iot + m2m tutorial - tmcnet · pdf filedevices, networks and applications are the dna of iot....
TRANSCRIPT
IoT + M2M TutorialFebruary 2017
IoT Evolution East ‐ Ft. Lauderdale
Richard Brennan
Agenda: Tuesday, 07 February, 2017
Session CERT 01: IoT + M2M Primer 10:00am‐ Introduction, Overview ‐ Terminology and Concepts
Session CERT 02: The DNA of IoT 10:45am‐ Devices at the Edge; ‐ Network Topologies‐ Security
Session CERT 03: IoT Glue 11:45am‐ Tools for Federation‐ IoT + M2M Applications
2 © 2016‐2017 Telxxis
Session CERT 02The DNA of IoT:
Devices, Networks and Applications are the DNA of IoT. This session provides definition of the ‘Things’; e.g. Sensors, Wearables, Constrained Devices, and MEMS at the edge, and then moves to look at the landscape in Sensor Networking Topologies.
© 2016‐2017 Telxxis3
Session CERT 02 ‐ Part 1DNA of IoT ‐ Devices at the Edge
Devices, Networks and Applications are the DNA of IoT. This session begins with a discussion on the ‘Things’ Ecosystems… and the role each plays in building and implementing an IoT.
© 2016‐2017 Telxxis4
Things: Communicate + Sense or Actuate
• …from the smallest core or MEMS*…
• …to a multi‐functional module…
• …to a stand‐alone device….
• …to a complex machine or system
© 2016‐2017 Telxxis5 * MEMS (Micro‐ Electro‐Mechanical Sub‐system)
Consolidating into EcosystemsConsortia*
6 © 2016‐2017 Telxxis
Cloud EnterpriseIndustrial
Azure IoT
Consumer
* ….representing 100s oftechnology and
product companies
Trend: Voice assisted IoT
• Amazon: AlexaLeading stand‐alone ‐ ~ 10M sold
• Apple: SiriIntegrated in iOS
• Google: AssistantNewest Android versions
• Microsoft: CortanaWindows native
© 2016‐2017 Telxxis7
Amazon
• Echo Dot• Interacts with Alexa: Cloud‐based automatic speech recognition (ASR) and natural language understanding (NLU).
• AWS IoT• Tech partners including Broadcom, Intel, Qualcomm, and Texas Instruments
• Dash Bottons• Alexa Cloud‐based automatic speech recognition (ASR) and natural language understanding (NLU).
© 2016‐2017 Telxxis8
Thread Group
• Nest, ARM, Freescale, Samsung and others
Source: Thread Group
• Thread is a wireless mesh protocol, Open‐source: built on existing standards, i.e. 6LowPAN
• Power‐efficient open protocol that carries IPv6 natively• Robust mesh network with no single point of failure
• Runs on existing silicon • Designed with a new security architecture • Supports 250+ products per network• Very low power operation
9 © 2016‐2017 Telxxis
Apple Homekit
• HomeKit is a framework for communicating with and controlling connected accessories in a user’s home.
• Users can discover HomeKit accessories around the home,and configure them… or
• Actions can be crated to control the devices individually, or actions can be grouped together • Siri allows users to control devices and actions…
© 2016‐2017 Telxxis10
Apple: HomeKit
Source: Apple11
iCloud
© 2016‐2017 Telxxis
Google:
• Android Things (nee Brillo) is a ‘polished down’ OS • Android APIs, Google services, and Android tools.
•Weave communications platform and protocol schema for IoT• Access to Google’s services and intelligence• Device SDK to Google cloud services, and developer tools
• Google Assistant …controls devices with voice commands.
