How IoT and microservices can overcome the mass data challenge

Our planet is changing. An ever-growing population combined with a rapidly-escalating increase in traffic and the number of extreme weather events is putting continuous pressure on our infrastructure assets. IoT technology is no longer a ‘nice-to-have’ but increasingly a necessity when it comes to the future, across everything from smart devices in the home, to helping manage the smartest cities on the planet.

In the UK, the infrastructure challenges are ever-present, with a population that has increased by 8% since 2006, motorway traffic rising by 10% and extreme weather events occurring four times more frequently as our planet continues to change. These changes present clear challenges, both to private businesses and to the broader public sector, and planning for the future is a must, says Manish Jethwa, chief product & technology officer at Yotta.

To give our infrastructure the best chance of coping with this new environment, we can no longer take a reactive approach to maintenance and services. Today, a more predictive way of working is urgently required.

Sensors play a crucial role in this process. When placed on infrastructure assets such as highways, streetlights and drain gulleys, they essentially become the pulse of the road. Every minute, these devices feed back countless amounts of data into a communication network, which can then be passed to a management analytics device before being displayed in an application.

However, it is easy for data to become unmanageable when quantities continue to rise over terabytes and petabyte levels, where it becomes imperative that there is a sound infrastructure in place to mediate the collected data. That’s where meta-level data analytics can help. While businesses can use the cloud to help reduce the sheer amount of data that is being gathered by sensors and probes, it’s important to analyse what infrastructure is being used to hold and manage the data.

To ease the mass data challenge, a connected asset management platform such as Yotta’s new revolutionary Alloy can help extract large volumes of data collected through the help of microservices. Microservices are built as a suite of modular services that each have a specific role to perform.

These microservices are critical because they can help drive crucial data to the right places, which then allows data analysis to happen at a more general level. Microservices can also be built for predefined service levels for each sector. These thresholds can then be used to detect any notable changes in the sensors, such as a significant rise in traffic, or an increase in water levels within a drain.

Manish Yotta

A further example of this type of data collection in practice is the collection of temperature variations within cities. A process which may require a number of different sensors to collect regular readings. Microservices can provide a valuable service in reducing multiple measurements into key notifications of predefined thresholds being exceeded. It is easy to imagine similar technology being used to monitor noise and air pollution too.

While microservices play a vital role in ensuring data is collected in an efficient way, individual assets […]

The post How IoT and microservices can overcome the mass data challenge appeared first on IoT Now – How to run an IoT enabled business.

Blogs – IoT Now – How to run an IoT enabled business

Industrial Design’s New Challenge: Success Through Connection

Product success in the age of the IoT depends more than ever on blending smart sensors with attractive design and influencing how consumers use devices—or whether they use them at all. (Consider how many fitness trackers are currently sitting in kitchen junk drawers.)

Today’s industrial designers know that for trackers to be worn and loved, they must bring not just utility but delight in some form. That means delivering crucial data and feedback on fitness and health, along with a “cool factor” that melds form with function. With this in mind, Nokia’s Digital Health division set out to design a suite of health devices. The goal was to appeal to users across many different age groups, including seniors and others who don’t always want to wear a gadget that looks like it was designed for jogging. “We wanted to get cool technology that elders and their families want to use,” says Joe Hammer, Nokia’s Global Alliances Director. “And do it in a way that’s noninvasive, empowering, and even a little intriguing.”

The next step in health data

One big step toward consumer-friendly monitors came in 2016. That’s when Nokia’s acquired France’s Withings, a maker of high-design activity trackers and other devices lauded as stylish and easy to use. Nokia’s design studios in Finland, the U.S., and France then set out to upgrade the sensors and expand the product line to include new watches, a connected thermometer, bathroom scales, blood pressure cuffs, and even a hairbrush. Researchers embedded new sensing technology, such as pulse wave velocity, into the scale. This gives consumers access to a vital sign linked with blood pressure that was formerly collected only in clinical settings. With such sensors and a broad appeal, health devices can transcend the “quantified-self” trend to deliver robust data. This will inform users and their doctors in the fight to prevent disease, improve fitness, and ease transitions from hospital stays.

