Internet of Things - John Brycemarketing.johnbryce.co.il/ad/2015/jul/Internet_of_Things.pdf ·...

Internet of Things

The Importance of IoT in Today’s World

Agenda

● Introduction

● Market landscape

● Key aspects and reference architecture

● Device managemet

● Security

● BigData

● API management

● Freescale

The History

● 1926 - Tesla: “When wireless is perfectly applied the whole earth will

be converted into a huge brain, which in fact it is, all things being

particles of a real and rhythmic whole”

● 1990 - Simon Hackett and John Romkey created The Internet Toaster

● 1999 - Kevin Ashton proposes the term "Internet of Things"

● 2009 - More “things or objects” are connected to the Internet than

people

● 2010 - 12.5 billion devices are connected to the Internet

The Internet of Things

● Machine to Machine interaction

● RFID enabled tracking

● Wireless sensor networks

● Broadly merged functionality M2H, M2M

● Low power embedded systems

● Ever increasing numbers and diversity

● Where web meets the physical world

● Intelligent system of systems

Where is it/will be?

● Mobile, home, embedded applications

● Every seat in a car, bus,airplane, subway

● Every sign, poster, notice, piece of mail, item of food

● Internet connected wearables

● Smart Homes, connected cars,...

● Everywhere where people exist

● Gartner estimates 26 billion devices by 2020

Why do we need it?

● More than two billion gallons of fuel wasted in traffic jams

each year

● By 2025: 37 cities worldwide will have a population over

ten million.

● By 2026: The doctor shortage in population centers will

have increased 10x.

● By 2030: Energy demand will have grown by 40%.

What can we do with it?

● Search for things:

● Find the state or other parameters of a thing

● Manage and control things

● Monitor and predict when things break

● Exploit things as managed resources

What can we do with it?

● Improve medical outcomes

● Lower production costs

● Improve service

● Optimize energy consumption

● Turn data into valuable business intelligence

● Meaningfully exchange data

● More examples in...

Wearable devices

● Watches, rings, glasses

● Cloth and shoes

● Recent examples:

o Google Glass

o Apple watch

o Fitness-oriented wearables (Jawbone)

o https://jawbone.com/up - movie

Health Care

● Monitoring infant’s: breath, temperature, body position

and activity levels from a mobile app

● Wearable ECG, respiration and heart rate sensors

● GlowCaps for pills

● Smartphone sensors to monitor movement and location

● Wristbands in hospitals to locate patients and monitor

treatment stages

● Braille interface navigation

● Glucose monitoring

Home

● Efficient air conditioning

● Efficient lighting

● Optimizing energy consumption

● Tracking down lost objects

● Preventing disasters (fire, smoke,..)

● Managing and monitoring devices from an app

● Smart propane tanks and sprinkler controls

● Smart refrigerators and smart egg trays (Eg minder)

● Sensor-driven, Wi-Fi-enabled, self-learning (Nest labs)

Industry

● Automate process controls

● Optimize plant safety

● Asset management:

o Predictive maintenance

o Measurements to maximize reliability

● Real-time optimization of:

o Manufacturing production

o Supply chain networks

Example

● Traffic camera monitors the road for accidents/jams

● Communicates status to a Gateway

● Gateway combines and shares to the Cloud

● Data across systems is gathered and analyzed

● Insights from the traffic data are communicated to other

systems( public transportation, digital signage,..)

Cloud

Internet

BigData Data-

Center

GATEWAY

App

App

Lan

Sensor hubDevice

Generic

Network

Topology

Architecture

Main Challenges

● Security

● Scalability

● Power consumption

● Software updates

● Failure recovery

● Connectivity

● Device management

● Collection, analysis and actuation of Data

How is this possible?

● Ant-sized radios

● Fitted onto tiny silicon chips

● Cost only pennies to make

● Energy efficient to the point of being self-sufficient

How is it done?

