Multiple Mobile Operators Launch Live Commercial LPWANs in Licensed Spectrum Worldwide

Multiple Mobile Operators Launch Live Commercial LPWANs in Licensed Spectrum Worldwide

Multiple Mobile Operators Launch Live Commercial LPWANs in Licensed Spectrum Worldwide

41 Mobile IoT Networks Now Available Worldwide, Supported by IoT Labs and Growing Mobile Innovator Community.

The GSMA today announced that momentum behind Mobile IoT, or licensed Low Power Wide Area (LPWA), networks continues to grow on a global basis.

To date, 23 mobile operators have commercially launched 41 Mobile IoT networks worldwide across both NB-IoT1 and LTE-M2. This growth is supported by 34 IoT Labs and an expanding community of over 800 organisations in the GSMA’s Mobile IoT Innovators Community. According to GSMA Intelligence forecasts, by 2025 there will be 3.1 billion cellular IoT connections, including 1.8 billion licensed LPWA connections.

Alex Sinclair, Chief Technology Officer, GSMA, said:

“2018 is the year that Mobile IoT networks will scale. We have seen huge growth in the availability of commercial networks in licensed spectrum and anticipate seeing many more launches this year. This is underpinned by an expanding community of organisations developing innovative new solutions and a number of IoT Labs helping companies to test out new products and services.”

“Mobile IoT networks are fast becoming the defacto global IoT solution, as only licensed, managed mobile services can provide the secure low power connection that can meet future demand.”

The GSMA also announced that there are now 34 IoT Labs in operation around the world which are available to any operator, module vendor or application provider to develop LPWA devices and applications for a wide variety of different verticals. The Labs provide organisations with the opportunity to perform end-to-end and interoperability testing on the network. AT&T became the latest operator to participate in the IoT Labs initiative, with the support of three AT&T Foundry locations in Atlanta, Georgia and Plano and Houston, Texas, and the AT&T Device Radio Lab (DRL) in Austin, Texas.

Mobile IoT at Mobile World Congress 2018

At Mobile World Congress in Barcelona, the GSMA’s Internet of Things programme will host the ‘6th Mobile IoT Summit’ on 25 February at 1:00pm at the Hesperia Tower Hotel. The Summit will focus on the rapid growth and momentum of Mobile IoT technologies and their power to connect billions of new devices. The programme will also be present at the GSMA Innovation City, showcasing how the IoT is transforming peoples’ lives across the globe in an immersive urban environment. Further, the programme will host dedicated seminars on IoT Big Data and IoT Security and Drones.

The GSMA Mobile IoT Initiative

The GSMA Mobile IoT Initiative was created to help the industry deliver commercial LPWA solutions in licensed spectrum. These new networks are part of the adaptable 5G sliced architecture designed to support mass market IoT applications across a wide variety of applications such as industrial asset tracking, safety monitoring or water and gas metering, that are low cost, use low data rates, require long battery lives and often operate in remote locations. It is currently backed by 74 global mobile operators, device makers and chipset, module and infrastructure companies worldwide. Mobile IoT networks are part of the evolution of the mobile platform and form a key element of the 5G future.

1 NB-IoT networks are available from 3 Hong Kong (Hong Kong); China Mobile (China, Hong Kong); China Telecom (China); China Unicom (China); Chunghwa Telecom (Taiwan); Cosmote (Greece); Deutsche Telekom (Austria, Germany, Netherlands); Dialog (Sri Lanka); Etisalat (UAE); KT (South Korea); LGU+ (South Korea); M1 (Singapore); Mobitel (Sri Lanka); Orange (Belgium); Slovak Telecom (Slovakia); Telia (Finland, Norway); Telstra (Australia); TIM (Italy); T-Mobile (Austria, Germany, Netherlands, Poland); Turkcell (Turkey); Velcom (Belarus) and Vodafone (Australia, Czech Republic, Ireland, Italy, Netherlands, Spain, Turkey).
2 LTE-M networks are available from AT&T (US, Mexico); Etisalat (UAE); KDDI (Japan); KPN (Netherlands); Orange (Belgium); Telstra (Australia); Turkcell (Turkey) and Verizon (US).

The post Multiple Mobile Operators Launch Live Commercial LPWANs in Licensed Spectrum Worldwide appeared first on IoT Business News.

IoT Business News

A “Run Live” Powerplay In The Rink And The Marketplace

In ice hockey, a “powerplay” is when a team has more players on the ice than its opponent. The extra-player advantage gives the team a greater chance to score — and win.

