Upload
buixuyen
View
214
Download
0
Embed Size (px)
Citation preview
Internet of Things
The Importance of IoT in Today’s World
Agenda
● Introduction
● Market landscape
● Key aspects and reference architecture
● Device managemet
● Security
● BigData
● API management
● Freescale
The History
● 1926 - Tesla: “When wireless is perfectly applied the whole earth will
be converted into a huge brain, which in fact it is, all things being
particles of a real and rhythmic whole”
● 1990 - Simon Hackett and John Romkey created The Internet Toaster
● 1999 - Kevin Ashton proposes the term "Internet of Things"
● 2009 - More “things or objects” are connected to the Internet than
people
● 2010 - 12.5 billion devices are connected to the Internet
The Internet of Things
● Machine to Machine interaction
● RFID enabled tracking
● Wireless sensor networks
● Broadly merged functionality M2H, M2M
● Low power embedded systems
● Ever increasing numbers and diversity
● Where web meets the physical world
● Intelligent system of systems
Where is it/will be?
● Mobile, home, embedded applications
● Every seat in a car, bus,airplane, subway
● Every sign, poster, notice, piece of mail, item of food
● Internet connected wearables
● Smart Homes, connected cars,...
● Everywhere where people exist
● Gartner estimates 26 billion devices by 2020
Why do we need it?
● More than two billion gallons of fuel wasted in traffic jams
each year
● By 2025: 37 cities worldwide will have a population over
ten million.
● By 2026: The doctor shortage in population centers will
have increased 10x.
● By 2030: Energy demand will have grown by 40%.
What can we do with it?
● Search for things:
● Find the state or other parameters of a thing
● Manage and control things
● Monitor and predict when things break
● Exploit things as managed resources
What can we do with it?
● Improve medical outcomes
● Lower production costs
● Improve service
● Optimize energy consumption
● Turn data into valuable business intelligence
● Meaningfully exchange data
● More examples in...
Wearable devices
● Watches, rings, glasses
● Cloth and shoes
● Recent examples:
o Google Glass
o Apple watch
o Fitness-oriented wearables (Jawbone)
o https://jawbone.com/up - movie
Health Care
● Monitoring infant’s: breath, temperature, body position
and activity levels from a mobile app
● Wearable ECG, respiration and heart rate sensors
● GlowCaps for pills
● Smartphone sensors to monitor movement and location
● Wristbands in hospitals to locate patients and monitor
treatment stages
● Braille interface navigation
● Glucose monitoring
Home
● Efficient air conditioning
● Efficient lighting
● Optimizing energy consumption
● Tracking down lost objects
● Preventing disasters (fire, smoke,..)
● Managing and monitoring devices from an app
● Smart propane tanks and sprinkler controls
● Smart refrigerators and smart egg trays (Eg minder)
● Sensor-driven, Wi-Fi-enabled, self-learning (Nest labs)
Industry
● Automate process controls
● Optimize plant safety
● Asset management:
o Predictive maintenance
o Measurements to maximize reliability
● Real-time optimization of:
o Manufacturing production
o Supply chain networks
Example
● Traffic camera monitors the road for accidents/jams
● Communicates status to a Gateway
● Gateway combines and shares to the Cloud
● Data across systems is gathered and analyzed
● Insights from the traffic data are communicated to other
systems( public transportation, digital signage,..)
Cloud
Internet
BigData Data-
Center
GATEWAY
App
App
Lan
Sensor hubDevice
Generic
Network
Topology
Architecture
Main Challenges
● Security
● Scalability
● Power consumption
● Software updates
● Failure recovery
● Connectivity
● Device management
● Collection, analysis and actuation of Data
How is this possible?
● Ant-sized radios
● Fitted onto tiny silicon chips
● Cost only pennies to make
● Energy efficient to the point of being self-sufficient
How is it done?
First stage: Connection
● Connect Existing Resources
● Build What’s Required
● 85% of devices today are not connected
● Devices are characterized by diversity of architectures,
connectivity options, memory constraints
● Gateways - vital for ensuring integrity, uniformity, and
validity of data
How is it done?