The next step for Nokia is helping busy families keep tabs on elders. “We all want to know more about our parents’ health,” notes Hammer. “But it’s not easy to ask about diet or the number of steps over the phone.” That’s why Nokia worked with IBM Watson’s predictive analytics on an app that helps families, caregivers, and doctors spot changes in the wearer’s daily routine or heart-rate metrics. As a vertically integrated company in health, Nokia has the design advantage of managing the customer experience all the way from wearable devices to health dashboards that patients provide to doctors. “When devices connect to a platform, we can constantly improve them based on how people are using them,” says Alexis Normand, head of B2B at Nokia Digital Health.

 

Nokia now has a wide range of devices designed to monitor health for "aging in place" options for the elderly.

Design for the IoT on Wheels

IoT integration requires a design team’s full attention, whether it is crafting a stylish wristwatch or two-ton vehicles. GM refers to its Watson-enabled OnStar Go system as a “cognitive mobility platform”—a digital commerce system that provides seamless access to goods and services by voice control. OnStar Go’s designers guided the look and feel of the system, such that driver adoption has made it a rapid development platform for new features. And it’s also a means of introducing new business models to automotive products already driving around in the world.

 

GM refers to its Watson-enabled OnStar Go system as a “cognitive mobility platform”—a digital commerce system that provides seamless access to goods and services by voice control.

But business models, sensor technologies, and IoT insights mean nothing without attention to creating experiences that bring real value to consumers. The good news? Today’s designers continually get second chances after a hardware product ships to improve and iterate. Software in everything from wearables to driveables allow designers to continue to tinker, adjust, rethink, and reboot customer experiences throughout the product lifecycle.

Learn more:

IBM and Nokia develop Aging in Place solution to help elderly in their homes

Connected Cars that Care

 

The post Industrial Design’s New Challenge: Success Through Connection appeared first on Internet of Things blog.

Internet of Things blog

LeakKiller Challenge launched to tackle water damage in homes

LeakKiller Challenge launched to tackle water damage in homes

A £15,000 prize is up for grabs for the winner of a new IoT design competition to create a prototype for a low-cost, IoT-based leakage detection and warning system.

The LeakKiller Challenge is a joint initiative between electrical and electronic components company, RS Components (a trading brand of Electrocomponents plc), and Legal and General, the FTSE100 financial services group.

The goal is to turn the winning design into an end-product that can be installed by Legal & General customers to protect their homes and belongings from leaks, with a view to reducing their insurance premiums.

Read more: UK insurance market lags on digital, says LexisNexis

LeakKiller criteria

According to the Association of British Insurers (ABI), almost one in five claims made on buildings and content insurance were for damage caused by leaks; with insurers paying out around £2.5 million every day in claims. In addition, the insurance industry has seen a 4 percent rise in the average cost of water leakage claims over the last three years.

The LeakKiller Challenge is designed to identify inexpensive ways to detect leaks in homes – for example, by installing sensors beneath household appliances. Entries for the competition must address one or more of three challenge criteria: detecting unusual flows of water; detecting the presence of water in areas where it shouldn’t be found; and automatically shutting off the supply of water (and potentially electricity too) to avoid damage to the home.

The deadline for entries is 27 November 2017 and the winner will be announced in January 2018. Entrants are encouraged, but not obliged, to take advantage of free, open source DesignSpark software tools and design support resources offered by RS Components to create their entries.

Read more: WaterGroup, Reekoh partner on water saving platform in Australia

Burst pipes and other disasters

Many water leakage claims happen when frozen pipes burst in the winter, but there are plenty of other reasons why leaks occur, according to Legal & General chief digital officer Maarten Ectors. These include poorly installed washing machines or dishwashers, water seeping out from under baths or showers and leaky storage tanks in lofts.

“By initiating the LeakKiller challenge, it’s our goal to harness the power of open source engineering and productize an IoT solution that will, in time, actively prevent leakage incidents from happening and bring down the cost of home insurance for our customers,” he said.

The post LeakKiller Challenge launched to tackle water damage in homes appeared first on Internet of Business.

Internet of Business

IoT soldiers hacked in cyber challenge mock-up

IoT soldiers hacked in mock cyber challenge as prep for Internet of War

The Internet of War appears to be moving ever closer. The latest Cyber Security Challenge UK saw IoT-connected soldiers hacked by a fictitious gang of hackers.

Last Friday, Her Majesty’s Government Communications Centre (HMGCC), the Ministry of Defence (MoD) and defence group BAE Systems, along with the UK Cabinet Office-backed Cyber Security Challenge UK, arranged a mock cyber-attack on IoT connected soldiers in the field at the MoD’s Defence Cyber School, part of the Defence Academy in Shrivenham.

