Categories
Customer Experience Internet of Things

Customer Experience Reimagined: IoT-Enabled CDP

Customer experience, more precisely online interactions and digital experiences. has been marked by an unprecedented shift due to the recent pandemic.

According to the Adobe Digital Economy Index, U.S. e-commerce spending is expected to total between $850 billion and $930 billion this year, reaching $1 trillion in 2022. Research indicates that 72% of all e-commerce transactions will be attributed to mobile in 2021, which is unsurprising given changing consumer behaviors that drive demand for diverse mobile applications. Between 2021 and 2025, the mobile apps market is positioned to increase by $653.91 billion, advancing at a CAGR of nearly 21% throughout the forecast period.

The proliferation of Internet of Things (IoT)-connectivity is further contributing to market growth of mobile applications because IoT data enables various functionalities that can generate consumer-to-brand touchpoints. Organizations are using IoT data as a critical component in personalization and engagement to improve the CX and deliver category-defining mobile experiences.

Globally, connected IoT devices are on track to grow to 30.9 billion units by 2025, which presents a number of opportunities if organizations have the capabilities to effectively harness IoT data and leverage advanced analytics to significantly improve the CX.

Customer data platforms (CDP) enabled with IoT capabilities play a vital role in helping organizations obtain a greater understanding of customer data and behaviors, and the capabilities to leverage that data for personalized, digital-first experiences.

Capitalizing on the Potential of IoT

As more devices and consumer products become connected to the internet, customer expectations of engagement with a business is fundamentally altering. Salesforce research indicates that for 80% of customers, the experiences that a company delivers are as important to them as products and services.

Consider Starbucks, who uses IoT data to create omnichannel experiences that are widely acknowledged as best-in-class. For example, Starbucks has disrupted the loyalty rewards program model by making it possible to reload cards on any channel, and any modifications to a profile or card is updated in real-time throughout all channels. They use IoT data to better understand customer preferences and trends, reduce potential bottlenecks at drive-thru windows, and allow customers to directly trace their coffee source.

Organizations need to capitalize on the CX potential of IoT data via solutions like IoT-enabled CDP. CDP solutions enable first-party data to be collected and unified, providing a cohesive view of the customer. It also eliminates fragmented data and marketing silos by connecting other systems and marketing tools to create a centralized source of truth for customer data.

IoT data, however, is simultaneously a challenge and an opportunity.

IOT CUSTOMER EXPERIENCEOn one hand, IoT generated data is sensitive, which impacts regulatory and compliance protocols. Additionally, IoT data is unstructured, complex, frequently anonymized, streams in real-time, and often must be combined from numerous IoT devices – all of which have implications on the existing infrastructure.

On the other hand, IoT data can provide a powerful competitive edge. CDPs with built-in IoT, artificial intelligence (AI) and machine learning (ML) capabilities offer critical advantages via automation, intelligence, segmentation, and prediction that helps maximize the potential of customer data. AI is able to discover patterns in data and analyze information to provide meaningful insights, in addition to performing complex customer segmentation. ML can identify customer segments and continuously self-learn to become smarter over time depending on the training data and models.

IoT-enabled, advanced CDP solutions offer benefits that can fuel a memorable Customer Experience.

Sustainable personalization: Data security and privacy concerns are growing and we’re witnessing the end of third-party cookies. Advanced CDPs with real-time capabilities can help brands provide personalized experiences on the customer’s terms during critical moments.
Augment inter-departmental data: The value of customer data isn’t limited to sales and marketing teams; it’s an enterprise-wide factor in organizational flexibility and transparency. CDPs offer streamlined integration with both external and legacy solutions to further augment existing data from other departments.
Respond to emerging trends: As pressure to extend cohesive omnichannel experiences grows, organizations need the capabilities to instantly respond to fluctuating market trends or conditions. Advanced CDPs can enhance marketing efficiency and cost-effectiveness, and enable more robust agility to respond to constant change.
Tailored marketing content: Brands can eradicate siloed marketing efforts per channel to provide more relevant, innovative marketing and sales content based on unique customer interests, such as product usage tips or interviews with a content creator.

Trends and Developments Shaping the IoT-Driven Customer Experience

Market momentum for CDPs is quickly evolving alongside technological advancement and adoption. In 2018, semiconductor firm ARM Limited acquired enterprise data platform provider, Treasure Data, to advance device-to-data IoT platform development.

Customer communications platform provider Twilio acquired CDP provider Segment for $3.2 billion in 2020 to improve their suite of customer engagement software and enable companies to extend connected CXs that revolve around high-quality data.

These examples demonstrate the market direction of CDP as a catalyst for an enriched CX. According to Gartner, by 2023 70% of independent CDP providers will be acquired by larger marketing technology vendors or will diversify through M&A to enter adjacent categories like multichannel marketing and personalization.

There are so many uses for IoT, in particular when AI and predictive analytics are integrated.  Its not just global conglomerates in healthcare and medical devices. Many startups are building IoMT, aka the Internet of Medical Things, that allow doctors to monitor patients’ well-being remotely such as newest advances in heart monitoring and diabetes management.  And of course there is the IoB aka the Internet of Behaviour that takes into account individual customer trends, location-based services marketing, and uses predictive analytic to discover accurate buying habit.  Still others include IoLT aka the Internet of Logistics Things as in SCM, IoRT aka the Internet of Retail Things, and where DX all started and is evolving with IoWM aka the Internet of Workforce Management.