● Stage 2: Data Management
● “Write once, analyze later” paradigm doesn’t scale
● Intelligence is required throughout end-to-end system
● IoT Platforms, Device Clouds, Edge Management
● Security considerations: Who can you trust to store and
analyze your machine data?
How is it done?
● Stage 3: Analysis
● Extracting insights from data over time and in real-time
● 80% of data collected today is unstructured
● Real-time analytics will allow predictive maintenance of in-
service equipment and other use-cases
● Adaptive analytics will unlock insights based on analysis
of large data sets
Internet of Things
The Market Landscape for IoT
Market Evolution
● Passive things:
o Remotely identifiable
o Connectable
o Relatively dumb
● Examples:
o RFID-tagged books
o Furniture items
o Spare parts
Market Evolution
● Active things:
o Can exchange sensory data
o Control information
o Gain a level of interaction
● Examples:
o Roads
o Bridges
o Farm animals
Market Evolution
● Aware things:
o Process data
o Response to events
o Take action
● Examples:
o Driverless trains
o Electrical appliances
o Doors, windows
Market Evolution
● Autonomous things:
o Make decisions based on built-in rules running locally
or remotely
o Can be self learning
● Examples:
o Intelligent thermostats
o Smart grids
o Self-driving cars
http://www.solarroadways.com/intro.shtml
Autonomous
Aware
Active
Passive
2012 2014 2016 2018
Market opportunities
● Short-term (1-2 years):
o Active and aware things
o More focus on the things themselves
o Things equivalent of the killer app
o Less emphasis on backend or cloud
Market opportunities
● Medium-term (2-5 years):
o Aware and autonomous things
o Focus on infrastructure and platforms
o Management of things and the data they
create
o Cloud, Big-Data analysis
Early-adoption scenarios
● Identification and tracking:
o Where the benefit of knowing where things are
outweighs the cost of doing so
o Where connecting is easy with infrastructre in place
● Monitoring:
o Environmental monitoring
o Smart roads and bridge-monitoring sensors
o Dynamically map transport conditions
Early-adoption scenarios
● Integrated control:
o In health care (control apps, smart pens)
o At home (Smart TV, set-top boxes)
● Predictive business analysis
● Early response
● Efficient processes and service delivery
● Smart homes
Early-adoption scenarios
Trends and Technologies
● Software-defined networking:
o Applications and software can access APIs of
routers, switches, and other low-level
networking devices
● Cloud technologies
Trends and Technologies
● Standards and norms for IOT:
o IBM’s MQTT communications protocol for sensors
● Miniaturization:
o New ultra-low-power microchips
o Power harvesting sensor chips
● Mobile technologies:
o accelerometers, GPS, NFC,..
Facts and Forecasts
● Business Insider: IoT will surpass the PC, Tablet and
Phone market combined by 2017
● Asia and Latin America lead in implementation
● Cisco: IoT has the potential to grow global corporate
profits by 21 percent in aggregate by 2022.
Facts and Forecasts
● The Economist: 95% of chief experience officers expect to
launch IoT businesses in the next three years.
● Between 2010 and 2020, China is expected to spend
$603 billion on M2M tech for its cities.
