While the world of the Internet of Things (IoT) might seem today like the Wild West, it is actually very like the early days of mobile Internet.
This point was made by Geoff McGrath, director, Data Monetisation and Management, CK Hutchison, at the recent TechFire event, in association with Three, dealing with the IoT data deluge.
“In security terms, there is no one answer when there are so many points of vulnerability for the operating system, through the application layer to the data layer, and how you can get into the network. It is an extraordinarily complex problem that does not benefit from the heterogeneous nature of it all,” Macario Namie, Cisco
McGrath had said that while he acknowledged there would be a flood of data from IoT into the enterprise, he said he was not interested in Big Data, but rather in big insights.
Achieving those insights said McGrath would require infrastructures where everything could talk to everything else, requiring standards, trust and security. However, he said, we are not yet at that stage.
Like the early days of mobile internet, McGrath said that the early adopters would develop standards for niches, and special areas of operation that would eventually come together and form the basis of a set of standards to govern the whole, making it more useful.
Trust and security
The themes of trust and security were raised many times, and a question from the floor asked for examples of where IoT had led to security issues.
Macario Namie, head of IoT Strategy, Cisco and early Jasper executive, highlighted the Mirai botnet incident, but said the Stuxnet example was probably more illustrative of how machine control could be hijacked.
He also gave the example of the North American Casino in Las Vegas where a salinity sensor on an aquarium was compromised allowing attackers access to the network which led to a data breach resulting in the loss of personally identifiable information.
McGrath said that sometimes a weakness of IoT is not even that which results in a breach, but rather unintended consequences. He highlighted the case of instrumented running shoes where a manufacturer discovered that the vast majority were not used for running at all, leading to a change in focus from performance technology to more aesthetic considerations. An audience member also cited the Strava fitness app case where harvested data revealed inner layouts of classified facilities such as airbases and intelligence facilities.
Edge style
Formula 1 was given as an example of an early pioneer for IoT usage, but whose examples are still being employed. McGrath said that early on in telemetry usage in the sport, data was collected locally, processed locally and only the most vital elements sent back to base.
That model he said, now co-opted as edge computing, meant that sensor traffic bandwidth could be kept to a minimum, processing done close to the data and only the insights sent back to base where they could be immediately used to take action.
Dr Stephen Daniels, CTO, Ei Electronics and NuWave Sensors, described how IoT-enabled smoke alarms was transforming their business from selling smoke detection capability to selling a safety service. However, he highlighted his challenge in managing devices deployed for a mandatory 10-year lifespan in social housing projects where post-deployment access was limited if possible at all.
“Every packet I send to them consumes power, but it still has to perform for the time frame,” said Dr Daniels. “The payload of data, and how I manage it is critical. Few existing protocols are up to it.”
However, citing the case of the Voyager spacecraft and their highly efficient use of limited data bandwidth, power and onboard processing capability, Dr Daniels was hopeful that progress is possible.
A show of hands in the room revealed that only 10% of audience members considered their organisations as users of IoT technologies, with around the same saying they were evaluating.
Blockchain answers
With concerns again turning to security, a question from the floor asked if blockchain might be an answer to IoT security.
Namie said that it was certainly under evaluation for that purpose but that it was very early days yet. From Cisco’s perspective, Namie said that when IoT devices can have security implementations that can vary from five months to five years old, it is better to have security built into the network as an IoT device’s first point of contact.
It was also mentioned that the scale of IoT could also pose problems for blockchain, which has not yet solved such issues even when applied to the more familiar areas of financial applications and supply chain assurance.
“In security terms,” said Namie, “there is no one answer when there are so many points of vulnerability for the operating system, through the application layer to the data layer, and how you can get into the network. It is an extraordinarily complex problem that does not benefit from the heterogeneous nature of it all.”
“Security is the biggest existential threat to IoT, but I don’t think that it is ever going to be perfect, so we need to embrace it one niche at a time and work with the experts,” said McGrath.
TechCentral Reporters
Subscribers 0
Fans 0
Followers 0
Followers