Future-Facing Customer Experience Programs will be Predictive

Internet of everythingOrganizations today are collecting and integrating IoT data to produce rich customer insights. CX leaders who are looking to future-proof their CX programs are enhancing their data and analytics capabilities and looking to predictive insights to:

● Build more connected customer experiences.
● Pinpoint CX obstacles and opportunities in real-time.
● Understand brand-to-consumer interactions on a deeper level.
● Prioritize customers at risk of churn and offer personalized solutions or compensation to stabilize the relationship.
● Gain a more holistic perspective of customer value potential.

With predictive insights from IoT data, brands can deliver rapid reimbursement for a shipping delay, or extend proactive customer service outreach when a customer is dealing with some issues in resolving a pain point, for example.

Predictive CDP systems provide companies with an opportunity to connect their Customer Experience programs to business value, such as enabling businesses to refine existing solutions that have a direct correlation to customer loyalty and up-sell behaviors.

According to Allen Proithis, CEO of Captone Partners, “Connected solutions are now table stakes for creating leading customer experiences. IoT data is the fuel for Digital Transformation, and the resulting Customer Experience is the destination. The faster that you can use data to fuel your transformation, the more quickly you will arrive at your ultimate customer experience that transforms the business relationship.”

The New Customer Experience Imperative

Marketers simply can’t afford to overlook the massive potential of IoT and other new technologies in their strategic CX initiatives. In a hyperconnected era defined by frictionless, data-driven, digital-first experiences across all channels and touchpoints, it’s either deliver a meaningful customer experience (CX) or become obsolete. To compete based on CX, organizations need to deploy the transformational power of IoT when it comes to their CDP.
If you need expertise utilizing a performance-based retained executive search within IoT, DX, or Customer Experience, check out what NextGen can offer you.

Categories
Cyber Security Internet of Things

IoT Medical Devices Cyber Security – Diagnosis and Dispensing

Now that we are fully engrossed in the cyber age, there are rapid advances across the board for all things connected to the Internet and IoT medical devices cyber security is no exception.  These devices, often called “The Internet of Things,” or IoT, has certainly made much of life much easier. For the medical profession, it has certainly become a simple, safe and easy way to monitor patients away from a clinical setting.

This is all fine and good, but there is a fundamental question of IoT that needs answering: Are these safe and secure when away from a closed environment? This article is going to address the issues home devices face and possible ways to prevent cyber attacks and/or hacking.

Dispensing for IoT Medical Devices Cyber Security

The number one concern of healthcare professionals looking at and addressing potential problems is the HIPAA. This protection act of 1996 means patients under the care of physicians have a reasonable expectation of privacy and are protected under a patient/medical professional relationship. IoT’s are free from human intervention by and large.

This means the patient carrying the device is completely removed from interacting with it on any level. Most of the IoT medical devices are used strictly for monitoring, data collection and medical dispensing. They are passive because the medical professionals are looking for a true a baseline as possible and is only effective when the patient is at ease with or completely unaware of the device. This lack of concern in cyber security for medical devices is the problem.

ISSUES AT STAKE

The information transmitted, no matter how insignificant at the time, could be used to gain identity information. The IoT’s are often coded to the patient with a name, number and medical coding information. All that would be needed is access to the information on the device, and personal, private information is available. This includes social security numbers, medical information and possible fiscal information to boot. This compromised information is enough to wreak havoc on a medical practice, hospital or medical equipment distributor – if not all of them in conjunction – all because of a HIPAA violation.

Solutions for IoT Medical Devices Cyber Security

While computers have software to keep them from attacks, these medical devices do not. There is scant little that can be done if malfeasance is intended. A skilled and determined computer hacking specialist with the understanding of IoT’s can quickly and easily undermine its basics. Doing so would cause serious issue with the medical professional monitoring the patient and for the patient, who could, as a result, receive incorrect treatments and/or medications. Unable to track the information back to a source, this could potentially open a flood of medical malpractice suits, and there would be little the medical professional could provide as a substantial defense.

POTENTIAL SOLUTIONS

Medical administration in conjunction with information teams and network security specialists should realize there needs to be a move from the “Internet of Things” to “Security of Things” to protect themselves, their practices and patients from hacking. There are a few things that could be considered.

DATA ENCRYPTION

Safe and secure encryption should be on the forefront. As more and more medical practices move from paper to online and cloud patient records, the same can be said for IoT’s. Signed contracts with network encryption professionals about software and the devices themselves should be a first step. Each contract to include audits, verifications and regular testing to ensure the validity and security of the data on the IoT.

​​​​​AUTHORIZED DEVICES

​A Holter monitor is one of these IoT’s. Its purpose is to collect a 24 hour EKG for cardiac patients in various settings for the best possible heart function in normal settings. The contract should provide for each device to collect only the necessary information and nothing more. Systems that download, read or output the information is additionally a part of the contract.

To address needed IoT medical devices cyber security, the device should be built in a such a way that any tampering of any sort is quickly noticed and/or built in such a way that the device immediately informs the medical professionals. Patient contracts protecting the device is also a sound idea.

The physical security of the device itself also should not be overlooked. The device should be configured to prevent data storage media from being accessed or removed, and the device itself should not be easily disassembled. In short, building a strong security to protect data during transmission is undercut if the data can be removed from the device itself.

CREDENTIALS

No one but a medical professional can dispense medical advice, so only those who will be reading the results need access to the data contained thereon. All information should only be retrieved under a secure server under select passwords. Focusing on cyber security for IoT medical devices, only the absolutely necessary individuals outside of those interpreting the data need access to any element of the entire procedure.

PERSONNEL

diagnosis-dispensing-IoT-medical-devices-cyber-securityProper training for every step only makes sense. All medical professionals are bound under an ethics code with severe penalties for infringement. There have not yet been any serious attacks on medical IoT’s.

