3. IOT Overview
• Physical objects + Controllers, Sensors, Actuators + Internet = IoT.
• The IoT (sometimes also referred to as the Internet of Everything) is a network of physical
objects (or “things”) embedded with electronics, software, sensors, and connectivity which
enable those objects to exchange data with the operator, manufacturer, service provider,
and/or other connected devices.
• The IoT is based on the infrastructure of the International Telecommunication Union’s (ITU)
Global Standards Initiative (IoT‐GSI).
• The IoT‐GSI covers devices and objects connected over multiple communications protocols —
such as personal computing devices, laptop or desktop computers, tablets, and smartphones
— as well as devices that are connected to each other through other protocols, such as
Bluetooth, ZigBee (an open, global wireless standard), Long Range Wide Area Network
(LoRaWAN), and SIGFOX.
• IoT devices (or nodes) often operate without a screen or any user interface at all, may rely on
battery power for operation, and are usually dedicated to a single task.
• IoT devices are typically described as “smart objects, edge devices, or connected devices”.
4. IOT Drivers
• What makes an IoT device smart typically falls into one or more
of the following functional areas:
• Monitoring
• Control
• Optimization
• Automation
• The IoT is enabled by numerous technology trends:
• Devices are cost effective
• Infrastructure is in place and new infrastructure is being
built to support future technology needs.
• The evolution of functions is in line with user
expectations (for example, smart watches that provide
multiple services and applications).
5. IOT Present & Future
Future
• 75% of companies are
already exploring the IoT.
• 15 % of companies already
have an IoT solution in place
• (21 % of transportation &
logistics companies)
• 53 % plan to implement one
within the next 24 months,
and another 14 % in the next
two to five years.
6. IOT Smart
Application
Healthcare & Wellbeing, e.g. Angel Sensor, Fitbit, Hexoskin, Intraway,
Jawbone, Nymi, InKol Health Hub, Pebble, Philips Lifeline, Withings,
Zebra MotionWorks,
Home & Building, e.g. Belkin, Nest, Neurio, Quirky, Sensorflare, SMA,
SmartThings, Vivint, WallyHome, Withings, ZEN Thermostat,
City & Community, e.g. Bigbelly, Bitlock¸ FUKUSHIMA Wheel, Kiunsys,
Placemeter, Silver Spring Networks, Waspmote,
Utilities, e.g. Enevo, Mayflower CMS, MeterNet, Osprey Informatics,
Paradox, Trilliant,
Environment, Agriculture & Livestock, e.g. FilesThruTheAir, Fruition
Sciences, OnFarm, Semios, Topcon Precision Agriculture,
Car & Transportation, e.g. Audi, CarKnow, Connected Rail, Dash drive
smart, Delphi Connect, Ericsson, Libelium, Logitrac, PowerFleet,
Industry & Services, e.g. Argon Underground Mining Safety, Condeco
Sense, DAQRI’s Smart Helmet, Numerex, Perch.
11. IOT Challenges
• The economy promotes weak security
• Security is difficult, especially for new businesses;
• IoT systems are complex and each part must be secure
• The security support is not always maintained
• The consumer's knowledge of IoT security is weak
• Security incidents can be difficult to detect or resolve for
users
• Existing legal liability mechanisms may not be clear.
12. Problems of IoT Security
• Insecure Web Interface
• Insufficient Authentication/Authorization
• Insecure Network Services
• Lack of Transport Encryption
• Privacy Concerns
• Insecure Clould Interface
• Insecure Mobile Interface
• Insufficient Security Configurability
• Insecure Software/Firmware
• Poor Physical Security
13. Foundation for IoT
Security
• Device has a validated identity
• IoT platform has a validated identity
• Mutual authentication for
communication
• Encrypted and signed messages
• Secure execution environment (devices
& IoT platform)
• Secure software management /
distribution
• State-of-the art network & system
security (firewall, hardening)
• Role based access control
• Secure management access
14. IOT Security – Key Areas Of Consideration
• The Internet of Things Device
• The Cloud
• The Mobile Application
• The Network Interfaces
• The Software
• Use of Encryption
• Use of Authentication
• Physical Security
• USB ports
15. IOT - Liability
• The security flaws of IoT and its ability to perform certain tasks open the door
to any associated liability.
• The three main areas of concern are device malfunction, attacks, and data
theft.
• These issues can result in a wide variety of damages.
• Cyber Attacks
• IoT devices expose an entire network and anything directly impacted to the
risk of attacks.
• Some of the most effective measures against attacks prove simple:
• Built-in Security − Individuals and organizations should seek hardened
devices, meaning those with security integrated in the hardware and
firmware.
• Encryption − This must be implemented by the manufacturer and through
user systems.
• Risk Analysis − Organizations and individuals must analyze possible threats in
designing their systems or choosing them.
• Authorization − Devices, whenever possible, must be subject to privilege
policies and access methods.
16. IOT Security
Tools
• The common security tools that
are in use are:
• Encryption
• Password Protection
• Hardware Security Modules
• Two-factor authentication
• Secure elements
• Data erasure
• PKI Certifications
• Biometrics
• Hardware Crypto processor
• Blockchain