Ad block

Securing your IoT deployment—from the device to the cloud

Author Jonathan Cassell takes a look at some of the measures engineers are undertaking to secure their IoT deployments and the critical role that a cloud-based IoT management system plays in each activity.

Cybercrime is a big business—a $600 billion market that’s larger than many legitimate industries, such as the global markets for education, water / sewage, and arts / entertainment. Like any other industry, competitors in the cybercrime business naturally will gravitate toward the largest available markets. Today, the internet of things (IoT) represents a massive opportunity for cybercriminals, with each of the world’s 7 billion IoT devices representing another chance to ply their dark trade.

Because of this, security has become a paramount concern in IoT devices and in the edge-computing systems that serve them. IoT device manufacturers are increasingly employing built-in security measures to prevent online hacking. However, securing the IoT involves far more than simply hardening devices.

Instead, what’s needed is a comprehensive solution that applies a combination of cyber- and physical-security measures that are managed through a cloud-based system. Using such a system, IoT engineers can protect the safety of data no matter where it resides—whether in a device, an edge-computing system, or the cloud.

Security is in the chips

IoT security starts at the device level, safeguarding the data collected, stored, processed and transmitted by specific end-nodes. However, some IoT devices share large quantities of data with the cloud. Thus, security solutions in IoT devices not only must protect the device itself, but information transferred across networks.

These security solutions are implemented within microchips, with IoT devices sporting built-in encryption, authentication and security-key hardware. This allows the devices to securely transfer data over networks.

These solutions also secure the microprocessor or microcontroller running the system, integrating features designed to ensure data integrity. They can even encrypt data transferred between chips within the IoT device. Because IoT devices are often located in remote, unprotected places, secure chips also incorporate physical security systems, including anti-tampering schemes that erase data if their enclosure is penetrated.

Here, it is worth stating that the growth in number of IoT devices at the edge is exponential. And with such aggressive growth potential predicted for the foreseeable future, the concerns regarding a security breach is growing for not only end users but for original equipment manufacturers (OEMs) developing them as well.

What’s more, breaches are fast becoming common place and the costs of not protecting the IoT is becoming severe. From CSO online:

“Ponemon Institute estimates an average breach cost of $3.5 million in 2017, with a 27% probability that a U.S. company will experience a breach in the next 24 months that costs them between $1.1M and $3.8M.”

While there are monetary costs, the costs go beyond simple dollars and cents: they can negatively impact a company’s reputation, time spent dealing with the breach and more recently, legal consequences through legislation like the European Union’s General Data Protection Act (GDPR) and legislation such as the recent California Bill: Senate Bill No. 327 CHAPTER 886.

“This bill, beginning on January 1, 2020, would require a manufacturer of a connected device, as those terms are defined, to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure, as specified.”

With all of this being said, it is becoming increasingly obvious the growing importance of implementing security in the IoT devices at the edge. Fortunately, companies like Arrow Electronics have invested to help secure the Internet of Things at the device level. Secure programming and provisioning technology is based on a highly secured and reliable chain of trust that enables the rapid deployment of IoT edge nodes and gateways. The ability to authenticate IoT devices and quickly establish trusted connections to the cloud is critical. IoT device security not only allows you to protect your code, but when a device is put on the internet of things, you want to know it is supposed to be there through digital certificate management; you want to be able to see your fleet of devices and if something is wrong you want to have revocation services to minimize costs quickly.

Secure provisioning enables customers to take full advantage of silicon-based security features from leading global manufacturers of secure elements and microcontrollers. These new capabilities have been rolled-out as a value-added service from Arrow to secure IoT devices. One example of this capability can be found here: Arrow Electronics introduces secure provisioning service for NXP based IoT devices.

Security for edge IT

Rising alongside the IoT is an approach to IT called “edge computing.” Edge computing represents an intermediate data-processing stage that analyzes data generated by IoT devices before the information is sent to a data center. This improves the performance and efficiency of data processing and winnows down the amount of information to prevent data centers from being overwhelmed with inputs.

However, such edge-computing operations face one of the biggest security risks related to the cloud: transferring sensitive data over a network, where it could be susceptible to hacking.

One solution to securing this data is provided by the Microsoft Azure Data Box Edge. The Data Box Edge is an actual physical appliance specifically designed to easily and efficiently move data to and from Azure. To secure these transfers, the Data Box Edge uses Microsoft’s BitLocker technology, which includes hardware for encrypting and securing data sent over the internet.