When will it happen is the question. Ideally, every possible step should be covered; however, there is no guarantee of anything until an attack.

What are your thoughts and opinions on the issue of IoT medical devices cyber security, and what steps in addition to those mentioned would be a necessary part?

Categories
Articles Internet of Things

Industrial Robotics Cyber Security Challenges in IIoT

The line is blurring between information technology (IT) and operational technology (OT). As more industrial robotics equipment is connected to the industrial internet of things (IIoT), the vulnerabilities increase. Among the many devices being added to networks are robotic machines. That’s raising red flags for some experts. And it has many people worried. What are the risks associated with connecting an army of robots? It’s the stuff of science fiction.

 

Industrial Robotics Cyber Security Concerns on the Rise

 

The World Robotics Report 2016 gives us some insight into the scope of global automation growth: “The number of industrial robotics deployed worldwide will increase to around 2.6 million units by 2019.” It says that the strongest growth figures are for Central and Eastern Europe. The report cites China as the market for growth, and says that North America is on the path to success. “The USA is currently the fourth largest single market for industrial robots in the world,” according to the report.

TechCrunch contributor Matthew Rendall says “Industrial robotics will replace manufacturing jobs — and that’s a good thing”. He writes that the “productivity growth” behind 85% of job losses is all about machines replacing humans. Luddite and famous poet Lord Byron would not have been pleased. But Rendall is not bothered. He says that “more is getting done” by industrial robotics that are safer and more reliable than human beings.  And he believes that this robotics revolution will be beneficial to workers and society in the long run.

All this rush to automation might be the best thing since jelly doughnuts. But one question could make all the difference between abysmal failure and glorious success:  Can we keep them secure?

Challenge in Industrial Robotics Cyber Security

 

We probably don’t need to worry about robots taking over the world any time soon. (Let’s hope, anyway.) What concerns security experts is that our computer-based friends can be hacked. Wired Magazine reports how one group of researchers was able to sabotage an industrial robotics arm without even touching the code. That’s especially worrying when you think that most industrial robotics have a single arm and nothing else. These devices are made to make precise movements. Hackers can change all that.

Industrial-Robotics-Cyber-Security-300x225German designer Clemens Weisshaar addressed the issue in a form at Vienna Design Week in 2014.  “Taking robots online is as dangerous as anything you can put on the web,” he said. In a video from the forum, Weisshaar talked about how even his company’s robot demonstration in London had been hacked within 24 hours. They even tried to drive his robots into the ground.  “If everything is on the internet,” he said, “then everything is vulnerable to attack.”

Industrial robotics cyber security challenges are only one part of what many are calling Industry 4.0. It’s a trending concept — especially in Germany — and it’s another way of referring to the Fourth Industrial Revolution. To understand what this is about, we should first reach back in the dim recesses of our minds to what we learned in history class in school.

The Industrial Revolution, as it was originally called, took place in the 18th and 19th centuries. It started in Great Britain and involved the harnessing of steam and tremendous advances in production methods – the 1st.  Next came the 2nd roughly from 1870 until World War I in the USA. This involved the use of electricity to develop mass production processes. Th 3rd brought us into the digital age. Part four is upon us now.

A video from Deloitte University Press introduces us to the Fourth Industrial Revolution — Industry 4.0. It gives a good summary of the four “revolutions”, and it talks about some of the new technologies that now define our age:

  • Internet of Things (IoT)
  • Machine Learning
  • Augmented Reality
  • Mobile and Edge Computing
  • 3D Printing
  • Big Data Processing

“These technologies,” says the narrator, “will enable the construction of new solutions to some of the oldest and toughest challenges manufacturers face in growing and operating their business.” They also make up the environment in which hackers flourish.

Industrial Robots Cyber Security Challenges for IoT

 

In this space we have already discussed the security vulnerabilities of IoT devices. We told you how white hat hackers proved that they could commandeer a Jeep Cherokee remotely by rewriting the firmware on an embedded chip. Imagine what hackers with more sinister motives might be planning for the millions of robotic devices taking over the manufacturing shop floor — supposing they are all connected.

Some researchers tackled the issue in a study called “Hacking Robots Before Skynet”. (You will remember from your science fiction watching that Skynet is the global network that linked robots and other computerized devices in the Terminator movie franchise.) The authors had a lot to say about the current state of cybersecurity in the industrial robotics industry.  We can borrow directly from the paper’s table of contents to list what they call “Cybersecurity Problems in Today’s Robots”:

  • Insecure communications
  • Authentication issues
  • Missing authorization
  • Weak cryptography
  • Privacy issues
  • Weak default configuration
  • Vulnerable Open Source Industrial Robotics cyber security Frameworks and Libraries

Each of these topics could probably merit a full article on its own. The researchers explained further: “We’re already experiencing some of the consequences of substantial cybersecurity problems with Internet of Things (IoT) devices that are impacting the Internet, companies and commerce, and individual consumers alike,  Cybersecurity problems for industrial robotics could have a much greater impact.”

What might that impact be? Well, to start with, robots have moving parts. They tell how a robot security guard knocked over a child at a shopping mall. A robot cannon killed nine soldiers and injured 14 in 2007. And robotic surgery has been linked to 144 deaths. It’s not Skynet yet, but connecting robots has its risks.

How we communicate with machines and how they communicate with each other are matters that require significant attention. Arlen Nipper of Cirrus Link Solutions talks about MQTT, which is a protocol for machine-to-machine (M2M) messaging. Manufacturing designers and operators send instructions to one-armed industrial robotics, who work in a variety of industries from automotive to aerospace to agriculture to packing and logistics. All this talking back-and-forth with industrial robotics cyber security has to be regulated. NIST’s Guide to Industrial Control Systems (ICS) Security has a few references to robots. But maybe not enough.