● US and Europe are making great strides in the IoT
Internet of Things
Key Aspects and Reference Architecture
Reference Architecture
● Billions of connected devices
● We need:
o a way to interact with them
o a scalable architecture that allows Disaster recovery
o automatic updates and remote management
o to secure the collected data
o a strong basis for further development
Reference Architecture
● Core concerns:
o Communication and connectivity
o Device Management
o Data collection and analysis
o Scalability
o Security
Device types
● 8-bit SOC controllers
o Arduino
o No operating system
● Atheros (Qualcomm) or Arm processor based
systems
o Arduino Yun
● 32/64 bit computing platforms
o Raspberry Pi, BeagleBone
Arduino Arduino
IDE
Raspberry
Pie
Communication
● Short range:
o Bluetooth low energy BLE
o RFID and NFC
● Medium range:
o Zigbee, other mesh radio networks
● Long range:
o Wifi, Direct Ethernet, 3/4/5G
Communication
● ZigBee:
o Supports multiple network topologies (point-to-point,
point-to-multipoint and mesh networks)
o Low duty cycle – provides long battery life
o Low latency
o Up to 65,000 nodes per network
o 128-bit AES encryption for secure data connections
o Collision avoidance, retries and acknowledgements
Communication protocols
● HTTP
● MQTT:
o M2M, IoT connectivity protocol
o Very lightweight pub/sub messaging transport
o Low latency, assured messaging
o Efficient distribution to one or more receivers
o Better at high volume of low size messages
o Provides a two-way communication channel
o Uses SSL/TLS on top of TCP stream
MQTT topic-based example
● A sensor pushes telemetry values on a topic:
o greenhouse/42/temperature
o greenhouse/42/humidity
o greenhouse/42/luminosity
● Actions are on another topic
o greenhouse/42/open-the-roof
o greenhouse/42/close-the-windows
Communication protocols
● CoAP - Constrained App Protocol:
o UDP based
o RESTful protocol
o Excellent for contained devices and networks
o Specialized for M2M
o Datagram Transport Layer and Certificate
Security
● URI: coap://hostname/lamps/12/status
Deployment
Server Side
Cloud
TCP/UDP
WiFi
Ethernet
Arduino
Raspberry
Pi
Application
Internet of Things
Device Management for Connected Devices
The challenge
● Various:
o Technologies
o Hardware
o Devices
o Applications
● How do we manage all this?
What is device management for?
● Configure a device
● Enroll a device
● Update firmware
● Monitor and gather connectivity statistics
● Secure a device
● Manage fleets of deployed devices
To enroll the device
● A need for an Agent App
● Specific agents for specific hardware
● Identify the device
● Identify the owner of the device -
Authentication
To enroll the device
● If the device has a UI:
o Common username/password identification
● Options if there is no UI:
o Store the unique ID of the device in the server
o Register the device, then activate from the server
o Separate agents for each device with a unique ID
o Generate a unique ID in the server and use in the
agent
To query the device
● The agent:
o Passes the device metadata (model, vendor,
os,..) to the server
o Passes the device capability (what it can do)
o The server executes device management
commands on the device
Device Management: Protocols
● Main goal: Provide an application agnostic way to
manage devices
● TR - 069:
o SOAP based, not very useful for IoT
● OMA - DM
o HTML/XML based with binary XML encoding
● Lightweight M2M
o OMA-DM successor for M2M
Device Management: Protocols
● OMA - DM:
o An Open Mobile Alliance standard for Device
Management
o Targets mobile phone terminals, but can be
used in M2M
o Meant to be used by mobile phone operators
Device Management: Protocols
● OMA - DM Features:
o Read, write configuration or monitoring nodes
o Trigger remote commands
o Firmware Update Management Object
o Software Component Management Object
Device Management: Protocols
● OMA - DM firmware update example:<Add>
<CmdID>1</CmdID>
<Item>
<Target>
<LocURI>./FwUpdate/{package identifier}/DownloadAndUpdate/PkgURL</LocURI>
</Target>
<Data>http://{package download server http address}/{update_package.pks}</Data>
</Item>
<Item>
<Target>
<LocURI>./FwUpdate/{package identifier}/PkgName</LocURI>
</Target>
<Data>{package name}</Data>
</Item>
</Add>
Replace the
DownloadAndUpdate/
PkgURL with the
package download
URI.
Device Management: Protocols
● OMA - DM firmware update example:<Exec>
<CmdID>2</CmdID>
<Item>
<Target>
<LocURI>./FwUpdate/{package
identifier}/DownloadAndUpdate</LocURI>
</Target>
</Item>
</Exec>Set the Exec command to the
DownloadAndUpdate node so that it
initiates the download and immediate
installation of the package contents.