First stage: Connection

● Connect Existing Resources

● Build What’s Required

● 85% of devices today are not connected

● Devices are characterized by diversity of architectures,

connectivity options, memory constraints

● Gateways - vital for ensuring integrity, uniformity, and

validity of data

How is it done?

● Stage 2: Data Management

● “Write once, analyze later” paradigm doesn’t scale

● Intelligence is required throughout end-to-end system

● IoT Platforms, Device Clouds, Edge Management

● Security considerations: Who can you trust to store and

analyze your machine data?

How is it done?

● Stage 3: Analysis

● Extracting insights from data over time and in real-time

● 80% of data collected today is unstructured

● Real-time analytics will allow predictive maintenance of in-

service equipment and other use-cases

● Adaptive analytics will unlock insights based on analysis

of large data sets

Internet of Things

The Market Landscape for IoT

Market Evolution

● Passive things:

o Remotely identifiable

o Connectable

o Relatively dumb

● Examples:

o RFID-tagged books

o Furniture items

o Spare parts

Market Evolution

● Active things:

o Can exchange sensory data

o Control information

o Gain a level of interaction

● Examples:

o Roads

o Bridges

o Farm animals

Market Evolution

● Aware things:

o Process data

o Response to events

o Take action

● Examples:

o Driverless trains

o Electrical appliances

o Doors, windows

Market Evolution

● Autonomous things:

o Make decisions based on built-in rules running locally

or remotely

o Can be self learning

● Examples:

o Intelligent thermostats

o Smart grids

o Self-driving cars

http://www.solarroadways.com/intro.shtml

Autonomous

Aware

Active

Passive

2012 2014 2016 2018

Market opportunities

● Short-term (1-2 years):

o Active and aware things

o More focus on the things themselves

o Things equivalent of the killer app

o Less emphasis on backend or cloud

Market opportunities

● Medium-term (2-5 years):

o Aware and autonomous things

o Focus on infrastructure and platforms

o Management of things and the data they

create

o Cloud, Big-Data analysis

Early-adoption scenarios

● Identification and tracking:

o Where the benefit of knowing where things are

outweighs the cost of doing so

o Where connecting is easy with infrastructre in place

● Monitoring:

o Environmental monitoring

o Smart roads and bridge-monitoring sensors

o Dynamically map transport conditions

Early-adoption scenarios

● Integrated control:

o In health care (control apps, smart pens)

o At home (Smart TV, set-top boxes)

● Predictive business analysis

● Early response

● Efficient processes and service delivery

● Smart homes

Early-adoption scenarios

Trends and Technologies

● Software-defined networking:

o Applications and software can access APIs of

routers, switches, and other low-level

networking devices

● Cloud technologies

Trends and Technologies

● Standards and norms for IOT:

o IBM’s MQTT communications protocol for sensors

● Miniaturization:

o New ultra-low-power microchips

o Power harvesting sensor chips

● Mobile technologies:

o accelerometers, GPS, NFC,..

Facts and Forecasts

● Business Insider: IoT will surpass the PC, Tablet and

Phone market combined by 2017

● Asia and Latin America lead in implementation

● Cisco: IoT has the potential to grow global corporate

profits by 21 percent in aggregate by 2022.

Facts and Forecasts

● The Economist: 95% of chief experience officers expect to

launch IoT businesses in the next three years.

● Between 2010 and 2020, China is expected to spend

$603 billion on M2M tech for its cities.

● US and Europe are making great strides in the IoT

Internet of Things

Key Aspects and Reference Architecture

Reference Architecture

● Billions of connected devices

● We need:

o a way to interact with them

o a scalable architecture that allows Disaster recovery

o automatic updates and remote management

o to secure the collected data

o a strong basis for further development

Reference Architecture

● Core concerns:

o Communication and connectivity

o Device Management

o Data collection and analysis

o Scalability

o Security

Device types

● 8-bit SOC controllers

o Arduino

o No operating system

● Atheros (Qualcomm) or Arm processor based

systems

o Arduino Yun

● 32/64 bit computing platforms

o Raspberry Pi, BeagleBone

Arduino Arduino

IDE

Raspberry

Pie

Communication

● Short range:

o Bluetooth low energy BLE

o RFID and NFC

● Medium range:

o Zigbee, other mesh radio networks

● Long range:

o Wifi, Direct Ethernet, 3/4/5G

Communication

● ZigBee:

o Supports multiple network topologies (point-to-point,

point-to-multipoint and mesh networks)

o Low duty cycle – provides long battery life

o Low latency

o Up to 65,000 nodes per network

o 128-bit AES encryption for secure data connections

o Collision avoidance, retries and acknowledgements

Communication protocols

● HTTP

● MQTT:

o M2M, IoT connectivity protocol

o Very lightweight pub/sub messaging transport

o Low latency, assured messaging

o Efficient distribution to one or more receivers

o Better at high volume of low size messages

o Provides a two-way communication channel

o Uses SSL/TLS on top of TCP stream

MQTT topic-based example

● A sensor pushes telemetry values on a topic:

o greenhouse/42/temperature

o greenhouse/42/humidity

o greenhouse/42/luminosity

● Actions are on another topic

o greenhouse/42/open-the-roof

o greenhouse/42/close-the-windows

Communication protocols

● CoAP - Constrained App Protocol:

o UDP based

o RESTful protocol

o Excellent for contained devices and networks

o Specialized for M2M

o Datagram Transport Layer and Certificate

Security

● URI: coap://hostname/lamps/12/status

Deployment

Server Side

Cloud

TCP/UDP

WiFi

Ethernet

Arduino

Raspberry

Pi

Application

Internet of Things

Device Management for Connected Devices

The challenge

● Various:

o Technologies

o Hardware

o Devices

o Applications

● How do we manage all this?

What is device management for?

● Configure a device

● Enroll a device

● Update firmware

● Monitor and gather connectivity statistics

● Secure a device

● Manage fleets of deployed devices

To enroll the device

● A need for an Agent App

● Specific agents for specific hardware

● Identify the device

● Identify the owner of the device -

Authentication

To enroll the device

● If the device has a UI:

o Common username/password identification

● Options if there is no UI:

o Store the unique ID of the device in the server

o Register the device, then activate from the server

o Separate agents for each device with a unique ID

o Generate a unique ID in the server and use in the

agent

To query the device

● The agent:

o Passes the device metadata (model, vendor,

os,..) to the server

o Passes the device capability (what it can do)

o The server executes device management

commands on the device

Device Management: Protocols

● Main goal: Provide an application agnostic way to

manage devices

● TR - 069:

o SOAP based, not very useful for IoT

● OMA - DM

o HTML/XML based with binary XML encoding

● Lightweight M2M

o OMA-DM successor for M2M

Device Management: Protocols

● OMA - DM:

o An Open Mobile Alliance standard for Device

Management

o Targets mobile phone terminals, but can be

used in M2M

o Meant to be used by mobile phone operators

Device Management: Protocols

● OMA - DM Features:

o Read, write configuration or monitoring nodes

o Trigger remote commands

o Firmware Update Management Object

o Software Component Management Object

Device Management: Protocols

● OMA - DM firmware update example:<Add>

<CmdID>1</CmdID>

<Item>

<Target>

<LocURI>./FwUpdate/{package identifier}/DownloadAndUpdate/PkgURL</LocURI>

</Target>

<Data>http://{package download server http address}/{update_package.pks}</Data>

</Item>

<Item>

<Target>

<LocURI>./FwUpdate/{package identifier}/PkgName</LocURI>

</Target>

<Data>{package name}</Data>

</Item>

</Add>

Replace the

DownloadAndUpdate/

PkgURL with the

package download

URI.

Device Management: Protocols

● OMA - DM firmware update example:<Exec>

<CmdID>2</CmdID>

<Item>

<Target>

<LocURI>./FwUpdate/{package

identifier}/DownloadAndUpdate</LocURI>

</Target>

</Item>

</Exec>Set the Exec command to the

DownloadAndUpdate node so that it

initiates the download and immediate

installation of the package contents.