Security in the cloud

Beyond device and edge-computing security concerns, engineers need a cloud-based platform designed to ensure security in IoT deployments. Azure includes a range of security measures, including:

  • Azure Active Directory for user authentication and authorization, controlling access to cloud data and allowing nearly instantaneous revocation of access to IoT devices connected to the Azure cloud.
  • Secure storage of all IoT infrastructure keys.
  • Monitoring of all data accesses to alert users of intrusions or unauthorized access.

Putting it all together

While cloud-based platforms represent the optimal path to implementing security in IoT systems, it can be slow, difficult and complex for companies to undertake the transition to such a cloud solution. To quickly gain the advantages of cloud-based IoT, engineers need to collaborate with a solutions provider that has the experience, expertise and industry connections to rapidly secure a cloud-based IoT system.

For example, Arrow provides comprehensive cloud solution packages designed to support rapid deployment of cloud services. What’s more, the company works with top cloud technology providers—including Microsoft—to provision the industry’s most sophisticated solutions.

The bottom line on IoT security

In an era when cybercrime generates more money than some legitimate industries, engineers must act now to secure their IoT deployments—including devices, edge-computing installations and cloud-based platforms. By employing a cloud -based platform and working with an experienced cloud and IoT integrator, engineers can quickly take steps to ensure their systems remain safe.

Interested in learning more?

For more information on this topic, or to get in touch with engineering specialist who can help answer any questions you might have, head to arrow.com

Microsoft Azure drives IoT deployments

The internet of things (IoT) is like a jigsaw puzzle—that is, a jigsaw puzzle with 7.8 billion pieces. Just like a jigsaw puzzle, each device in an IoT deployment needs to be in the right place and the correct orientation for the pieces to come together into a beautiful whole. Developers of IoT systems for major projects like industrial systems, smart buildings and smart cities face significant challenges keeping all the pieces in place, from provisioning, to updating software on specific devices, to managing maintenance notifications.

For the modern-day developer, cloud-based solutions represent an essential asset for deploying and operating of IoT systems, providing essential tools for securely connecting, monitoring and managing devices. Businesses are becoming increasingly aware of this trend, with the cloud playing an essential role in IoT deployments and digital products.

For example, the popular Ring Doorbell connects to a company-operated cloud to manage the device and to send security notifications to user’s smartphone or tablet. The Ring Doorbell also is capable of recording video in the cloud and making that video instantly available to thousands of users in a seamless end-to-end experience. Every day, additional Ring users put stress on the system to scale storage effectively. This requires a cloud solution that can easily scale to meet uptime and workload demands.

Using hyperscale cloud appliances like Azure—Microsoft’s open cloud-computing platform—engineers can develop and manage IoT deployments with unprecedented ease and sophistication, from system-wide firmware updates, to device-specific application revisions.

This article describes how two companies are leveraging Azure’s capabilities to drive the development of exciting new IoT projects—and even play a key role in the digital transformation of their businesses.

PCL uses Azure to gain deeper construction insights

Headquartered in Edmonton, Canada, PCL Construction encompasses a family of building companies employing more than 4,000 workers in the United States, Canada and Australia. To meet customer demand for digital solutions, PCL decided it needed to gain a greater understanding of the entire construction process, from planning, to the actual construction phase, to post-construction, to occupancy. To achieve this, the company has initiated a digital transformation strategy that involves the adoption of cloud computing, business intelligence and analytics, smart integration and mobility.

PCL is putting its technical acumen to the test with the high-profile Stantec Tower project in Edmonton, where it is implementing a smart-building infrastructure during construction. The company has developed an IoT-based smart construction platform called Job Site Insights based on Microsoft’s Azure, Azure Digital Twins and Azure Maps.

Digital Twins produces virtual representations of physical environments, allowing customers to access data for a space, rather than for separate sensors. This allows the creation of comprehensive digital models that represent any physical environment. By modeling the interactions among people, places and things, Digital Twins can create new efficiencies and improve the usefulness of spaces, according to Microsoft.

Azure Maps provides location application programming interfaces that enhances data with geospatial context, allowing the creation of location-aware apps.

As part of the project, PCL is installing various types of IoT sensors into the building during the construction phase. These sensors automatically monitor, temperature, humidity and air pressure in 483 units within Stantec Tower, a process that’s typically conducted manually. This data is streamed through the entire lifetime of the project, automatically identifying trouble-spots that can be instantly addressed during the construction phase.

