Security News: Key Reinstallation Attacks (KRACK)

Today, a new vulnerability affecting the security of WPA2 protected wireless networks was disclosed. The Key Reinstallation Attack (KRACK) can render the network encryption transparent, allowing traffic to be viewed and – in certain circumstances – interfered with.

While the attack poses challenges for some network users, it does not affect the security of Electric Imp devices. The Electric Imp IoT platform was designed from the start to deal with real-world issues such as weak (or non-existent) network encryption, and so our platform treats all network links as untrusted. Instead, we rely on a mutually-authenticated TLS1.2 ECDHE link to secure the traffic between endpoint and cloud, preventing MITM attacks, data snooping and malicious traffic injection.

In addition to this transit security, we implement an Ed25519 based challenge-response to prevent device impersonation even in the event of a TLS key compromise.

When our silicon provider patches their WPA supplicant to withstand the KRACK attack, we will incorporate the fixes in our next impOS release, just as impOS 36 addressed the Broadpwn vulnerabilities revealed earlier this year. All devices on the Electric Imp IoT platform receive OS and security updates directly, relieving our customers from security maintenance duties and keeping the entire installed base fully patched and up to date.

Until that point, though an attacker within wireless range can – at worst – cause denial of service problems, they cannot interfere with, decrypt, or impersonate, valid imp traffic. It should be noted that any attacker within wireless range can also simply use a jammer to prevent network operation, which is a problem no amount of software can fix.

Hugo Fiennes
CEO and Co-Founder of Electric Imp

Electric Imp Blog

Electric Imp Secure IoT Platform and KiWi Power Deliver Next Generation of Intelligent Grid Monitoring and Demand Response Solutions

Electric Imp, a global leader providing enterprise secure IoT, today announced that KiWi Power, the UK’s leading demand response aggregator, is using the Electric Imp IoT Platform to deliver the next generation of innovative, low-cost devices for intelligent electrical metering and energy use control.

image

KiWi Power is utilizing the Electric Imp IoT Platform to address security, scalability and lifecycle management for its industrial IoT-connected product, known as Fruit, resulting in a dramatic reduction of the overall cost required to build, deploy and maintain its devices. According to KiWi Power, the Electric Imp IoT Platform enabled a reduction in development time of Fruit from 18 to 10 months, and cut hardware and installation costs by 40 percent.

Through the real-time collection of energy usage, asset control and demand response status, KiWi Power customers are now able to proactively forecast future events and minimize the impact of automated demand response events on building operations to actively manage energy usage and reduce costs.

“Demand response is a powerful tool for driving greater energy efficiency and, ultimately, more reliable and greener power. However, the expense of developing, managing and securing these systems can adversely impact deployment, and hence limit the benefits to the electricity grid,” said Hugo Fiennes, Electric Imp CEO. “By building on the Electric Imp IoT Platform, KiWi Power gains the full lifecycle security, scalability, device management and robust integration their customers need for the next-generation of energy cost control.”

“We needed a modular, multi-purpose software platform that would be less costly to install and maintain for Fruit and our future IoT-connected products, and that’s exactly what we get with Electric Imp,” said Yoav Zingher, Co-Founder and CEO at KiWi Power. “Yet it’s not just about operations. It’s about making KiWi products easier to install and configure. Electric Imp makes it possible for each Fruit device to be secure and managed throughout its entire lifecycle, which makes it easier for us to help our customers significantly lower their energy costs. We are already market leaders in Europe, and this will also allow us to expand to U.S. and Asia.”

Additionally, Electric Imp’s scalable cloud computing and communications architecture is enabling KiWi Power to deploy demand response programs tailored to their customers’ specific requirements. This enables KiWi Power customers to purchase only the functionality required to jumpstart their demand response program and easily expand to meet future needs.

Electric Imp Blog

Electric Imp and Autodesk Make it Faster and Easier for Industrial Manufacturing OEMs to Innovate Secure IoT-Enabled Products

Industrial manufacturing OEMs can now build and prototype IoT-enabled products more quickly and easily through a new collaboration between Electric Imp and Autodesk. With the Electric Imp IoT platform and Autodesk’s Fusion Connect, the two industry leaders have launched the IoT Discovery Toolkit, powered by Electric Imp. The comprehensive, first of its kind Toolkit provides the components manufacturers need to securely, rapidly, and cost-effectively evaluate the potential of industrial IoT business opportunities.

IoT Discovery Toolkit

Using the IoT Discovery Toolkit, industrial manufacturing OEMs can connect their devices and visualize IoT data in minutes, not hours or days. The Electric Imp IoT Platform provides firmware development, connectivity, scalability and security, while Autodesk Fusion Connect offers proven “no-coding” solutions for data management, analytics and business applications that remove the need for programmers or data scientists.

Moreover, industrial manufacturing OEMs using the IoT Discovery Toolkit can reduce risk with end-to-end security integrated from the start. It’s all part of an industrial-strength ecosystem that is helping accelerate IoT-enabled solutions and data-driven insights.

“The potential impact of IoT-enabled devices in industrial applications is vast and can enable predictive maintenance and streamline service operations,” said Hugo Fiennes, CEO and co-founder, Electric Imp. “The collaboration with Autodesk offers manufacturers a powerful business advantage – the ability to develop custom IoT-enabled products in a fraction of the time within an industrial-strength ecosystem that helps reduce risk through end-to-end security.”