Device Management: Protocols

● Lightweight M2M:

o New Open Mobile Alliance standard

o OMA-DM successor for M2M targets

● Features:

o Firmware upgrades

o Device monitoring and configuration

o Server provisioning

Device Management: Protocols

● LWM2M

o Interface flows:

Device Management: Protocols

● LWM2M example

o Registration:

IoT application architecture

Linux OS

Supervisor

App1 App2 App3

Cloud serversOMA-DM

MQTT/CoAP

Radio

ModuleLow

power

App

Network

Operator

OMA-DM

OMA-DM

Internet of Things

Security Challenges for IoT

Is it needed?

● Google hacking:

o Search queries that identify endpoints with a security

flaw: intitle:cam inurl:ViewerFrame?Mode=

o Get access to roadcams that were not meant to be

publicly visible

o 2011: Hack against Fitbit identified users that recently

had sex: “sexual activity” site:fitbit.com

o Source: forbes

o Hack against the website, not the device itself

Is it needed?

● Jun 2013:

o A google hack pointed to a list of “smart homes”

o All homes had the same automation system that

allowed remote control of lights, hot tubs, fans,

televisions, water pumps, garage doors, cameras, and

other devices

o No authentication was required to activate and use the

connected devices remotely

● Source: forbes

Is it needed?

● Jan 2014:

o Security researcher followed an IP that was sending

spam

o The IP address belonged to a fridge

o The researcher managed to log-in and use the fridge’s

web-admin

o The manufacturer embedded a linux system with no

security enabled

● Source: BBC

Is it needed?

● Shodan: http://www.shodanhq.com/

o A search engine to find devices that are

connected to the internet

o Allows to find: traffic lights, security cameras,

home heating systems, control systems for

water parks, gas stations, water plants, power

grids, nuclear power plants, particle-

accelerating cyclotrons ...

Is it needed?

● Shodan: http://www.shodanhq.com/

o Many devices have little security

o "admin" as username and "1234" as password

o Other devices are simply unprotected

o The only tool needed: an internet browser

o How to find and hack devices using Shodan: WonderHowTo

● Google:

o exploit-db

o Try this or this

How is security in IoT different?

● The data is highly personal

● Manufacturers don’t think like security experts

● Embedded systems are developed using existing designs,

chips…

● Device capabilities (crypto) are limited

● Updates are hard or impossible

● Ease of use is at odds with security

Physical Hacks

● 2008: Dutch government issued a warning about the

security of access keys based on the MiFare Classic

RFID chip widely used in building-access and public

transportation payment cards in Europe

● ...And every military base in the Netherlands

● $3000 equipment was used to hack it

● 2014: NFC hack for Android devices enables to unlock

any android phone with NFC by simply picking it up

● Source: computerworld

Security guidelines for IoT

● Not to rely on obscurity :

o RFID, NFC chips might not be as secure as you think

they are

● Hacking one device should not risk other devices of the same type

● Connectivity:

o Connection protocols might be encrypted

o Stages before the encryption (key exchange) are

neglected (Bluetooth Low Energy)

Security guidelines for IoT

● RSA cryptography on 8-bit chips is slow (minutes), painful and

expensive ...and you can’t replace them with ARM because cost

matters:

o 8 bit chips: 5$ retail, 1$ or less to embed

o 32 bit chips: 25$ retail, ++ to embed

● Elliptic Curve Cryptography is an alternative:

o ATECC108 8-bit chip provides a full turnkey Elliptic

Curve Digital Signature Algorithm engine with 238 bit

keys

Security guidelines for IoT

● Also there is Speck - a family of lightweight block ciphers!

o But they are released by the NSA

● People think that Wifi chips (WPA) provide security

o They secure only in the LAN

o Do not solve the end-to-end crypto problem

Security guidelines for IoT

● Traditional security:

o Firewalls

o Perimeters

● Not suitable for IoT:

o Devices are out in the: field, cars, homes…

o Devices are moving and stationary

o The identity of the device should act as it’s security

perimeter

Security guidelines for IoT

● Passwords?