Device Management: Protocols
● Lightweight M2M:
o New Open Mobile Alliance standard
o OMA-DM successor for M2M targets
● Features:
o Firmware upgrades
o Device monitoring and configuration
o Server provisioning
Device Management: Protocols
● LWM2M
o Interface flows:
Device Management: Protocols
● LWM2M example
o Registration:
IoT application architecture
Linux OS
Supervisor
App1 App2 App3
Cloud serversOMA-DM
MQTT/CoAP
Radio
ModuleLow
power
App
Network
Operator
OMA-DM
OMA-DM
Internet of Things
Security Challenges for IoT
Is it needed?
● Google hacking:
o Search queries that identify endpoints with a security
flaw: intitle:cam inurl:ViewerFrame?Mode=
o Get access to roadcams that were not meant to be
publicly visible
o 2011: Hack against Fitbit identified users that recently
had sex: “sexual activity” site:fitbit.com
o Source: forbes
o Hack against the website, not the device itself
Is it needed?
● Jun 2013:
o A google hack pointed to a list of “smart homes”
o All homes had the same automation system that
allowed remote control of lights, hot tubs, fans,
televisions, water pumps, garage doors, cameras, and
other devices
o No authentication was required to activate and use the
connected devices remotely
● Source: forbes
Is it needed?
● Jan 2014:
o Security researcher followed an IP that was sending
spam
o The IP address belonged to a fridge
o The researcher managed to log-in and use the fridge’s
web-admin
o The manufacturer embedded a linux system with no
security enabled
● Source: BBC
Is it needed?
● Shodan: http://www.shodanhq.com/
o A search engine to find devices that are
connected to the internet
o Allows to find: traffic lights, security cameras,
home heating systems, control systems for
water parks, gas stations, water plants, power
grids, nuclear power plants, particle-
accelerating cyclotrons ...
Is it needed?
● Shodan: http://www.shodanhq.com/
o Many devices have little security
o "admin" as username and "1234" as password
o Other devices are simply unprotected
o The only tool needed: an internet browser
o How to find and hack devices using Shodan: WonderHowTo
● Google:
o exploit-db
o Try this or this
How is security in IoT different?
● The data is highly personal
● Manufacturers don’t think like security experts
● Embedded systems are developed using existing designs,
chips…
● Device capabilities (crypto) are limited
● Updates are hard or impossible
● Ease of use is at odds with security
Physical Hacks
● 2008: Dutch government issued a warning about the
security of access keys based on the MiFare Classic
RFID chip widely used in building-access and public
transportation payment cards in Europe
● ...And every military base in the Netherlands
● $3000 equipment was used to hack it
● 2014: NFC hack for Android devices enables to unlock
any android phone with NFC by simply picking it up
● Source: computerworld
Security guidelines for IoT
● Not to rely on obscurity :
o RFID, NFC chips might not be as secure as you think
they are
● Hacking one device should not risk other devices of the same type
● Connectivity:
o Connection protocols might be encrypted
o Stages before the encryption (key exchange) are
neglected (Bluetooth Low Energy)
Security guidelines for IoT
● RSA cryptography on 8-bit chips is slow (minutes), painful and
expensive ...and you can’t replace them with ARM because cost
matters:
o 8 bit chips: 5$ retail, 1$ or less to embed
o 32 bit chips: 25$ retail, ++ to embed
● Elliptic Curve Cryptography is an alternative:
o ATECC108 8-bit chip provides a full turnkey Elliptic
Curve Digital Signature Algorithm engine with 238 bit
keys
Security guidelines for IoT
● Also there is Speck - a family of lightweight block ciphers!
o But they are released by the NSA
● People think that Wifi chips (WPA) provide security
o They secure only in the LAN
o Do not solve the end-to-end crypto problem
Security guidelines for IoT
● Traditional security:
o Firewalls
o Perimeters
● Not suitable for IoT:
o Devices are out in the: field, cars, homes…
o Devices are moving and stationary
o The identity of the device should act as it’s security
perimeter
Security guidelines for IoT
● Passwords?