© 2016‐2017 Telxxis12
Microsoft Azure IoT
• Azure IoT Suite• Azure IoT Hub ‐ Management, Confiruration, Updates, New: Message Routing
• Azure IoT Gateway SDK, and Industry Starter Kits
• Windows 10 IoT• Optimized for small footprint, low cost devices
• Trusted Platform Module (TPM) 2.0• Cortana
• Voice Commands & Interaction
© 2016‐2017 Telxxis13
ZigBee Alliance
• ZigBee:• Launched 1998, with a non‐IP network layer• One of the largest installed bases of device types…
• ZigBee 3.0• Introduced in 2015, provides Network and Application level standardization on an IEEE 802.15.4 network at 2.4 GHz.Specifies more than 130 devices and many device types
• ZigBee IP• Low‐throughput, low‐power and low‐cost technology, based on the IEEE 802.15.4 link layer920IP for Japan
Source: ZigBee Alliance14 © 2016‐2017 Telxxis
Z‐Wave
• Targeted at Smart Home• Source‐routed mesh network ‐ each node is also a repeater• Small payload, Low‐latency ‐ 40kb bandwidth• Part 15 unlicensed ISM band (in US) ~ 30 meter range
• Z‐wave transceiver chips by Sigma and Mitsumi
• On market for over 10 years…• Over 1500 available devices• 300 companies
© 2016‐2017 Telxxis15
PAAS: GE Predix
© 2017‐2016 Telxxis16Source: GE
Technology: Standards & Consortia
Source: Morgan Stanley17 © 2016‐2017 Telxxis
IIC ‐ Industrial Internet Consortium
• Founded by AT&T, Cisco, GE, IBM and Intel… with many partners
• The IIC is creating use cases and testbeds for IoTapplications; and building a reference architecture and frameworks for interoperability
• Goals:• Influence the global development standards process for
industrial systems; e.g. Plattform Industrie 4.0 [CH]• Build confidence around innovative
approaches to security.
Source: IIC18 © 2016‐2017 Telxxis
OCF ‐ Open Connectivity Foundation
19
• Oct 2016: OCF and the AllSeen Alliance merged under the OCF name• Brings together the two major technology‐centric consortiums…• Defining connectivity framework that abstracts complexity• Compliance testing and service‐level interoperability• Deliver interoperable products across Android, iOS, Windows, Linux, Tizen, and more.
• IoTivity: Open‐source project implementing the communications framework from OCF,hosted by the Linux Foundation.
© 2016‐2017 Telxxis
Session CERT 02 ‐ Part 2DNA of IoT ‐ Network Topologies
An overview of common sensor network topologies…
© 2016‐2017 Telxxis20
Wireless Topologies: Star ‐ Mesh
Mesh: • More than one path between
source and destination ‐ resilient• Each node relays data for the network
© 2016‐2017 Telxxis21
Protocol: IEEE 802.15.4
• IEEE 802.15.4: Specifies the physical layer and media access control for a low bit‐rate wireless personal area network (LR‐WPAN)• Designed for ultra low complexity, ultra low cost, ultra low power consumption, and low data rate connections among inexpensive devices.
• Data rate is high enough (250 kb/s) to satisfy a set of applications but is also down‐scalable to the needs of sensor and automation needs (<20 kb/s)
• Sub‐versions for several application‐specific instances: e.g.:• Smart Metering• Medical Body Area Network (MBAN)• Critical Infrastructure Monitoring• Rail Communications
• Widely referenced in higher‐layer IoT protocol instantiations
22 © 2016‐2017 Telxxis
Wi‐Fi
• Wi‐Fi:Wireless networking technology that allows devices to network using2.4 gigahertz and 5 gigahertz radio bands.
• Wi‐Fi is a WLAN (Wireless Local Area Network) technology based on IEEE 802.11 standards
• Wi‐Fi Direct allows for an embedded software Access Point (AP)… allowing direct connections to one or more Wi‐Fi devices (without a stand‐alone WAP)
Source: WiFi Alliance23 © 2016‐2017 Telxxis
OMA ‐ Bluetooth®
• Bluetooth Smart / Bluetooth Low Energy ‐ BLE• Originated by Nokia… merged into Bluetooth standard in 2010• Low power requirements, "months or years" on a button cell• Small size and low cost• Compatibility with a large installed base of mobile phones WiFi devices
• Bluetooth (Classic)• Developed by Ericsson in 1994 as a wireless technology for exchanging data over short distances between fixed and mobile devices, and for implementing small (<7 device) PANs (Personal Area Networks)
• Bluetooth 5: • Scheduled for late 2016: 4x range, 2x speed, and 8x data rate
Source: Bluetooth SIG24 © 2016‐2017 Telxxis
LPWA
• Lo‐Power Wide Area (LPWA) gaining ground in the race for IoT‐M2M networking technologies… including:• LoRaWAN ‐ LoRa Alliance• LTE‐MTC ‐ 3GPP LTE• UNB ‐ Ultra Narrow Band
Sigfox… and others• Weightless ‐ Weightless SIG.
25
Source: Machina Research; 2015
© 2016‐2017 Telxxis
LoRa ‐ Low Power WAN
• Provides a ‘longer’ range, multi‐kilobit throughput wireless network capability• Uses Chirp Spread Spectrum (CSS) with integrated Forward Error Correction (FEC).