The system allows PCL to focus its manpower on more value-added tasks and away from routine monitoring jobs. It also will cut an estimated 15% to 20% from PCL’s annual energy costs, which can total as much as $300 million annually.

WMF brews up IoT solution for coffee machines

WMF Group of Germany is a major seller of tableware and kitchenware products to consumers and businesses. Part of the company’s business involves the sale of professional, fully-automatic coffee machines used in hotels and restaurants. These machines that are maintained and repaired in the field by truck-borne service engineers.

To improve the efficiency of the process, WMF has developed a platform on Azure and Power Bi—Microsoft’s business analytics service—that offers all the elements needed for storing and analyzing data in the cloud. Using this platform—called CoffeeConnect—coffee machines in a hotel or restaurant can transmit repair information to the service engineers in advance, allowing them to prepare for the specific fix that needs to be performed.

Moreover, using Microsoft HoloLens, WMF’s customers can visualize CAD drawings interactively, helping them perform repair work in the field.

The fastest route to cloud-based IoT

With the cloud and IoT reshaping entire businesses and industries on a daily basis, it’s essential for companies to get on the bandwagon immediately to avoid being left behind. However, the complexity involved in selecting and adopting a cloud IoT solution can be daunting, causing delays in the migration.

When considering the adoption of a platform like Azure, companies need to work with a partner that can match their needs with quick-turn solutions that accelerate time-to-market. For example, Arrow’s Enterprise Computing Solutions group offers hardware, software and solutions for the private cloud, public cloud, hybrid cloud, cloud hosting and enterprise cloud technologies and services. These offerings include access to Microsoft’s suite of cloud applications and services, including Azure.

Arrow company eInfochips also provides support for companies engaging in cloud migrations. Specializing in product engineering and semiconductor design services, eInfochips can assist with digital transformation and connected IoT solutions across various cloud platforms, including Azure.

Arrow is an end-to-end technology platform that supports engineers, developers and IT infrastructures to power optimal delivery of IoT products. Using Arrow’ cloud services, customers can quickly deploy Azure-based IoT solutions, gaining access to the full range of capabilities offered by the Microsoft platform.

To solve the IoT jigsaw puzzle, businesses increasingly are turning to cloud-based platforms like Azure. Companies that plan to make a quick transition to such platforms should consider engaging with a channel partner that can facilitate the quick migration to a cloud-IoT solution.

Interested in learning more?

For more information on this topic, or to get in touch with engineering specialist who can help answer any questions you might have, head to arrow.com

Ambient intelligence requires cloud platforms with flexible AI deployment

To build truly intelligent ambient environments, organizations are adopting cloud-based platforms that can apply artificial intelligence (AI) algorithms across all kinds of IoT deployments—spanning from the edge to the cloud.

At the airport, you check in by showing your ID and boarding pass—just once—and then breeze through baggage, security and boarding without showing any documents again. After your flight, a self-driving car pulls up directly in front of you at the airport curb, arriving at just the right time to take you directly to your hotel. At the hotel, you are checked in automatically as you enter the front door, and a digital key to your hotel room is loaded to an app on your smartphone. As you approach your room, the door unlocks and the lighting and heating adjust themselves to fit your tastes—all without anyone lifting a single finger.

Making this hassle-free scenario possible is a range of technologies working collaboratively, including surveillance cameras, artificial intelligence (AI) face-recognition algorithms, location-aware apps and the internet of things (IoT). In combination, these and other technologies comprise the building blocks of “ambient intelligence,” i.e., environments that are aware and can interact with individuals. In the era of ambient intelligence, such technologies often are virtually invisible, integrating into the environment to simplify everyday tasks, enhance safety and allow individuals to become more productive.

Many of the capabilities described at the beginning of this article already exist, from a streamlined passenger identification system at Aruba Airport, to Waymo’s driverless transportation service for guests at a Phoenix hotel, to Hilton’s Digital Key, to Marriott’s smart-room project. However, to build truly intelligent ambient environments, organizations are adopting cloud-based platforms that can apply artificial intelligence (AI) algorithms across all kinds of IoT deployments—spanning from the edge to the cloud.