o Designed to be input on-the-fly/on-demand
o Designed to be changed
o Do not work well with humans
o Do not suit the connected devices
Security guidelines for IoT
● Giving a device a token to use on API calls is better than
giving it a password:
o Revocable
o Granular
● Relevant for:
o Device to cloud
o Cloud to app
Security guidelines for IoT
● Alternatives for passwords:
o For devices: OAUTH 2 - an open standard to
authorization
o For humans: OpenID connect - an authentication layer
on top of OAUTH 2
o Example: You use it when you authorize an app to this
and not to do that on your device
o Challenge: Both OAUTH and OpenID were made to
work with HTTP, not MQTT
Security guidelines for IoT
● Do not rely on firewalls only:
o Monitor for failed access attempts
o Use real-time event processing for fraud detection:
Identify hackers
Identify devices that may have been compromised
● Device management is vital:
o Update devices with secure keys
o Lock compromised devices remotely
Security guidelines in general
● How are you going to protect the privacy of your users?
● Privacy by design:
o Design the system to avoid privacy breaches
o Flatten the data rather than storing a record
per user+date
o Don’t store data you don’t require
o Delete historic data that is not needed
Internet of Things
Data, Big Data and Real Time Analytics for Connected Devices
Big Data analytics
● Data is increasingly being gathered by sensors, software logs,
cameras, RFID readers, wireless sensor networks e.t.c
● Volume:
o Terabytes to exabytes of data to process
● Velocity:
o Streaming data, milliseconds to respond
● Variety:
o Data in many forms: structured, unstructured, text,
multimedia...
Big Data analytics
● Conventional analytics tools/platforms cannot keep up
● Big Data analytics:
o Conventional analytics
o On Big Data framework
o Real time
o Advanced text analysis
o Machine learning
Big Data analytics
● Scenarios:
o IT infrastructure optimization
o Social network analysis
o Churn analysis
o Advertising
o Fraud detection
o Equipment monitoring
Retail In-Store example
● Real-time, localized, micro segmented offers
● Driven by customer profile, need, store stocks and local
influencers:
o weather
o birthdays
o graduations
o e.t.c
Retail In-Store example
● Step 1 - Inputs:
o Customer profile and activity data
o Channels - digital, contact center
o Sensors to detect hotspots
o Shopping data - trolleys with RFID tags and
beacons
o In-shop camera data - detect where does the
customer spend most of the time in the shop
Retail In-Store example
● Step 2 - Micro Segment creation
o Customer X is associated with segment Y
o Can be done in batch or in real-time
● Step 3 - Analytics model
o Decide and choose a promotional offer
o Deliver to the smartphone/tablet of the user and the
Point of Sale device
o Can be done once or in continuous channel-customer
interaction
Decision Model for IoT
Real-time
processing
Incoming
data
Storage
Batch
processingModels
Decision
system
Scoring Actions
Data processing tools landscape
● Real-Time processing tools
o Process on-the-fly, without storing
o Stream processing, complex event processing
o Apache Storm
● Databases
o Index based queries
● In memory computing
o Spark, Hana, VoltDB
Data processing tools landscape
● Interactive processing
o Apache Drill, BigQuery, OLAP cubes
● Per record processing
o MapReduce, Spark
● NoSQL/ HDFS
Lambda architecture
● Handle massive quantities of data by using both batch- and stream-
processing methods
● Batch processing to provide comprehensive and accurate
precomputed views
● Real-time stream processing to provide dynamic views
● Attempts to balance latency, throughput, and fault-tolerance
● Intended for ingesting and processing timestamped events that are
appended to existing events rather than overwriting them
Lambda architecture
Design considerations
● Edge processing
o Local processing for efficiency and high availability
● Last mile
o How to push actions?
o How to carry out actions that take time?
o How to avoid conflicts?