The challenge saw 24 young amateurs pitted against an imaginary hacktivist group on a mission to gain access to experimental military communications equipment used as part of the MoD’s Future Soldier Vision (FSV) programme.

The challenge is the latest round in a series of competitions led by the Cyber Challenge team, which aims to find the best cyber talent in the country and help them develop their skills further. A previous challenge saw 42 young people given the task of preventing a malicious group from gaining access to an internet-connected home.

A stark cyber battleground

Cyber attacks are an everyday reality in 2017, affecting multiple industries and business both large and small, particularly where the IoT is concerned. Everyone is seemingly vulnerable, and the military, despite so often being at the forefront of technological advancement, is no different.

A lack of cyber skills, meanwhile, is a problem in most countries worldwide. (ISC)2, the world’s largest independent body of information security professionals, predicts a shortfall of 1.8 million cyber savvy workers by 2022 if current employment trends continue.

In response, governments around the world have begun to explore the possibility of legislating to tackle the problem, but investment in technology and people has proved more popular. In October 2016, UK defence secretary Michael Fallon highlighted the scale of the cybercrime threat and announced that the UK Government will invest up to £265 million to boost the defence of the UK’s military cyber systems, including in upskilling the workforce.

Real-life scenarios

Competitions run by the Cyber Challenge are one way to ensure that the UK is better prepared for a malicious breach. The organization runs lifelike simulations of attacks, in order to test the skills of candidates, and judges also assess their psychological responses.

In this particular scenario, created by cyber specialists from HMGCC, contestants were challenged to use their cyber security skills to safeguard the experimental soldiers’ geo-tracking technology.

Midway through the test, the system was hijacked using a man-in-the-middle attack by a cooked-up team of hacktivists. In this sophisticated type of cyber-attack, communications are intercepted and manipulated, typically without being detected. The team lost contact with the soldiers, and were thus launched into a race against the clock to remediate the situation.

Cyber amateurs battle to prevent man-in-the-middle attack (Photo: Cyber Security Challenge UK)

The candidates were ordered to report to military chiefs to explain their understanding of the situation, such as why contact was lost, and required to advise on appropriate responses, in keeping with international legal guidelines. The challenge therefore tested their legal knowledge, too, while other tasks, such as puzzles and ciphers hidden around the military site, tested their cryptography and problem-solving skills.

A total of 12 candidates, including a boy of 15, have progressed to the Masterclass grand final, to be held in November. Cyber Challenge says the winners could be offered job contracts worth on average £60,000 per annum.

Read more: Small businesses doing better at IoT security than larger enterprises

The future in action

Explaining the value of the challenge from a government perspective, an HMGCC spokesperson said: “Our work involves the design and delivery of communication systems and technical solutions to protect national security at home and overseas, and finding people with the capabilities to keep delivering this is paramount.

“Through initiatives such as the Cyber Security Challenge UK, we can watch the future of the industry in action, and this gives us so much confidence as we see first-hand the talent that is available to us and the country as a whole. Our customers are various government bodies, and we’re growing fast thanks to their increasing demand for our services. Now we need even more fresh talent on board.”

Read more: UK/India consortium explore blockchain for healthcare IoT security

The post IoT soldiers hacked in cyber challenge mock-up appeared first on Internet of Business.

Internet of Business

Why data security is really everyone’s challenge today

the concept of computer security. Hacker breaks binary data

The prevalence and proliferation of connected devices has undoubtedly improved efficiency in people’s lives, but the massive amounts of personal data required to operate such devices has raised numerous safety and security concerns. We spoke with Gerald Reddig, Nokia’s head of security marketing, and Daisy Su, Nokia’s connected device platform marketing manager, to gain a better understanding of what’s happening in the IoT security landscape, and what Nokia is doing to ensure that customers’ data stays safe.

ReadWrite: The Internet of Things provides new ways to use services that are reliant on data and providing a platform in the cloud. So we kind of know that end users are going to have issues around data security. How do we overcome the customer’s fears regarding security? 

Gerald Reddig: One of the nice proof points for all of the initiatives that we started in Nokia has to do with the Mirai botnet attack — the biggest IoT attack ever.