Cloud-based solutions, such as Microsoft’s Azure, are essential to enabling ambient intelligence. Working in combination with edge-computing solutions, these platforms allow customers to quickly develop applications and to manage and maintain devices. They also allow customers to take full advantage of the information gathered by ambient-intelligent systems, using cloud-based analytics and artificial intelligence to turn data into useful insights that can generate new revenue and business opportunities.

Inside ambient-intelligence products

At their heart, devices that support ambient intelligence are IoT devices, i.e., embedded systems equipped with sensors and wireless network connectivity. However, such devices also are defined by other characteristics, including context awareness, personalization, adaptiveness and anticipatory intelligence.

The successful implementation of such capabilities is dependent on AI technologies, including face recognition, object recognition, natural language processing and human action recognition. Some ambient devices are employing limited amounts of AI, instead focusing on hardware and operational technologies, like sensors and communications. However, such inadequate AI capabilities eventually will stymie the capabilities of ambient-intelligence systems.

To overcome deficiencies in intelligence, ambient intelligence devices can send AI algorithms to the cloud for processing. However, cloud processing presents drawbacks in terms of power consumption and performance. As a result, many new IoT devices are integrating more sophisticated electronics—such as graphics processing unit (GPU) microchips—that are capable of handling compute-intensive AI tasks. For example, GPU market leader Nvidia is offering the TX2 Developer Kit designed for building AI-enabled edge devices and software.

A truly flexible ambient intelligence platform should be able to support both cloud and edge AI deployments, providing the flexibility needed to work with any type of device, whether that device has built-in AI capabilities or not.

The following sections examine the solution companies are using for their ambient-intelligence projects.

Shell technology puts safety first at gas stations

Royal Dutch Shell is an energy giant, listed as the world’s fifth largest company in terms of revenue in 2017, according to the Fortune 500 ranking. The company operates 44,000 gas stations worldwide, serving 30 million retail customers.

For these stations, safety and security are paramount concerns, with occurrences such as thefts, smoking, car accidents and refueling mishaps potentially resulting in dangerous and costly problems. Surveillance cameras can collect video of such events. However, to make this video useful, it must be monitored and reviewed—a process that can consume massive quantities of time, money and manpower when conducted manually.

Shell is aiming to provide a faster and cheaper alternative using AI technologies. The company has developed a system that uses closed-circuit camera footage and IoT technology to automatically identify safety hazards and quickly alert staff to quickly respond to potential problems. Deep-learning algorithms located in the cloud and the edge monitor the video feeds and identify any events that could represent a safety or security issue.

This approach is much faster, less expensive and less labor intensive than manual review.

When building a pilot version of this system, Shell chose Microsoft’s Azure platform to serve as the basis. Azure is designed to support the building and management of applications and services. Microsoft’s Azure IoT Edge offering is a cloud service that can distribute and run algorithms on cross-platform IoT devices, allowing AI applications to run both in the cloud or offline.

Honeywell offers building-automation solution

Product and system vendor Honeywell is a leader in commercial building automation systems and products. Honeywell now is offering the Honeywell Vector Occupant App, designed to serve the needs of building managers and occupants by promoting greater efficiency.

The Vector Occupant App leverages IoT connectivity to deliver features including indoor location, mapping, routing, presence, proximity notifications and analytics. With the App, building occupants can unlock doors remotely, issue their opinions on room comfort levels and reserve meeting spaces from their smartphones—among other capabilities.

Honeywell chose Azure to power its app. Azure provides cloud-based big-data processing that allows the app to enhance the usefulness of its analytics.

View SmartProtect smartens up windows

View Inc. is a provider of smart-window products. The company’s SmartProtect solution can automatically and instantly detect any glass breakage. When breakage occurs, a warning is sent through Azure IoT to SmartProtect, informing customers about the time and location of the breakage.

View stated that SmartProtect is just the first of many Azure-based IoT solutions it plans to offer. The company aims to bring greater intelligence and personalization to buildings via smart window technology.

The ambient intelligence future

With the technological building blocks in place, the number of ambient technology deployments is likely to rise dramatically in the coming years. Organizations engaged in ambient intelligence projects need to adopt cloud platforms that can support both cloud and edge deployments to develop exciting new applications. Cloud-based solutions like Azure offer capabilities that are essential for deploying and managing IoT systems, as well as for conducting data analytics required in successful ambient intelligence deployments.

Interested in learning more?

For more information on this topic, or to get in touch with engineering specialist who can help answer any questions you might have, head to arrow.com

Ad block