● Integration with the cloud
o Using other services and data from multiple sites
o Enabling better models and decision
o Privacy, data sensitivity
Design considerations
● Taking the human out of the loop
o Should be done gradually with fine grain
control
Provide alarms and course of action
Ask for user confirmation
Automate only selected actions
o Should be done carefully as we can’t foresee
all the outcomes
Internet of Things
API Management in the Context of IoT
API Billionaires club
● 2011 programmableweb.com:
o Twitter - 13 billion API calls/day
o Google, Facebook - 5 billion API calls/day
o Netflix, Ebay - 8 to10 billion API calls/month
o SalesForce - Over 50% of all traffic via API
o Amazon Web Services - Over 260 billion
objects stored in S3
IoT API Management
● A need for a standard access layer - API
o Heterogenous devices
o In large numbers
o Proprietary:
Protocols
Access control mechanisms
Data models
IoT API Management
● Web APIs => REST APIs are key for connecting devices
to the Internet:
o Driven by modern dynamic web-user
interfaces
o Driven by human-held mobile devices
o Lightweight
o Developer-friendly
IoT API Management
● Examples of modeling device capabilities as HTTP
resources:
o Humidity sensor:
http://ip/locationID/sensors/humidity - GET
o Turbine:
http://ip/locationID/actuators/turbine1/rotate - POST
http://ip/locationID/actuators/turbine1/status - GET
IoT API Management
● Sensor nodes participating in a flat or two-tier sensor
network are not IoT
● Unless you can get your data to higher end computational
devices
● API devices: sensors that are coupled to a device that
already speaks Web APIs
● An intermediate layer is needed to connect sensors and
networks to APIs, clouds, data-centers and devices.
IoT API Management
● Challenges require planning and foresight:
o Not every device/thing is API enabled
Smart-phones and tablets - are
A temperature sensor on a factory floor connected
via a wireless sensor network (WSN) - is not
IoT API Management
● Challenges require planning and foresight:
o Versioning/Updates
Not every device supports updates
o Support for ancient things
Devices have long lifecycles
o Performance and scalability
Long reliable operation with a large number of
devices
IoT API Management
● API management:
o Gateways management
o Security management
o Access management and control
o Authentication, authorization
o Leak protection
o Compliance and data security
IoT API Management
● Type 1: A single device with all API management
capabilities
● Type 2: The device gets all the requests and asks for a
confirmation from a separate authorization manager
● Type 3: An authorization gateway receives all the
requests, transmits the authorized requests to the device
● Type 4: A Combination of previous + Routing and stats
collection
● Type 5,6,.. : More complex patterns (Routing & Queues)
IoT API Management
● Sensor middleware and API Management for IoT play an important
role:
o Provide data fusion
o Contextual information
o Data communication
o Coordination and synchronization
o Data & protocol interoperability
o Privacy and security
o Fault tolerance
Emoncms - monitoring
● Open-source web-app for processing, logging
and visualising:
o energy
o temperature
o other environmental data
● Use-case: Create an energy model of your house
to work out where energy is lost and explore the
effect of measures
Emoncms
● System Overview:
Emoncms
● The system comprises of wireless sensor nodes
that send data at periodic intervals to a web-
connected base-station
● Base stations:
o Raspberry Pi with an RFM12Pi wireless adapter
o NanodeRF (Arduino + Ethernet clone)
● Data:
o AC Electricity, Temperature, Humidity, e.t.c
Emoncms
● Wireless nodes:
o emonTx - Electricity Energy Monitoring
o emonTH - Temperature and Humidity Monitoring
o emonGLCD - wireless LCD display. Can be added to
the system like any other node
● Log, process and display monitored data:
o Input processing allows to manipulate the input data
before storing it in the emoncms database.
Emoncms
● Visualisation and Dashboards:
o Zoom through large datasets, compare
multiple datasets by using the multigraph
visualisation builder
o Create dashboards out of a series of widgets
and visualisations with a fully visual drag and
drop dashboard editor