This type of breach attacks internet or service providers; in the Mirai case, the service provider was hacked by IoT devices that were managed by neither the end user nor the manufacturer. This raised an important question in the IoT industry — should we secure the device itself or the data from the device, within the application server? The bottom line is that there is actually no single magic security bullet that can easily fix all the key IoT security issues. You need to attack the problem from different angles. 

There are a range of different issues to consider in IoT security. The first is IoT network security, which protects and secures the DNS or connected devices to backend systems on the Internet. Then there’s IoT authentication, which provides the ability for users to penetrate the IoT device and the management of overseeing the device. The third is encryption, or putting data in transit between IoT edge devices and backend systems. IoT public key infrastructure (PKI) typically originates from service providers and ensures that the radio access network (RAN) system provides digital certificates and cryptographic lifecycle capabilities. The fifth and biggest industry topic right now is IoT security analytics, which is process of collecting, aggregating, and monitoring all of the data.

These top five IoT security pieces are on Nokia’s radar to help security become more proactive, rather than simply reactive.  Nokia developed a security architecture for service providers and enterprises that helps to deploy the right balance between both proactive and reactive security.

RW: Where do devices fit into the security picture?

Daisy Su: When talking about security, we need to focus on end-to-end security, covering not only network connectivity and the applications in which the user data is being transported, but also the device itself. What we have learned and discovered is that many IoT devices behave similarly to mobile devices in terms of connecting to mobile networks, and we need to make sure that the device management lifecycle that we traditionally do for mobile is applied to the entire IoT as well. Here are a few common security questions related to mobile devices that are relevant to IoT:   

  • How do we authenticate devices to make sure that they have the correct identities and credentials to be allowed into the system without compromising the network? 
  • How do we apply access control to make sure that the right users and the right devices do only what they are supposed to do?
  • How do we ensure that the data from the devices is transported through a secure channel onto mobile networks so that it cannot be compromised tampered with?
  • How do we ensure data confidentiality, so that the intended receiver of the data is the only one who can read the data?
  • How do we ensure that we know the status and the availability of all the devices connecting to this network?

We also need to be able to generate secure passwords and allow future locking and wiping for IoT devices if they are compromised. It is essential that we be able to apply security fixes remotely and to neutralize the IoT security threat when vulnerability is detected.

Many IoT developers today have not focused strongly enough on how to secure the devices and connectivity to the networks. They have a general understanding on how to secure devices from the Internet point of view, but securing them on a mobile network involves very different knowledge, experience, and learning. There are a lot of back doors in IoT that people just don’t know how to close. Nokia has solutions to help both IoT service providers and mobile network operators track down and actively secure the vulnerable devices before, during, and after the attacks. We also provide a way to access millions of network connected devices, secure them and apply software update and security patches remotely. 

RW: What are some of the best practices, as we add millions of devices, in terms of deploying IoT networks?

DS: Managing network-connected devices starts with making sure that devices are certified according to industry standards and network operators’ specifications. At Nokia, we are helping service providers certify their mobile and IoT devices before on-boarding them to their network. For example, with our largest North American operators, we provide self-verification for device vendors to test their devices against the device protocols required. We also provide verification services for both network operators and device vendors to test and verify the devices with the end-to-end network use cases, making sure that they don’t compromise the network once they connect.

Once the device is certified, being able to connect the network to the proper on-boarding procedure is really important. The on-boarding procedure has to make sure that these devices are authorized and authenticated to connect to the network in real time.

But the complete device lifecycle management goes beyond certification and on-boarding. With Nokia Connected Device Platform, we can qualify the devices and detect new devices as soon as they attempt to connect to the network, thus authenticating and authorizing proper devices for access to the network. We can automatically and remotely activate, deactivate, and configure features and functionalities for the devices based on triggered policies and mobile network requirements. We can also provide maintenance functions, and identify and manage the flaws with the devices. Additionally, we can efficiently apply the most recent software and firmware updates onto millions of network-connected devices remotely. 

When devices need security updates, these can be burdensome tasks, but we at Nokia can provide and support security updates for the mobile service provider. With IoT, there are multiple device models and that are flooding the network, each of which supports multiple OS versions; every security update must be unique to a specific device model’s specific OS system.

So with millions of IoT devices connected to multiple networks, you have to figure out a way to update devices in the least amount of time and effort possible. You need a dynamic system to enable you to organize, analyze, and apply that firmware. At Nokia, we have successfully updated the security of more than 300 million mobile devices.