Categories
Articles Internet of Things

IoT Medical Devices Transforming Healthcare

IoT medical devices transforming healthcare by changing every aspect of our social and professional lives as billions of pervasive devices enable the acquisition of timely and accurate information about our personal context, the data gathering transforms what doctors can do with actionable knowledge.

The healthcare sector provides an excellent example of the way in which the future billions of IoT devices will introduce disruptive transformation and new paradigms. In an era where population is aging and incidents of chronic diseases are proliferating, healthcare solution providers are increasingly looking into internet connected devices for remote monitoring of elderly and patients’ conditions.

This remote monitoring facilitates preemptive medical interventions, while at the same time increasing the patients’ independence, reducing hospitalization needs and alleviating pressures on the healthcare system. One of the most prominent classes of IoT Medical Devices transforming healthcare today is wearable devices, which are personalized and provide rich and real-time information about an individual’s healthcare related context, such as heart rates, activity patterns, blood pressure or adherence to medication schedules.

Wearable devices play an instrumental role in monitoring patients’ diseases and recovery state, as well as adherence to prescribed practices and medication. A large number of relevant wearable devices are already available in the market such as activity trackers, smartwatches (e.g., Apple or Garmin Watches), pedometers, sleep apnea detector and smart pills (e.g., AdhereTech’s smart wireless pill bottle).

Implant IoT Medical Devices Transforming Healthcare

 

A less widely known class of wearable IoT medical devices transforming healthcare are implant devices, i.e. devices that are placed inside or on the surface of the human body. The concept of such devices has been around for several years prior to the rise of the IoT paradigm, as prosthetics that were destined to replace missing body parts or even to provide support to organs and tissues.

Therefore, implants were typically made from skin, bone and other body tissues, or from materials (e.g., metal, plastic or ceramic materials). While the distinguishing line between conventional IoT medical devices and wearable / implant devices can sometimes be blurred, we consider as implant medical devices those attached to the skin or placed inside the human body, instead of devices simply worn by the patient.

Impressive examples of implant devices are: (i) Brain implant devices (i.e. electrodes along with a battery empowered devices) used to manipulate the brain and alleviate chronic pain, depression or even schizophrenia; (ii) Electronic chips implanted at the back of the retina in the eye, in order to help sight restoration.

With the advent of IoT medical devices transforming healthcare, implant devices can also become connected and deliver information to cloud computing infrastructures and other applications. In this way, they can become part of the IoT infrastructure and enable the transmission of medical data from the patient to the practitioner on a regular basis. Moreover, with IoT implants patients no longer need to visit their doctor in order download data from their device or even in order to configure the operation of the implant device.

For example, by enhancing devices such as the electronic chip for vision restoration (outlined above) with a small handheld wireless power supply, one can adjust the sensitivity, contrast and frequency as needed in order to yield optimal performance of the device for different environmental settings (e.g., lighting conditions).

Risks with IoT Medical Devices Transforming Healthcare

 

Despite their benefits, the adoption of implant IoT medical devices is still in its infancy. One of the main reasons is that the development and deployment of implants is associated with several challenges and risks.  In particular, implants are associated with surgical risks concerning their placement and removal processes. Although generally safe, these processes could lead to infections or even implant failures, which makes patients reluctant to adopt them. Moreover, several patients have reported allergies and reactions to the materials comprising the implant devices.

Beyond these adoption challenges, there are also IoT technological challenges associated with the need to understand and optimize the placement and operation of the device. For example, there is a need to optimize radio communications between the implanted device and the receiving devices where the information of the implant is destined. In this respect, low power operation is very important as a result of the need to economize on power capacity, while at the same time complying with applicable laws and regulations, including security and safety regulations.

IoT-Medical-Devices-Transforming-HealthcareFrom a technology viewpoint, implant solutions have to resolve trade-offs associated with efficiency and accuracy against antenna size, power use, operating bandwidth and materials costs. Moreover, implant devices should be appropriate for various body and skin morphologies, while at the same time offering security and data protection features that render them immune to malicious parties that may attempt to compromise their operation.

The above-listed factors render the design of cost-effective implants that adhere to regulations and optimize their operation very challenging. In order to alleviate these challenges, vendors and integrators of IoT implants resort to simulation. Simulation is an ideal tool for modelling the operation of the device and understanding its communication with the body and other devices of the surrounding environment such as gateways or even other implant devices.

Furthermore, vendors are implementing services that aim at increasing the operational efficiency of the devices, such as preventive or predictive maintenance of the device, as well as remote diagnostics and software upgrades (e.g., remote patching). The last batch of challenges concerns the important business issues with IoT medical devices transforming healthcare, especially implants, which are not confined to selling devices.

Rather, it is about innovating digitally and offering a whole range of services as part of the device’s industry ecosystem. Specifically, vendors and integrators of IoT implants need to find novel ways and business models for sharing their data with healthcare services providers and other stakeholders, while at the same time creating new value chains in collaboration with other device vendors, health professionals, home care services providers and other business actors.

The evolution of IoT medical devices transforming healthcare with implants will gradually signal a shift from the offering of an optimal IoT device to the offering of a pool of optimized and personalized healthcare services that will be built by the device’s industry ecosystem. Implant IoT medical devices are here and expected to play a significant role in the on-going IoT-driven transformation of the healthcare landscape. Stay tuned!.