o Designed to be input on-the-fly/on-demand

o Designed to be changed

o Do not work well with humans

o Do not suit the connected devices

Security guidelines for IoT

● Giving a device a token to use on API calls is better than

giving it a password:

o Revocable

o Granular

● Relevant for:

o Device to cloud

o Cloud to app

Security guidelines for IoT

● Alternatives for passwords:

o For devices: OAUTH 2 - an open standard to

authorization

o For humans: OpenID connect - an authentication layer

on top of OAUTH 2

o Example: You use it when you authorize an app to this

and not to do that on your device

o Challenge: Both OAUTH and OpenID were made to

work with HTTP, not MQTT

Security guidelines for IoT

● Do not rely on firewalls only:

o Monitor for failed access attempts

o Use real-time event processing for fraud detection:

Identify hackers

Identify devices that may have been compromised

● Device management is vital:

o Update devices with secure keys

o Lock compromised devices remotely

Security guidelines in general

● How are you going to protect the privacy of your users?

● Privacy by design:

o Design the system to avoid privacy breaches

o Flatten the data rather than storing a record

per user+date

o Don’t store data you don’t require

o Delete historic data that is not needed

Internet of Things

Data, Big Data and Real Time Analytics for Connected Devices

Big Data analytics

● Data is increasingly being gathered by sensors, software logs,

cameras, RFID readers, wireless sensor networks e.t.c

● Volume:

o Terabytes to exabytes of data to process

● Velocity:

o Streaming data, milliseconds to respond

● Variety:

o Data in many forms: structured, unstructured, text,

multimedia...

Big Data analytics

● Conventional analytics tools/platforms cannot keep up

● Big Data analytics:

o Conventional analytics

o On Big Data framework

o Real time

o Advanced text analysis

o Machine learning

Big Data analytics

● Scenarios:

o IT infrastructure optimization

o Social network analysis

o Churn analysis

o Advertising

o Fraud detection

o Equipment monitoring

Retail In-Store example

● Real-time, localized, micro segmented offers

● Driven by customer profile, need, store stocks and local

influencers:

o weather

o birthdays

o graduations

o e.t.c

Retail In-Store example

● Step 1 - Inputs:

o Customer profile and activity data

o Channels - digital, contact center

o Sensors to detect hotspots

o Shopping data - trolleys with RFID tags and

beacons

o In-shop camera data - detect where does the

customer spend most of the time in the shop

Retail In-Store example

● Step 2 - Micro Segment creation

o Customer X is associated with segment Y

o Can be done in batch or in real-time

● Step 3 - Analytics model

o Decide and choose a promotional offer

o Deliver to the smartphone/tablet of the user and the

Point of Sale device

o Can be done once or in continuous channel-customer

interaction

Decision Model for IoT

Real-time

processing

Incoming

data

Storage

Batch

processingModels

Decision

system

Scoring Actions

Data processing tools landscape

● Real-Time processing tools

o Process on-the-fly, without storing

o Stream processing, complex event processing

o Apache Storm

● Databases

o Index based queries

● In memory computing

o Spark, Hana, VoltDB

Data processing tools landscape

● Interactive processing

o Apache Drill, BigQuery, OLAP cubes

● Per record processing

o MapReduce, Spark

● NoSQL/ HDFS

Lambda architecture

● Handle massive quantities of data by using both batch- and stream-

processing methods

● Batch processing to provide comprehensive and accurate

precomputed views

● Real-time stream processing to provide dynamic views

● Attempts to balance latency, throughput, and fault-tolerance

● Intended for ingesting and processing timestamped events that are

appended to existing events rather than overwriting them

Lambda architecture

Design considerations

● Edge processing

o Local processing for efficiency and high availability

● Last mile

o How to push actions?

o How to carry out actions that take time?

o How to avoid conflicts?

