IoT Key Elements demonstrated on Homie framework
Presented in IoT Bratislava meeting
Recorded session (in Slovak): https://www.youtube.com/watch?v=ov4M9oxFLxI
3. Configuration API
• Way to pass connection details and basic properties of the IoT device,
i.e. not hardcoded into firmware
• Configuration should not define logic of the IoT device
• Provide automated way for configuration deployment
=> deploy tens/hundreds/thousands of IoT devices in one shot
4.
5.
6.
7. Security
• IoT Security = An empty buzzword
• IT/OT convergence
• New phenomena: decentralized, P2P protocols, e.g. Blockchain
• IoT = Ecosystem => more surfaces to attack
8. IoT Attack Surface Areas
Source: http://hackaday.com/2016/06/13/iot-security-is-an-empty-buzzword/
9. OTA Updates and Management
• Managing version control
• Simplify maintenance complexity
• Challenge: efficient delta updates to minimize resources
13. Analytics
• IoT is not M2M
• Push down: from Cloud to Edge/Node
• Edge/Fog Computing
• Real-time
• Machine Learning
• Distributed analytics
• Self-managing systems
• Autonomous systems
Cloud
Edge
Edge Edge Edge
Big Data
Storage
IT
OT
The basic feature of any IoT device is Configuration API that allows pass configuration without the need to hardcode it.
Configuration API is used just to pass the necessary information to establish connection, application logic has to be uploaded in different way.
Configuration API has to allow automated deployment of hundreds of IoT devices.
Example of JSON configuration file
Device ID
WiFi connection
MQTT connection
OTA connection
SSL certificates (distribution of SSL certificates)
JSON upload through curl
When in configuration mode, Homie exposes AP with the SID: “Homie-XXXXXXXX”
Raspberry Pi may search for all these APs and upload customized JSON configuration file
Homie provides WEB and Android GUI for step-by-step configuration setup
IT/OT convergence:
- IT leads the harmonization
- applying IT technology on OT domain (e.g. IP stack, SSL)
- economical benefits, IT experience, flexibility, however IT technology is not always suitable for OT domain
- Exposing OT systems – what was before closed is now opened due to IT/OT convergence, IPv6 makes this more critical
[Operational technology (OT) is hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise.]
Security:
- Centralized SSL/TLS - ok for closed IoT ecosystems (smart homes)
- Decentralized - P2P, e.g. blockchain (not suitable for IoT yet - computing power, storage for blockchain)
Homie v1.5 utilizes HTTP for OTA. As of Homie v2.0 OTA updates to be done through MQTT -> one surface exposed to attacks closed
OMA-DM SCOMO (Open Mobile Alliance-Device Management Software Component Management Object) standard
Delta updates: proved in IT world, challenge in OT world (mobile phone does not download 300MB, but just 30MB, Windows the same)
In case of bug finding, we need to immediately identify all IoT devices suffering the vulnerability
Example of Homie code
Need for Asynchronous Pattern: Node needs to operate in connectivity outage
Bi-Directional: depends on application
Mesh architecture
Analytics is very large topic, so for now just few observations.
IoT is not M2M: smart plug sending data to the cloud and through mobile phone we communicate with the cloud
Producers offer integration with cloud services like IFTTT, moving analytics into the cloud
Analytic on node level: Vodomer zisti unik vody na zaklade analyzy aktualnej a historickej spotreby
Analytic on Fog level: Fit naramky zasielaju data do telefonu, kde sa analyzuju
Distributed analytics: Elektromer – edge zbiera informacie z elektromera, kurenia, vonkajsej teploty, termostaty a na zaklade neuronovej mapy upozornuje na vykyvy od normalnej prevadzky resp prevadzky priemerneho pouzivatela v porovnatelnom dome s rovnakym poctom osob. Model neuronovej siete vypocitava cloud, edge ju len aplikuje a ked je volna vypoctova kapacita v cloude, tak vahy neuronovej siete sa prepopicitaju cez process ucenia. Teda vyuzivame fog computing, odbremenujuci cloud, ktory ma dosah na mnoho senzorov a aktuatorov
Analytical question: Je niekto doma?
Real-Time: Autonomne riadenie nemoze do cloudu posielat data a cakat z cloudu na prikazy
V2V – auta komunikuju nie cez cloud, ale priamo medzi sebou – Community of Things
Potrebujeme nove sposoby ovladania- ci uz v aute chcem vediet aktualnu situaciu, naplanovat pripomienku alebo doma zistit aka je predpoved pocasia
Offline: faster, secure vs limited set of languages, not precise recognition, only key words recognition
Online: local language support, precise voice recognition, longer sentences vs security
Homie provides WEB GUI for device control, however as a GUI might be used any framework supporting MQTT connection, e.g. OpenHAB or custom web page with WebSockets