In business, every organization tries to create a power-play situation that gives it a competitive advantage in the marketplace. German hockey team Adler Mannheim is achieving its powerplay through Internet of Things (IoT) technologies, an industry-leading mobile app, and live data.

“Live data plays an important role for us today,” says Daniel Hopp, CEO of Adler Mannheim and the team’s home, SAP Arena. “And it will play an even more important role in the future.”

Live data for a competitive edge

Adler Mannheim is among the most beloved sports teams in Germany. It attracts 11,000 spectators to every game, including 7,000 season ticket holders, the most of any German ice-hockey team.

A key reason for that fan loyalty is the team’s on-the-ice success, with seven German Championship and two German Cup trophies in its trophy case. Hopp aims to sustain that record with the help of sports data processing and analytics, which enables the team to acquire and develop athletic talent and then rapidly evaluate and adapt players and coaching during training and games.

“We use the live data in all areas,” Hopp explains. “The coach can use it to adjust training plans according to the individual requirements of the players. … This is also very important data for our trainers, for the medical team.” Team staff use live data to personalize training programs to each athlete, evaluate the physical condition of players, and determine when an injured player can resume training.

The house that data built

Adler Mannheim’s home, SAP Arena, was purpose-built for the team in 2005. One of the largest arenas in Germany, with capacity for 15,000, the venue attracts 1 million visitors a year for sporting events, concerts, and conferences.

The connected stadium is populated with hundreds of IoT beacons that follow the movement of customers and send them alerts that optimize their visit. The goal is to create what Hopp calls “the perfect trip.” Fans who sign up for the service get automated notifications of which stadium gates aren’t busy, which bathrooms are closest, and which food stands have the shortest lines. In the future, they’ll get details such as train schedules and delays, highway congestion and alternate routes, and where they can book hotel rooms and meals.

The most loyal fans earn points toward super-exclusive offers, like the ability to travel on the team bus, stay at the team hotel, and be included in team photos. The idea is to offer extraordinary experiences that make fans feel like they’re truly part of the Adler Mannheim family.

There’s a fan app for that

This level of fan engagement is made possible through the team’s cutting-edge mobile app. “Producing the Adler fan app was a revolutionary step forward for us,” Hopp recalls.

The app optimizes the game experience by allowing fans to capture data such as player and puck speed, and track player performance. Outside the stadium, fans can track the history and status of new players, the status of injured players, when the next training will take place, when the team will sign autographs, and more.

“The Adler fan app is known throughout Germany, and it is a role model for many other sports clubs nationwide,” Hopp boasts. “That makes us very proud, and we will continue to lead the way in developing this fast and intensive communication with our fans.”

Learn more about how Adler Mannheim’s Daniel Hopp and other leaders are using SAP solutions to help their businesses run live. Watch our exclusive “Leaders Are Live” videos

This article originally appeared on SAP News Center.

Internet of Things – Digitalist Magazine

Live, die, repeat: The security shortcuts endangering IoT device adoption

IoT devices are repeatedly exhibiting the same flaws creating a massive vulnerable attack surface which will inevitably lead to more major attacks. We’ve already seen DDoS attacks increase 91 percent over the course of 2017 due to vulnerable deployed devices, yet estimates suggest only 9 percent of IoT vendor budgets are spent on security. This pitiful investment is leading to shortcuts and a ‘live, die, repeat’ attitude to development that spells disaster for the user and the long-term viability of the IoT seedbed.  

So what are these common issues that are cropping up time and again? Security research reveals specific issues across all aspects of IoT design, from access and connectivity, hardware and firmware, and update mechanisms. 

Access all areas

In terms of access, vendors often fail to implement ‘least privilege’ in the permissions on the device. Without this an attacker can quickly gain root access to the entire system. The root user log-in should require a password and this should not be set by default or hardcoded in as this could mean that one vulnerability, such as having telnet enabled, could provide root access.

Encryption is also another common failing, without which the attacker can recover keys, certificates, hashes, and passwords and again gain control. Using System on a Chip (SoC) to store encryption keys or sensitive information on the device using Trusted Platform Module (TPM) is the preferred option. A secure boot should also be implemented as without this the SoC cannot check the integrity of the bootloader, and the bootloader cannot check the integrity of the firmware. This can allow an attacker to modify firmware of the device, either by subverting controls on the firmware update process, or through physical access to devices.

Just because the device is encrypted doesn’t mean it is protected, however. Poor implementation of encryption such as encryption without MAC, hardcoded IV and weak key generation can all lead to compromise and steer clear of home-grown cryptography. Ensure encryption is extended to include firmware. Attacks can see malicious firmware deployed to devices so sign and validate the signature during updates and ensure that the HTTPS connection is secure, with SSL certificates validated.