Categories
Articles Internet of Things

Embedded Wireless Devices IoT Security Vulnerabilities

Embedded Wireless devicesonce thought to be too small to include their own security, undergo a more thorough analysis beginning with firmware testing. The software inside the chip is just as important as the application controlling it. Both need to be tested for security and quality. Some of the early IoT botnets have leveraged vulnerabilities and features within the device itself.

Embedded wireless devices really are one of the most common devices on the Internet, and the security of these devices is terrible.” Those were the words of network security expert H.D. Moore, the developer of the penetration testing software Metasploit Framework, when discussing an illicit attempt to survey the entire internet.

Consumer Based Embedded Wireless Devices

 

Dan Goodin of Ars Technica tells the tale of a guerrilla researcher who collected nine terabytes of data from a scan of 420 million IPv4 addresses across the world. “The vast majority of all unprotected devices are consumer routers or set-top boxes which can be found in groups of thousands of devices,” wrote the anonymous researcher in his 5,000-word report. “A lot of devices and services we have seen during our research should never be connected to the public Internet at all.”

embedded-wireless-and-IoT-devicesHackers can do a lot of damage, and with billions of IoT devices forecast to be connected in the next few years, embedded devices security should be more than an afterthought.

In 2015, two white hat hackers demonstrated that they could break into late model Chrysler vehicles through the installed UConnect, an internet-connected feature that controls navigation, entertainment, phone service, and Wi-Fi.

By rewriting firmware on a chip in an electronic control unit (ECU) of a Jeep Cherokee, they were able to use the vehicle’s controller area network (CAN) to remotely play with the radio, windshield wipers, and air conditioning — even kill the engine.

The cybersecurity risks are real.  Alan Grau writes on the IEEE Spectrum website about three significant incidents affecting the health care industry. A report by TrapX Labs called “Anatomy of an Attack–Medical Device Hijack (MEDJACK)” describes how hackers were able to target medical devices to gain entry to hospital networks and transmit captured data to locations in Europe and Asia. “Stopping these attacks will require a change of mindset by everyone involved in using and developing medical devices,” says Grau.

Another notorious embedded wireless devices security intrusion is described in an article on The Verge, “Somebody’s watching: how a simple exploit lets strangers tap into private security cameras” . Strangers were able to watch live streams of unwitting security camera owners within their homes. The vulnerabilities of existing firmware allowed for egregious invasion of privacy.

Embedded Wireless Devices and IoT Vulnerabilities

 

Many of the hackable embedded wireless devices now on the market were created without much consideration for security. “Security needs to be architected from the beginning and cannot be made an option,” says Mike Muller, CTO of ARM Semiconductors, at a seminar he gave at the IoT Security Summit 2015.  Muller believes that very few developers have any real understanding of security. ·“We cannot take all of the software community and turn them into security experts.  It’s not going to work.” The answer is that best practices for embedded security must be established and followed. That includes splitting memory into “private critical and private uncritical” and creating device-specific encryption keys. “You have to build systems on the assumption that you’re going to get hacked,” warns Muller.

 

Identifying potential IoT vulnerabilities requires robust testing before putting devices into production. In 2014, the Open Web Application Security Project (OWASP) published a list called Internet of Things Top Ten:  A Complete IoT Review. They recommend testing your IoT device for:  

  1. Insecure Web Interface (OWASP I1)
  2. Poor Authentication/Authorization (OWASP I2)
  3. Insecure Network Services (OWASP I3)
  4. Lack of Transport Encryption (OWASP I4)
  5. Privacy Concerns (OWASP I5)
  6. Insecure Cloud Interface (OWASP I6)
  7. Insufficient Security Configurability (OWASP I8)
  8. Insecure Software/Firmware (OWASP I9)
  9. Poor Physical Security (OWASP I10)

 

As with any testing, well-written test cases will help manufacturers ensure the security of embedded wireless devices. Better to run through possible scenarios in the lab that to have major issues with customers later.   In November 2016, Dan Goodin of Ars Technica reported that a “New, more-powerful IoT botnet infects 3,500 devices in 5 days”. Goodin writes that “Linux/IRCTelnet is likely only the beginning of what could be a long line of next-generation malware that steadily improves its capabilities.” And he laments the defenselessness of IoT devices that proliferate across the web. It’s a sentiment that’s shared by many.

What about your experiences with IoT security and embedded wireless devices? Any stories to tell? What are your recommendations for making things safer? Feel free to post your comments here.

 

Categories
Articles Internet of Things

LTE and 5G compete or compliment IoT?

Curious – can LTE and 5G compete or compliment IoT networks or the other way around? The big cellular companies have heavily invested in Long-Term Evolution (LTE) networks and the coming 5G network. They are saying it can compete with the Internet of Things (IoT) network that smaller companies are putting their bets on.

“Despite the prospect of new networks that reach farther than cells and let IoT devices communicate for years on one battery charge, many of the power-sipping networked objects to be deployed in the coming years will use LTE and future 5G cellular systems,” reports Stephen Lawson in Computerworld.  Lawson’s article depends largely on information from the LTE and 5G network developers..

ZDNet took a look at IoT investments stating that “Investors in Sigfox’s  fund raising included major cellular network operators NTT Docomo, SK Telecom, and Telefonica, so it seems that some at least are hedging their bets,” wrote Stuart Corner. Verizon has not made that kind of investment, but it is investing in its own IoT tech. Looking at the Category M1 tech Verizon is working on, it’s hard to see major differences between that and the IoT networks under development, and in place, by the LORA Alliance, Sigfox and others. Cat M1 runs on a 1.4mhz bandwidth with speeds capped at one meg a second. It promises to come in under $10 for consumers.