“IoT is about building your business and your products around real-world data and driving precision business outcomes,” said Bryan Kester, director of IoT, Autodesk. “IoT is a very complex challenge because it combines a wide range of hardware, networking and cloud technologies. By teaming up with Electric Imp, our goal is to simplify the technology so that businesses can move straight to evaluating IoT business opportunities.”

Electric Imp and Autodesk are committed to helping you simplify the end-to-end industrial application development experience. Learn how you can transform your IoT business today by visiting the IoT Discovery Toolkit page and Autodesk’s announcement about the launch.

You can also tune in to the Autodesk Accelerate Conference for more information.

Padma Duvvuri
Head of Business Development
Electric Imp

Electric Imp Blog

Electric Imp Previews the Ultimate in Product Development and Lifecycle Management Tools for IoT: impCentral™

We announced impCentral, our new product development and management platform, in July 2017, with the goal of making massively scalable Internet of Things (IoT) deployments and product lifecycle management easier than ever. impCentral’s foundation API was released for preview at that time, and today we’re very pleased to make our web application, powered by the new API, available as an early preview release.

impCentral is the successor to the Electric Imp IDE. It combines the best software development and production management features from the IDE with a more intuitive and easier to navigate user experience, plus advanced product and device management features.

Screenshot

impCentral’s key benefits include:

  • Scalable to support very high production volumes
  • Workspaces streamline code development and testing for full product lifecycle management
  • New Device Groups provide superior production device segmentation and organization
  • Fully test and dry-run your production process before you go to the factory
  • Fast factory BlinkUp fixture assignment for simplified factory configuration
  • New, simplified navigation for quick access to frequently used tools

The impCentral Public Preview can be used to try out the new web app. We don’t recommend that you use the Public Preview to work on mission-critical code, but any work you do in the Public Preview will be retained as impCentral moves toward a production release through the coming months. Only your account’s unassigned devices will be available for use in impCentral in this phase, and none of your current IDE models will affected.

The Public Preview release will be followed next month (October 2017) with a Beta Release; this will allow you to begin migrating your existing models to impCentral. On December 4, 2017, we’ll release impCentral 1.0 as our sole web-hosted app. At that time, the IDE will be withdrawn from service, and all of your remaining models will automatically migrate to impCentral. Until then, the IDE and impCentral will co-exist, and you should continue to use the IDE for commercial work.

To help you find your way around impCentral, we’ve created an introductory guide to the new UI and its features. We’ve also prepared a series of FAQs to answer questions you may have concerning impCentral’s capabilities and how they differ from the IDE.

The impCentral API has also been updated and now enters its beta release phase. It will be available at a new location: api.electricimp.com/v5. The preview URL, preview-api.electricimp.com/v5, has now been deprecated, so please update any software that uses the preview URL. Any Products, Device Groups and code you created while you were using the impCentral API Public Preview will continue to be available.

As you try out the impCentral Public Preview and the impCentral API Beta, please let us know on the Electric Imp Forum how you’re getting on, or about any problems you experience. We’d also like to hear from you if you have suggestions for future releases.

Kenny Lee,
impCentral Product Manager,
Electric Imp

Electric Imp Blog

Electric Imp announces a fully-integrated “All-Azure” solution

When it comes to IoT adoption across industrial and commercial enterprises, we continue to see major roadblocks in the form of security concerns, systems compatibility, and the difficulty of integrating IT with operational technology.

To help address these challenges, we’re excited to announce our new “All-Azure” approach, which provides the ultimate in convenience by offering customers a private managed impCloud™ – fully hosted within Microsoft Azure – and full, high-performance integration with Azure IoT Hub.

According to Sam George, Director, Microsoft Azure IoT at Microsoft Corp., “Enterprises are looking for offerings backed by deep expertise as they adopt IoT. Electric Imp has many real-world, large scale industrial-grade IoT deployments. We’re excited that Electric Imp now integrates with Azure IoT Hub – our industrial strength, hyperscale IoT cloud gateway, providing our mutual customers with a commercial-grade combined offering.”

We built our integration to virtually eliminate the complexities of deploying, commissioning, securing, and managing IoT devices at scale for Azure IoT Hub deployments. Azure IoT Hub customers can now focus on capturing and using their valuable business data instead of worrying about overcoming the constantly-changing challenges of first mile connectivity and security.

Electric Imp’s All-Azure Solution for Industrial IoT

  • Private Azure Cloud

    Electric Imp provides an “All-Azure” approach, offering customers a private managed Electric Imp Cloud instance, fully hosted within Microsoft Azure.

  • High-performance AMQP Integration

    Electric Imp’s AMQP support is designed for secure, enterprise-scale, low-latency, bi-directional communication, making it ideally suited for a wide range of high-performance and near-realtime IoT applications.

  • Advanced Functionality for Demanding IoT Deployments

    Electric Imp’s Azure IoT Hub integration includes advanced functionality required for real-world solutions, including secure automatic device on-boarding, custom in-flight data processing and transformation, and fail-safe device management at scale.

  • Secure Integrations with Azure IoT Hub

    Our integration with Azure IoT Hub enables Electric Imp customers to leverage Microsoft’s storage and advanced data analytics, while simplifying the setup and management of highly scalable, secure communications between the silicon edge and your enterprise cloud.

To learn more, visit electricimp.com/microsoft and find press releases, additional blog posts, and more details on how to get started with Electric Imp and Microsoft Azure today.

Padma Duvvuri, Head of Business Development, Electric Imp

Electric Imp Blog