• Adaptive Data Rate (ADR) for improved battery management and network utilization
26 © 2016‐2017 Telxxis
SIGFOX (France)
• SIGFOX is an IoT Services provider… building‐out Ultra‐Narrow Band (UNB) networks with partners in a number of countries
• 1000km distances… at extremely low bit ratesi.e. 12 bytes per message, and <140 messages per day per device
• 20‐year AA‐battery life possible on devices
• Well‐suited for Telemetry, Monitoring, and Alarms
27 © 2016‐2017 Telxxis
RPMA ‐ Random Phase Multiple Access
• RPMA ‐ recent Low‐power Wide‐area communication topology• Uses direct‐sequence spread spectrum (DSSS)
with multiple access
• Uplink 624 kb ‐ Downlink is 156 kb (max) • Access points can cover 100’s of miles• Optimized to maximize range, conserve power, while providing low/moderate data throughput
28 © 2016‐2017 Telxxis
3GPP LTE‐M / LTE NB:
LTE‐M (Long Term Evolution ‐ Machine type Communications)• 3GPP Release 13 (2016)
LTE M1Machine Communication
LTE NB‐1NarrowBand
29 © 2016‐2017 Telxxis
Modem/device category
Category M1 (eMTC)
Category NB1 (NB‐IoT)
Downlink peak rate 1Mb 170kb
Uplink peak rate 1Mb 250kb
Duplex Mode Full/Half Half
UE receive 1.08MHz 180kHz
UE transmit 20/23dBm 20/23dBm
Modem complexity Low Very Low
Session CERT 02 ‐ Part 3DNA of IoT ‐ Security Considerations
Security is perceived as the ‘achilleas heel’ of IoT…mostly fueled by poor designs or deficient implementations.Here are the basic Security tools needed.
© 2016‐2017 Telxxis30
IoT Security Model
© 2016 Telxxis31
With apologies to:
• All Periscopes UP!
• All Hatches Closed
Constant Look‐out for Threats
It only takes one vulnerabilityto jeopardize the entire system
Security Basics: PKI ‐ Public Key Infrastructure
• Public Key Infrastructure (PKI) provides, stores and distributes digital certificates, which are implemented to enable users or devices to securely communicate on an insecure networks.
• PKI provides cryptographic enablement of a trust relationship:• Digital Certificates• CA ‐ Certificate Authority• RA ‐ Registration Authority• VA ‐ Validation Authority• Certificate Directory & Management
32 © 2017‐2016 Telxxis
Security Basics: TLS / DTLS / eDTLS
• TLS – Transport Layer Security• The most widely deployed protocol for securing network traffic• Uses TCP• Requires reliable, in‐order packet delivery
• DTLS – Datagram Transport Layer Security• Designed for UDP• Works over constrained platforms and networks• Works with unreliable, out‐of‐order packet delivery
• eDTLS ‐ embedded Datagram Transport Layer Security• TLS over UDP ‐ stateless• Reduces state‐machine code size• Compress handshake protocol messages, reduce application data overhead
33 © 2017‐2016 Telxxis
Security Basics: Trusted Platform Module (TPM)
• Trusted Platform Module: Maintained by Trusted Computing Group (TCG)
• Secure generation of cryptographic keys, and limitation of their use• Remote attestation –an ~unforgeable hash key summary of the hardware and software configuration.
• Encrypts data and specifies a state in which TPM must be in order for the data to be decrypted
• TPM chip has a unique and secret RSA key burned in
© 2016‐2017 Telxxis34
Security Cosideration ‐ Application Permissions
• Issues:• Network & Physical Security /• User Privacy• Policy / User Permissions
• Example: Medical Monitoring ‐ HVAC Control• You probably WOULD let your medical monitoring application read the thermostat in your residence; to adjust dosage based ambient temperature
• You probably WOULD NOT let an HVAC / Smart Energy system read any of your medical information
Asymmetrical permissions and provisioning are needed across apps…
35 © 2017‐2016 Telxxis
BlockChain for IoT
• Blockchain technology NOT limited to currency ledgers (e.g. BitCoin)• Blockchain in IoT
• Trustless peer‐to‐peer messaging• Secure distributed data sharing• Massively scalable device coordination
• Blockchain could hold a validated distributed history of individual devices, by recording a ledger of data exchanges between things, web services, and users
• ADEPT: Blockchain IoT proof‐of‐concept ‐ IBM & Samsungusing Ethereum, BitTorrent, and TeleHash
36 © 2017‐2016 Telxxis
IoT + M2M Tutorial