in the form of a second coprocessor chip placed alongside the host application processor, or whether cybersecurity hardware intellectual property will be integrated directly into an application processor. (Integration of cybersecurity circuitry still achieves hardware isolation in contrast to software, although some physical security measures may become impractical.) Chip companies such as Atmel, NXP, and Renesas Electronics have adopted this integrated approach for at least some of their respective portfolios targeting the IoT. It remains to be see whether an integrated approach will be successful. While integration helps to reduce overall device bill-of-materials, it can increase cost and complexity for cybersecurity certification, relative to a “two-chip” solution. About Sam Lucero Sam Lucero is a seasoned industry analyst with over 14 years of experience analyzing telecommunications and networking technology markets. He has spent the last ten years assessing the markets for machine-to-machine (M2M) and Internet of Things (IoT) applications. Sam has established leading M2M market research programs and managed international teams of industry analysts. He has authored numerous reports, forecast databases, and topical articles covering various aspects of the M2M/IoT market opportunity and has been widely quoted in news and trade journals, from the New York Times and the Economist to CNET and Wireless Week. Furthermore, Sam has moderated, presented, and judged at a number of industry events, including CTIA and Connected World. In 2014 Sam was named one of six “Augural Analysts” for M2M by Connected World Magazine.
IIoT Bold Prediction Series Part 2: Government Regulations Coming
Yesterday, we kicked the 2016 IIoT Bold Prediction Series off with a bang! As a nice follow-up, and second iteration of the series, Tim Mester, Principal Engineer of Advanced Technology at FreeWave, presents his Industrial IoT bold prediction: Prediction #2: Government Regulations Coming for IoT and IIoT Devices Due to a major security breach or reliability failure in connected devices or systems used in the Industrial IoT space, governments will be compelled to create and enforce new regulations on all IoT (and IIoT) devices, much like what is happening with the drone industry. (Note: IoT security breaches are not unheard of, as pointed out in this recent article by Bill Montgomery and Glenn Longley’s latest prediction as the first part of the bold prediction series.) But, like drones, the barrier to entry into the IoT space has been lowered by improvements in technology. For IoT/IIoT devices, it is by the proliferation of a low power “system on chip” technology (SoC) and platforms like the Beagle Bone, Raspberry Pi and Arduino. Also, the Open Source software that is available allows developers to quickly pull products together based on these inexpensive SoC’s. Now that we can quickly have these products, how do those procuring these know that they are secure? How do they know they will be reliable and will not fail in mission critical applications? Companies that are already experienced in the M2M and IIoT space understand these issues and concerns. They take the necessary steps to ensure that they can deliver secure and robust devices to their customers. But what about the new comers? The ones that took the easy route? The ones who do not have the experience in this space? Looking Ahead As IoT/IIoT data and control becomes more sensitive and critical, concern will grow concerning the robustness of all of these devices that our lives are becoming dependent on. I believe that we will see a surge of government regulations that mandate the levels of security and reliability for IoT and IIoT devices. We are already seeing the beginning of these types of government regulations being mandated in some critical infrastructure industries and this will only perpetuate. In smart grid projects, for example, operators must take into consideration the cybersecurity reliability standards which FERC oversees. This helps operators choose a more cyber-hardened technology. On the other hand, for industries that do not have these standards in place yet, there remains a tradeoff between “secure” and “easy-to-use.” When strong cybersecurity has not been mandated, people tend to avoid the “harder-to-use” option that is typically more secure.