Verizon is saying LTE and 5G compete or compliment IoT networks and in fact they will exist together. Rosemary McNally, Verizon’s VP for mobile devices and operating system technology, told RCR Wireless that “the Cat M1 network they have in mind will run on the LTE. It will offer more security than IoT”, she promises. So the question needs to be reframed. Instead of asking if the two networks can compete, ask instead do LTE and 5G have to compete on the same grounds as IoT? No, because they don’t have to.

Will LTE and 5G compete or compliment IoT networks?

 

The IIoT and 5G merge in places like over-the-road shipping. IIoT sensors inside the truck feed data into the 5G and LTE networks, which hand it over to controllers and monitors. Decisions can be made within minutes.

The agriculture industry is also using the IoT. Modern tractors are embedded with sensors that provide regular feedback to the manufacturer. A farmer in South Georgia recently got a call from the tractor dealership. The sales rep said he’d received a message that whoever was driving one of the farm’s tractors was “riding the clutch.” Riding the clutch can cause it burn out, a costly repair. By having IoT in the tractor, the maker was able to monitor use and save the owner money.

Another reason LTE and 5G compete or compliment IoT networks is radio frequencies. The Verizon Cat M1 is going to run on licensed bands. Once those bands hit maximum transmission traffic, Verizon is either going to have to get new bandwidth, which can run to the millions of dollars, or scale back some traffic.  If that happens, will Verizon continue to support Cat M1, which appears to have low profit margins? Or, will the company discontinue its IoT investments?

LTE-and-5G-compete-or-compliment-IoT-networks-now-and-in-the-future

Where 5G and LTE have an advantage is security. Current IoT is running on unlicensed spectrum. Anyone can use it. Turf wars may erupt. Two companies next to each other decide to use the same frequency for their IoT. The signals interfere with each other, causing minor to major problems. With licensed frequencies, this is not a problem.

So can LTE and 5G compete or compliment 5G and LTE complement Iot networks?  In truth they compliment each other. Each has strengths and each has weaknesses. Using each system’s strong points to cover the other’s weak points will create a much stronger network than either could be independently.

WHAT THE FUTURE HOLDS

Doug Brake takes a long and hard look at IoT, 5G, LTE and nextgen wireless in a report for the Information Technology and Innovation Foundation.  The industry has gone from 1G (analog) in the 80s to 2G, 3G and now 4G in the past few years. He points out the industry goes through a major upgrade every 10 years. Each upgrade has required big investments. With 2020 a short four years away and 5G already being discussed, AT&T, Sprint and the rest are planning major investments to upgrade the wireless network. The smart ones are planning upgrades that allow IoT.

Can LTE and 5G compete or compliment IoT networks?

 

The questions that should be asked are:  

  • How can IoT be merged into higher-speed transmissions to let on-site and remote operators make better decisions? SugarCreek is one example of how this merger works. Modern tractors are another.
  • What will be the standard? IoT must have a standard just as smartphones do today. A Verizon phone can call, SMS, MMS and so forth to an AT&T phone. Consumers will demand the same for IoT. A homeowner will buy a fridge from General Electric, get an HVAC from Trane and a home entertainment system from Crutchfield. He will demand all the systems function seamlessly on the same IoT network. The IIoT is making inroads on standards, but much more work needs to be done. Equipment needs to move seamlessly from plant to plant. Just installing the hardware is expensive enough. The wireless controls should be plug and play.
  • Is a frequency “land grab” ahead as regulators look at the unlicensed frequencies and increasing demand for them? How much is needed?
  • What kind of security protocols are needed? Yes, it may take a day to hack into a microwave, but someone is going to do it. That’s an annoyance. Hacking into the smokers at SugarCreek could shut down production for a day or more and cost the company plenty. How can this be stopped? Since IoT is going to be largely low-speed, small data, could each device have a limiter? Perhaps once a certain amount of data is sent, the device takes an action to alert the owner or disconnection from the IoT.

 

Categories
Articles Internet of Things

Industrial IoT Predictive Maintenance – a Killer Application

Industrial IoT predictive maintenance is expected to generate the large scope of B2B transactions that require data analysis.  Indeed, IIoT is on such a growth pattern many of the billions of connected things in the coming years will be industrial assets, which will be deployed in settings like factories, agricultural, oil refineries and energy plants.

According to McKinsey the Industrial Internet has the potential to deliver up to $11.1 trillion on an annual basis by 2025 and 70% of this is likely to concern industrial and business-to-business solutions i.e. the Industrial IoT is expected to be worth more than twice the value of the consumer internet.

The Industrial IoT is at the heart of the fourth industrial revolution (Industry 4.0), which is driven by the interconnection of all industrial assets and the ability to collect and analyze data from them. In the scope of the Industrial IoT, assets are cyber-physical systems, which enable the control of physical devices through their cyber representations and the processing of digital data about them.

The applications of cyber-physical systems span a very broad range, including production control, process optimization, asset management, integration of new technologies (such as 3D printing & additive manufacturing), as well as various industrial automation tasks. Nevertheless, the most prominent application is the ability to continually monitor, predict and anticipate the status of assets, with emphasis on industrial IoT predictive maintenance using predictions about when a piece of equipment should be maintained or repaired.

Industrial IoT Predictive Maintenance Key to Industry 4.0

 

Maintenance and Repair Operations (MROs) are at the heart of industrial operations, as they involve repairing mechanical, electrical, plumbing, or other devices as a means of ensuring the continuity of operations. Nowadays, the majority of MRO operations are carried out on the basis of a preventive maintenance paradigm, which aims at replacing components, parts or other pieces of equipment, prior to their damage that could catastrophic consequences such as low production quality and cease of operations for a considerable amount of time. However, in most cases preventive maintenance fails to lead to the best usage of equipment (i.e. optimal Operating Equipment Efficiency (OEE)), as it maintenance is typically scheduled earlier than actually required.