GR: What Daisy just described is incident prevention, incident detection, and incident mitigation. The second part, incident detection, is where the service providers play an important role with sophisticated machine learning analytics software. All of these big data techniques provide more predictive modeling for anomaly detection. 

RW: There are a lot of solutions out there, and Nokia has it’s own as well, but what’s unique about how you’re addressing attack prevention?

GR: Our end-to-end security portfolio, which is called Netguard Security, makes it simpler by cutting the security issue into three main blocks. Block one is endpoint security, which involves the encryption and authentication of end points and the detection of traffic anomalies. The second block is network security —  the most essential part and probably, from the market revenue perspective, the most relevant because it covers the perimeter protection against external attacks. Block three is security management, which helps reduce the response time of security teams and even automate parts of mitigation processes.  

Let’s use the Mirai botnet attack again as an example. Our threat intelligence center alerted our customer by providing guidance on how to react and implement new security policies, though in many of our networks, Mirai was not present at all. Still, we made sure that our customer was prepared in case they were attacked — that’s a critical part of security prevention. This kind of threat intelligence helps all customers implement preventative security, and with the even more sophisticated attacks we see on the cybersecurity horizon, you can’t be too prepared. 

RW: Is there a different approach for enterprise? How is Nokia dealing with this target?

GR: What comes to mind is my recent conversations with some enterprises at one of the trade shows in the critical communication world in Hong Kong — the question I always get is how I can make sure that the convergence that happens between information technology and operations technology does not create a disaster precipitated by a hacker attack. The typical nightmare scenario for all security people working in the utility industry is that someone could hack into the IT system and get across to the OT. We have also recently seen attacks involving advanced persistent threats, like in Ukraine, where hackers gained access to the power grid system and denied thousands of people electricity for a few days.

The critical question is not that there is a big difference between SP service providers and enterprises, but rather how to reduce the pain of the volume and the velocity of security data alerts. More than 90 percent of enterprises receive more than 150,000 security alerts a year. With only a small team, there’s no way to look to all of the alerts; our research found was that only 30 percent of security alerts are investigated.

This makes today’s technology landscape fertile ground for hackers. Target Inc., for example, has been hacked, and the hackers lurked inside the company’s network for months before they started exfiltrating the actual credit card data. Hackers are masters at waiting until the prime opportunity to strike presents itself; the average dwell time, the time that threat actors lingers in a victim’s environment until they are detected, in cyberspace is 146 days. Today, we know that hackers are beginning to compromise low-value assets capture the big fish — the high value assets. We must make the dwell time harder and shorter to make hacking itself harder. This requires new security management to reduce the alert noise and focus on the real threats.

Finally, we must shorten the time between detection and remediation. And that’s what Nokia developed. Our NetGuard security management centers are easy-to-use security operations, analytics, and reporting software solutions that enable operators to prevent, pinpoint, and address security threats before they result in breaches. It shrinks detection time by 80 percent, and accelerates recovery time by 75 percent and investigation time by more than 50 percent.

DS: Securely on-boarding network-connected devices is essential, regardless of whether the IoT devices are provided by the service provider or enterprise. If the IoT devices provided by the enterprise need to connect to the mobile network, the same device lifecycle management procedures described earlier are applicable onto all those enterprise IoT devices as well.

RW: What is the killer app for security on the horizon?

GR: That question makes it seem like there is a one-size-fits-all solution, but such a solution probably doesn’t exist. The same applies for cloud security and for smartphone security. Whenever we talk about security, all of the products and interlocking interfaces should be integrated so that we have a cohesive end-to-end solution that provides all of the unique capabilities help for our customers to address the evolving security threat. And that happens for mobile broadband, for IoT, for cloud, or for whatever the technological disruptions are prevalent at the time.

I’ve never heard of a killer app, but I think the right structure and strategy means from professional security to investigate where security holes exist, the right mix of security hardware and software deployments to prevent and detect security threats, and a mitigation system with a rapid response automation is essential. All three of those things help keep the balance between proactive and reactive security. Still, even that solution doesn’t work for everyone. 

RW: I kind of asked that question knowing that the answer was going to be no, but I wanted to know anyway.

DS: Basically, security is the job of everyone — the users, the software, every single network element, every device on the network, everything.

This article was produced in partnership with Nokia.

The post Why data security is really everyone’s challenge today appeared first on ReadWrite.

ReadWrite