● Integration with the cloud

o Using other services and data from multiple sites

o Enabling better models and decision

o Privacy, data sensitivity

Design considerations

● Taking the human out of the loop

o Should be done gradually with fine grain

control

Provide alarms and course of action

Ask for user confirmation

Automate only selected actions

o Should be done carefully as we can’t foresee

all the outcomes

Internet of Things

API Management in the Context of IoT

API Billionaires club

● 2011 programmableweb.com:

o Twitter - 13 billion API calls/day

o Google, Facebook - 5 billion API calls/day

o Netflix, Ebay - 8 to10 billion API calls/month

o SalesForce - Over 50% of all traffic via API

o Amazon Web Services - Over 260 billion

objects stored in S3

IoT API Management

● A need for a standard access layer - API

o Heterogenous devices

o In large numbers

o Proprietary:

Protocols

Access control mechanisms

Data models

IoT API Management

● Web APIs => REST APIs are key for connecting devices

to the Internet:

o Driven by modern dynamic web-user

interfaces

o Driven by human-held mobile devices

o Lightweight

o Developer-friendly

IoT API Management

● Examples of modeling device capabilities as HTTP

resources:

o Humidity sensor:

http://ip/locationID/sensors/humidity - GET

o Turbine:

http://ip/locationID/actuators/turbine1/rotate - POST

http://ip/locationID/actuators/turbine1/status - GET

IoT API Management

● Sensor nodes participating in a flat or two-tier sensor

network are not IoT

● Unless you can get your data to higher end computational

devices

● API devices: sensors that are coupled to a device that

already speaks Web APIs

● An intermediate layer is needed to connect sensors and

networks to APIs, clouds, data-centers and devices.

IoT API Management

● Challenges require planning and foresight:

o Not every device/thing is API enabled

Smart-phones and tablets - are

A temperature sensor on a factory floor connected

via a wireless sensor network (WSN) - is not

IoT API Management

● Challenges require planning and foresight:

o Versioning/Updates

Not every device supports updates

o Support for ancient things

Devices have long lifecycles

o Performance and scalability

Long reliable operation with a large number of

devices

IoT API Management

● API management:

o Gateways management

o Security management

o Access management and control

o Authentication, authorization

o Leak protection

o Compliance and data security

IoT API Management

● Type 1: A single device with all API management

capabilities

● Type 2: The device gets all the requests and asks for a

confirmation from a separate authorization manager

● Type 3: An authorization gateway receives all the

requests, transmits the authorized requests to the device

● Type 4: A Combination of previous + Routing and stats

collection

● Type 5,6,.. : More complex patterns (Routing & Queues)

IoT API Management

● Sensor middleware and API Management for IoT play an important

role:

o Provide data fusion

o Contextual information

o Data communication

o Coordination and synchronization

o Data & protocol interoperability

o Privacy and security

o Fault tolerance

Emoncms - monitoring

● Open-source web-app for processing, logging

and visualising:

o energy

o temperature

o other environmental data

● Use-case: Create an energy model of your house

to work out where energy is lost and explore the

effect of measures

Emoncms

● System Overview:

Emoncms

● The system comprises of wireless sensor nodes

that send data at periodic intervals to a web-

connected base-station

● Base stations:

o Raspberry Pi with an RFM12Pi wireless adapter

o NanodeRF (Arduino + Ethernet clone)

● Data:

o AC Electricity, Temperature, Humidity, e.t.c

Emoncms

● Wireless nodes:

o emonTx - Electricity Energy Monitoring

o emonTH - Temperature and Humidity Monitoring

o emonGLCD - wireless LCD display. Can be added to

the system like any other node

● Log, process and display monitored data:

o Input processing allows to manipulate the input data

before storing it in the emoncms database.

Emoncms

● Visualisation and Dashboards:

o Zoom through large datasets, compare

multiple datasets by using the multigraph

visualisation builder

o Create dashboards out of a series of widgets

and visualisations with a fully visual drag and

drop dashboard editor