In industrial IoT predictive maintenance (PdM) alleviates the limitations of preventive approaches. PdM is based on predictions about the future state of assets, with particular emphasis on anticipating the time when an asset will fail in order to appropriately schedule its maintenance.

PdM is empowered by models that estimate when the cost of maintenance becomes (statistically) lower that the cost that is associated with the risk of equipment failure.

Based on an optimal scheduling of maintenance, PdM leads to improved OEE, enhanced employee productivity, increased production quality, reduced equipment downtime, as well as a safer environment where failures are anticipated and repairs proactively planned. McKinsey & Co. estimates that the economic savings of predictive maintenance could total from $240 to $630 billion in 2025.

Nevertheless, there are still many industries that dispose with preventive maintenance, since they have no easy way to integrate and analyze data sets from thousands of heterogeneous sensors that are typically available in their plant floors. As a result only a fraction (i.e. 1% according to McKinsey & Co) of the available data is used, which is a serious setback to unlocking the potential of predictive maintenance applications, such as maintenance as a service, on-line calculation of OEE risk, maintenance driven production schedules and more.

The advent of Industrial IoT predictive maintenance is gradually unlocking the potential of PdM technologies facilitate the collection and integration of data from thousands of different sensors, while at the same time providing the means for unifying the semantics of the diverse data sets. Furthermore, IoT analytics technologies (notably predictive analytics) facilitate the processing of IoT data streams with very high ingestion rates based on machine learning and statistical processing techniques that can predict the future condition of components and equipment.

In several cases, IoT data are processed by Artificial Intelligence based techniques such as deep learning, in order to identify hidden patterns about the degradation of assets. Deep learning techniques are capable of leveraging (multimedia) data from multiple maintenance modalities such as vibration sensing, oil analysis, thermal imaging, acoustic sensors and more. Moreover, advanced deployments of industrial IoT predictive maintenance are not limited to deriving predictions about the future state of assets. Rather, they are able to close the loop down to the plant floor, through for example changing configurations in production schedules, altering the operational rates of machines or even driving automation functions.

Rise of Industrial IoT Predictive Maintenance Products and Services

 

PdM is looming as one of the killer applications for the Industrial IoT, which is evident not only on its potential savings but also on the rise of relevant IoT-based products and services. Most vendors have been recently releasing IoT-based solutions for PdM. In addition to empowering data collection and analytics, vendors are striving to enhance their products with added-value functionalities that help them stand out in the market. For example:

  • IBM predictive maintenance solution is able to perform root cause analysis in a holistic way, including predictions about where, when and why asset failures occur.
  • Software AG’s solution for industrial IoT predictive maintenance integrates with ERP and human resources systems to automatically plan the optimal allocation of tasks to technicians.
  • SAP integrates predictive maintenance information with business information (e.g., CRM and ERP systems) and enterprise asset management (EAM) systems. To this end, it benefits from its strong presence and installed base in the ERP market.
  • Microsoft offers PdM solutions over its Azure IoT suite in a way that offers preconfigured solutions (templates) for monitoring assets and analyzing their usage in real-time.

Recently, the DataRPM platform has been also established by a consortium of different vendors and manufacturers. DataPRM claims ability to deliver Cognitive Predictive Maintenance (CPdM) for Industrial IoT, based on the use of Artificial Intelligence for automating predictions of asset failures and closing the loop to ERP, CRM, and other business information systems.

Other major players in industrial engineering and automation, such as SIEMENS and BOSCH are offering their own platforms, while all major IT consulting enterprises have relevant services in their portfolio. Nevertheless, it is indicative of the market momentum of PdM and its positioning as one of the most prominent applications in the growing Industrial IoT predictive maintenance market.

Categories
Articles Internet of Things

Blockchain Technology Securing IoT Infrastructure

The growth of the Internet-of-Things (IoT) paradigm begs the question if blockchain technology securing IoT infrastructure properly or not?  Currently propelled by an unprecedented increase in the number of internet-connected devices. Even though the Cisco’s 2011 projection about 50 billion devices in 2020 is not ending up being very accurate, more recent estimates by Gartner and IHS confirm the tremendous growth of the number of IoT devices.

Blockchain Technology Securing IoT infrastructure

 

 

The need to support billions of devices in the years to come is inevitably pushing IoT technologies to their limits. Despite significant progress in blockchain technology, the specification and implementation of IoT technologies for identification, discovery, data exchange, analytics and security, the future scale of IoT infrastructure and services is creating new challenges and ask for new paradigms.

As a prominent example, IoT security is usually based on centralized models, which are centered round dedicated clusters or clouds that undertake to provide authentication, authorization and encryption services for IoT transactions. Such centralized models are nowadays providing satisfactory protection against adversaries and security threats.

Nevertheless, their scalability towards handling millions of IoT nodes and billions of transactions between them can be questioned, given also recent IoT-related security attacks which have manifested the vulnerabilities of existing infrastructures and illustrated the scale of the potential damage.

In particular, back in October 2016, a large scale Distributed Denial of Service (DDoS) attack took place, which affected prominent Internet sites such as Twitter, Amazon, Spotify, Netflix and Reddit. The attack exploited vulnerabilities in IoT devices in order to target the infrastructures of dyn.com, a global infrastructure and operations provider, which serves major Internet Sites.

The incident is indicative of the need for new IoT security paradigms, which are less susceptible to attacks by distributed devices and more resilient in terms of the authentication and authorization of devices. In quest for novel, decentralized security paradigms, the IoT community is increasingly paying attention to blockchain technology, which provides an infinitely scalable distributed ledger for logging peer to peer transactions between distrusted computing nodes and devices.