Wireless weaknesses

Connectivity is also a major sticking point. There’s a tendency to assume that a local connection over a WiFi access point or Bluetooth Low Energy (BLE) confers some protection because of the limited range of the signal but this can still lead to drive-by attacks. Typically wireless communication is used to pass the user’s SSID and pre-shared key (PSK) to the device, often in plain text, which the attacker can then capture and use.

Redundant functions often provide a convenient entrance point for the attacker. Developers favour off-the-shelf toolkit such as BusyBox, described as the Swiss army knife of embedded Linux, but it’s important to minimise the use of these functions. Similarly, open ports or redundant web user interfaces should be disabled rather than left in place. Devices that ship with serial ports enabled are particularly vulnerable. This can allow the bootloader, a login prompt, or an unprotected shell to be accessed. Such debug headers may well be present for troubleshooting during the development and programming stages but should be disabled in the end consumer product, an issue often overlooked.

Exploiting buffer overflows is another prime way for the attacker to seize control of the device once it’s on the network but it’s possible to prevent this by using compile time hardening in the form of PIE, NX, ASLR, RELRO, Stack Canaries or Fortify. These are often included in embedded systems but can affect performance and battery life so some experimentation will be required. Consider also whether unsafe functions associated with buffer overflow are used ie strcpy, sprint, and gets, used in binaries on the system.

Keep it current

Is the software up to date? This sounds obvious but lots of devices have Certificate Authority (CA) bundles predating 2012, kernels dating back ten years, old versions of Busybox or even web server connections last accessed in 2005. Old CAs may have already been compromised but are still used by developers because it’s generally easier to leave them in place and simply switch off certificate validation. Unfortunately, this can then expose the device to man in the middle attacks. Check the certificate is correctly signed by a valid certificate authority, check that it matches the server name, and check that it hasn’t expired.

If IoT vendors take the necessary steps to address these common security failings these devices will no longer be so easy to hijack and to subvert. A failure to do so will inevitably lead to yet more behemoth botnets, as well as the emergence of malicious firmware updates and ransomware attacks, which could potentially threaten the viability of the IoT itself. Latest from the homepage

Watch the “State of the Net 2018” Live on Monday, January 29

Internet governance, blockchain, algorithms, free speech, net neutrality, IoT, cybersecurity, fragmentation … and so much more!  On Monday, January 29, 2018, the State of the Net 2018 conference will be streaming live out of the Newseum in Washington DC. You can watch starting at 9:00am US EST (UTC-5) Monday morning at:

The SOTN 2018 agenda is packed with many of the leading voices in US Internet policy, including Senators, Representatives, and even an FCC Commissioner. Global organizations and corporations will be represented, too, among the many speakers.

At 11:00am EST, our own Sally Shipman Wentworth, VP of Global Policy Development, will participate in a panel, Internet Governance: Are We In A Post Multi-Stakeholder World?, along with Larry Strickling. Larry is perhaps best known recently for the IANA transition work but has been working with us on efforts to expand the use of the multistakeholder model for Internet governance. Others panelists will be Dr. Jovan Kurbalija from our partner the DiploFoundation; Steve DelBianco of NetChoice; and the Hon. Robert Strayer of the US State Department. The session will be moderated by Shane Tews from the Internet Education Foundation. The abstract is:

It will have been one year into the Trump Administration and it is time to take stock of the complex set of International arrangements that the Administration is dealing with. A new set of stages for these issues are fast approaching. World governments and international groups are jockeying for greater control over Internet functions and content. Confabs like the ITU 2018 Plenipotentiary Conference (PP-18) are just one of the many venues that will reveal the struggles for Internet domination. Complex trade deals and national regulations such as the NAFTA and the imminent European General Data Protection Regulation (GDPR) will strain intergovernmental cooperation. Cyber security initiatives and law enforcement cross-border access to citizen data will test the sovereignty of nations. 2018 may be the most significant year in terms of Internet governance since the dawn of the Internet.

It should be a lively and interesting discussion! In preparation, we would encourage you to read our paper: Internet Governance – Why the Multistakeholder Approach Works.

All the sessions will be recorded for later viewing. You can also follow the #SOTN2018 hashtag on Twitter to see updates from the event.

The post Watch the “State of the Net 2018” Live on Monday, January 29 appeared first on Internet Society.

Internet Society

See Service Management and Orchestration from Edge to Cloud in Action at Cisco Live Barcelona

Typical IoT deployments involve multiple vendors, multiple tenants, multiple clouds and devices. You need an orchestrator to make them work as one.
IoT – Cisco Blog