The Internet of Things (“IoT”) is a recent development in which everyday objects have connectivity to data networks allowing them to send and receive data to other devices or systems. The connectivity enables the devices to achieve greater value and service by exchanging data with other systems, servers and controllers. Sometimes this connectivity is used for remotely monitoring and remotely controlling the connected device. IOT systems generally refer to the integrated use of telecommunications devices in embedded systems for transmitting, receiving, controlling, remotely storing and processing information. More simply, IOT refers to smart devices sending, receiving and storing, information via telecommunication devices over the World Wide Web (“WWW”).
Other than the convergence of telecommunications and information processing, the term IOT may also refer to automation of various processes relating to the controlling and managing remote devices and systems. For example, an IOT system can report the inventory status of a remote vending machine, operate its e-payment systems, update its advertising display-content on the exterior of the machine and report its interior temperature to provide an enhanced experience for the customers. IOT systems can allow a homeowner to remotely monitor and control the heating and air conditioning systems utilizing a smart thermostat while it is also connecting to centralized servers to support intelligent energy efficiency and consolidated energy usage reports. It may also synchronize the energy usage with other nearby systems to smooth out localized energy usage peaks, lowering overall peak energy demand on public utilities such as electricity and natural gas. It may monitor weather conditions and synchronize water usage for non-essential activities such as landscape watering and fountain or pool water replenishment.
An IOT device may be connected to a larger network, usually the Internet, using an ever-expanding number of methods. Early connected devices were networked with each other using proprietary localized networks created using multi-drop serial networking techniques or simple non-standardized, proprietary wireless networks. Those devices generally communicated with local gateways or controllers and were rarely remotely operable. As wide area networks were established, creative ideas drove the concept of connecting and controlling devices beyond the reach of the local network. As new technologies drive the cost of embedded electronics, sensors, and connectivity lower the interconnection of devices and systems becomes more common.
Another major development that has contributed to the expansion of the IOT is the rollout of centralized “cloud computing” services. Cloud computing allows application software to be operated using centralized, sometimes virtualized, Internet connected services. The foundation of cloud computing is based on the broader concept of shared services and a converged infrastructure. Cloud computing or simply “the cloud” relies on the sharing of resources and the economies of scale to deliver services. Combining the capabilities of the low cost, emerging and connected smart devices with the expanse of connected cloud computing environments has created a technological opportunity to develop innovative solutions that will enhance automation in nearly every aspect of life.
Early Internet connected devices required complicated and expensive gateways to establish the Internet Protocol (“IP”) connectivity. In the early days of the IOT, Ethernet, the primary physical connectivity medium, required expensive and power hungry hardware. The software stacks to implement IP were large and complicated and not easily ported to hardware systems unless the hardware included significant processing power and memory. Many of those IP stacks required an advanced operating system that further drove the hardware complexity. Over the last few years, micro computing and memory technologies have advanced to the point where the full operating systems can be ported to very small and cost effective platforms. Some of the new single-chip micro computing platforms that have been introduced over the last five years are powerful enough to include an IP stack, real-time operating system and sensor management to support an advanced smart device.
Advances in the various physical layer communication devices and technologies have also encouraged the deployment of connected devices. For example, Wi-Fi is a wireless local area network (“WLAN”) computer networking technology that allows electronic devices to connect directly to the Internet thru a Wi-Fi wireless access point (“WAP”). Wi-Fi networks typically operate using low power transmitters on unlicensed spectrum at either 2.4 GHz or 5 GHz. The specifications for Wi-Fi networks are based upon IEEE 802.11 standards. Although the name “IOT” infers a connection to the Internet, in many cases the connection is using a medium and technology that may using “Internet Protocol” [IP] but may not have direct connection or access to the public Internet. The reasons for selecting a different connection type are many and may include the perceived security of an isolated network.
As the network of connected devices expands the critical nature of the information carried to and from these connected devices expands. Some of the information may be critical because it carries command and control messages that may create undesired affects on the users. Mismanagement of industrial control systems (“ICS”), which include supervisory control and data acquisition (“SCADA”) systems, distributed control systems (“DCS”) and smaller control systems including programmable logic controllers (“PLC”) in the industrial control sectors can lead to significant challenges. ICSs are typically used in industries such as electric, water, oil, gas and transportation, as well as manufacturing sectors such as chemical, pharmaceutical, pulp, paper, food and beverages. The threats and vulnerabilities to these systems are widely recognized. For example, errant control of wastewater management systems can lead to significant environmental damage. Another example might be a traffic signal control network in a metropolitan area. Mismanagement of the control and synchronization of stop lights on a roadway can increase travel times, increase fuel usage, add to air pollution and raise tempers. On a more simplistic level, mismanagement of a water sprinkler control system can wreck havoc with an individual's landscaping, but on a broader scale, it can cause massive water shortages in a region if a significant number of systems were activated simultaneously.
The above examples highlight industrial command and control systems, but equally important are simple domestic remote monitoring and control systems for home management that operate on the Internet. A thermostat that monitors household temperature and is controlled by human presence could publish the thermostat status to a “cloud” server. A home security alarm system could publish the armed/disarmed status to a “cloud” server. Both systems could lead to significant vulnerabilities if that information becomes available to local criminals.
Any time data travels from a machine-to-machine device, computer, smart phone, tablet or similar user operated device, over an accessible medium, whether it is wireless, wired or optical or any other usable and accessible medium, the data is subject to vulnerabilities and threats from unwanted parties. New security solutions must be able to secure the data, regardless of the source and the destination or the medium used to carry the data. Unencrypted data transmission using the wireless wide area networks (“WWAN”) using modern CDMA, HSPA or LTE networks is very secure over the air interface. However, some portion of the transmission also traverses a wired IP network where the unencrypted data is vulnerable.
Mobile applications on smart phones or tablets are a significant user of mobile data, and many, if not most use the public WWAN networks for data communications. In reality, the air interface of the WWAN turns out to be the most secure medium carrying the data traffic from the device to the application servers. The WWAN air interface is far more secure that Wi-Fi for carrying application traffic. Unfortunately, the “last mile” from the tower to the device is only a small part of the path carrying the data.
It is becoming customary to use Public Key Infrastructure (“PKI”) cryptography methods such as Transport Layer Security [TLS] to secure consumer data between consumer devices and the application servers. Unfortunately TLS using standard PKI methods only solves part of the security problem. The desire of modern data security systems is to insure confidentiality, authenticity, and integrity. Without going into all the possible system vulnerabilities, it should be obvious to most that security weaknesses are discovered almost every day with existing data security techniques.