Most of the people that are aware of the paradigm to blockchain technology securing IoT perceive it as the main building block underpinning cryptocurrencies such as the well-known BitCoin. Indeed, the main characteristic of Bitcoin transactions is that they are not authenticated by a Trusted Third Party (TTP), as is the case with conventional banking transactions.

In the case of the BitCoin, there is no central entity keeping track of the ledger of interactions between the different parties as a means of ensuring the validity of the transactions between them. Instead, any transaction occurring between two parties (e.g., A paying 1 Bitcoin to B) is kept in a distributed ledger, which is maintained by all participants of the BitCoin network and which is empowered by blockchain technology. Among the merits of this distributed ledger approach is that it is very scalable and more robust when compared to traditional centralized infrastructure.

This is due to the fact that the validation of transactions is computationally distributed across multiple nodes, as well as due to the fact that the validation requires the consensus (“majority vote”) of the whole network of communicating parties, instead of relying on a centralized entity. In this way, it is practically impossible for an adversary to attack the network, since this would require attacking the majority of nodes instead of one or a few parties.

Can-blockchain-technology-secure-IoT-data-and-devices

The scalability and resilience properties of the blockchain approach have given rise to its applications in other areas such as electronic voting or IoT transactions. The principle remains the same:

Transactions are logged in the distributed ledger and validated based on the majority of nodes, even though in the case of voting and other transactions Bitcoin units are replaced by votes or credits.

This results in a trustful and resilient infrastructure, which does not have a single point of failure.

Based on the above principle, blockchain is deployed as an element of IoT infrastructures and services, which signifies a shift from a centralized brokerage model, to a fully distributed mesh network that ensures security, reliability and trustworthiness. Blockchain technology securing IoT infrastructure facilitates devices to authenticate themselves as part of their peer-to-peer interactions, while at the same time increasing the resilience of their interactions against malicious adversaries. Moreover, this can be done in a scalable way, which scales up to the billions of devices and trillions of interactions that will be happening in the coming years.

Cases IoT Blockchain Technology Securing IoT

 

 

The development of secure mesh IoT networks based on blockchain technology is no longer a theoretical concept. During the last couple of years several companies (including high-tech startups) have been using blockchain technology in order to offer novel IoT products and services. The most prominent implementations concern the area of supply chain management. For example, modum.io is applying blockchain in the pharmaceuticals supply chain, as means of ensuring drug safety.

The company’s service uses the blockchain technology in order to log all transactions of a drug’s lifecycle, starting from its manufacturing to its actual use by a health professional or patient. Recently, the retail giant Wal-Mart Stores Inc. has announced a food products track and trace pilot based on blockchain technology. The pilot will document all the steps associated with tracking and tracing of pork, from the farm where the food is grown, to the supermarket floor where it is shipped. This pilot is a first of a kind effort to validate the merits of the blockchain outside the scope of the financial services industry.

Beyond supply chain implementations, novel products are expected to emerge in the areas of connected vehicles, white appliances and more. Several of the applications are expected to benefit from blockchain’s ability to facilitate the implementation of monetization schemes for the interaction between devices. In particular, as part of blockchain implementations, sensors and other IoT devices can be granted micropayments in exchange of their data.

The concept has already been implemented by company tilepay, which enables trading of data produced by IoT devices in a secure on-line marketplace. At the same time, cloud-based infrastructures enabling developers to create novel blockchain applications are emerging. As prominent example Microsoft is providing a Blockchain-as-a-Service (BaaS) infrastructure as part of its Azure suite.

Overall, blockchain technology is a promising paradigm for securing the future IoT infrastructures. Early implementations are only scratching the surface of blockchain’s potential. We expect to see more and more innovative products in the next few years.

In this direction, several challenges need also to be addressed, such as the customization of consensus (i.e. “majority-voting”) models for IoT transactions, as well as efficient ways for carrying out the computationally intensive process of transaction verification. Solutions to these challenges will certainly boost the rapid uptake of this technology in the IoT technology landscape.

 

Categories
Internet of Things White Papers

Industrial IoT Automation Digital Wave Whitepaper

Industrial IoT automation dictates that all predictive maintenance systems hinge on the processing of data from many IoT devices, which renders predictive maintenance one of the most common applications.

Industrial IoT Automation Challenges

 

 

Industrial-IoT-Automation-whitepaper

Moreover, as predictive maintenance leads to improved OEE, reduced labor for performing the maintenance and better planning of related supply chain operations, it is increasingly considered one of the killer applications for IIoT.

IIoT reconfigurations take place at the cyber world based on digital technologies rather than at the physical world where processes are much more tedious and time consuming.

This ensures that changes in the IT configurations are properly reflected on the field.

 

 

Extensive Whitepaper on Industrial IoT Implications

This whitepaper discusses IIoT Disruption and Digital Transformation.  It defines the business cases, predictive maintenance, flexibility in Industrial IoT Automation, optimal Supply Chain operations and how to improve the quality of operations.

Moreover, we identify the simulation of complex processes, technology enablers and building blocks, as well as IIoT’s deployment challenges.  Discover the adaptation and migration of legacy systems; security, privacy, and trust, and leveraging standards in Digital Transformation.

As experts in recruiting senior executives and functional leaders for Internet of Things data and devices, LED lighting, and industrial IoT automation, in this whitepaper we also reveal the talent Gap in IIOT technologies.  The talent gap is evident in senior engineering and executive levels.  Riding the Industry Digitization Wave with IIoT:Challenges and Implications whitepaper.  Click here to view and download.