IT Security Dynamics and the Industrial IoT
The quest to understand production and operational factors, distribute this information to business systems and people within an organization, and directly improve business processes and profitability as a result is not new. In fact, it has been embraced by companies for decades. This collection of operational information for use in information or business systems is known as IT/OT convergence. Getting IT and OT systems to work together to maximize business efficiency — while avoiding negative consequences, risks and pitfalls in the process — is a tall task. However, thanks to new technologies, this process is becoming more practical and is creating the opportunities for huge economic benefits when these two disciplines are successfully integrated. But, how does this convergence affect the security paradigm in large, geographically dispersed enterprises? Let’s Talk Security Traditionally, companies have a corporate firewall that divides the corporate IT space from OT space. With an Internet of Things (IoT) communications network, there is a need to protect the sensors and new applications on the OT side. However, even if there is a secure communication link, if the individual devices that are connected on the OT side become compromised and the threat has access to that communication link, a hacker can push malicious data, cause denial of service (DoS), or introduce malware or viruses to the entire network. There are many of ways to run into problems on the IoT front if companies are not careful in their network design security implementation. On the IT side, corporate network security typically sees many threats. Those threats require significant attention, and consequently IT organizations have numerous options and tools to use, such as intrusion detection, log monitoring, network behavior monitoring, network inspections, whitelisting, firewalls, and more. The IT space has a much different attack surface than OT because with an IT network, the company can physically secure the building and control where the data goes in and out. Data escaping the building is relatively small in comparison to the OT space. WiFi that is leaking outside the building could be a vulnerability, but there are tools and ways to lock down that type of threat, and checkpoints where the IT department can analyze the traffic going through the network. In IT, bandwidth is plentiful and the network overhead associated with security is generally not a major factor. Considering Industrial IoT Networks IIoT networks, on the other hand, can span many miles with potentially hundreds of thousands of data points. An IIoT network likely consists of small embedded devices with long lifespans, making it very efficient. However, they are generally not like the Windows operating system, which is consistently conducting massive updates. Some embedded technologies don’t allow any updates, making it essential to carefully select the best devices for a network. Having thousands of these edge devices is where organizations will begin to see IT/OT convergence – many more points in the field where threats could be coming into the IT network. Industrial organizations today are creating a connected infrastructure with IP-enabled sensors or IP/IIoT-enabled Access Gateways. The data generated by sensors at an asset location can be valuable to more than just the central control system. This might mean M2M communication with sensors talking directly to each other. It may mean that multiple systems consume the live, real-time sensor data directly from the field. It may even mean that operators connect their sensors directly to the cloud or other back office systems. If there is a way to share critical data while addressing security issues that can help provide information to key data users, then that information becomes increasingly valuable. Security Through Obscurity is Not a Solution IIoT solutions often utilize the widely deployed security technologies from the Internet to avoid the custom, one-off solutions of past industrial security, when it was used at all. IP technology makes it easier to deploy and talk to sensors, but it also makes it easier for intruders to see and snoop on valuable data streams. Security through obscurity is not a solution. There are many common attack vectors for industrial devices that become even more relevant when considering the IIoT infrastructures and fully networked, geographically dispersed projects.
Today’s IIoT Security Challenges
For decades, Supervisory Control and Data Acquisition (SCADA) systems have played a significant role in industrial operations. Industries like oil and gas, electric power/smart grid, agriculture and utilities have implemented SCADA systems and networks to collect data and automate processes, and are always looking to automation systems for more effective ways to operate. The ability to collect more data from geographically dispersed field assets in remote locations has driven the need for enhanced communication technologies. With the emergence of continuously improving wireless machine-to-machine (M2M) technologies, networks have more access to data points than ever before. The number of sensors and data points collected will continue to rise dramatically with improved connectivity. This collected data helps operators improve operational decisions, save manpower and, in many instances, keep employees safe by avoiding dangerous environments. Today, industrial network operators are increasingly implementing end-to-end Internet Protocol (IP) connectivity or the Internet of Things (IoT), enabling more capabilities at the edge of these networks. This does not make SCADA systems obsolete by any means; it opens the door to greater possibilities of enabling new applications and analytics with every single data point being captured in the system. So What’s the Security Tradeoff? There are many implications for the concept of a completely connected enterprise in terms of network security. Critical infrastructure projects are only as reliable and secure as the technology serving them. Security, therefore, will ultimately be the limiting factor on how much IoT technology is deployed. With security, the traditional trade-off is either “easy to use” or “secure”— but not both. We often consider a third tradeoff as well of features, though in most cases, operators are not willing to trade off features, but it is certainly part of the equation. An operator striving for an Industrial IoT (IIoT) network must look at SCADA security, the convergence of Operations Technology (OT) and Information Technology (IT), and make a thorough assessment of what will allow them to achieve a secure data communications network. Some of the top security challenges for the IIoT today include: With more data being transported than ever before, it’s important not only to secure assets, but to secure the communication link itself. Traditionally, SCADA systems have been on the outside of a firewall from the corporate IT network. Newer SCADA systems that use Ethernet devices are more security focused with measures such as VPN, secure sockets, encryption and dedicated log-ins on the devices. One Final Thought There are many benefits to the concept of a completely connected IoT system, but this also implies more crossover between IT and OT systems. Companies need to prioritize security in their quest to create end points for all of their field assets. Some industries, like the smart grid, are already experiencing mandates that ensure a more cyber-secure network. With others, however, it is still up to the organization to make security a top priority.